###BeginCaseStudy###
Case Study: 3
Baldwin Museum of Science
Scenario:
COMPANY OVERVIEW
The Baldwin Museum of Science is an internationally renowned museum of science history.
Physical Location
The museum has a main office and a branch office named Branch1. The main office has
5,000 users. Branch1 has 1,000 users. The main office connects to Branch1 by using a WAN
link. The WAN link is highly saturated. The museum has a sales department. All of the users
in the sales department have client computers that run Windows XP Service Pack 3 (SP3).
EXISTING ENVIRONMENT
Active Directory Environment
The network contains one Active Directory forest. The forest contains two domains named
baldwinmuseumofscience.com and ad.baldwinmuseumofscience.com. All user accounts and
computer accounts for all employees are in the ad.baldwinmuseumofscience.com domain.
The organizational unit (OU) structure for ad.baldwinmuseumofscience.com is shown in the
exhibit. (Click the Case Study Exhibits button.)
Network Infrastructure
The network contains the following servers and Applications:
• Application servers that run either Windows Server 2003 Service Pack 2 (SP2), Windows
Server 2008 SP2, or Windows Server 2008 R2.
• A custom Application named App1 that runs on all of the Application servers. App1 writes
events to the Application log.
• A line-of-business Application named App2 that requires Internet Explorer 6. All of the
users in the sales department run App2.
• File servers that run Windows Server 2008 R2.
The main office has the following:
• A two-node failover cluster that runs Windows Server 2008 R2 and has the Hyper-V role
installed and a Clustered Shared Volume. The failover cluster hosts four virtual machines
(VM) that run Windows Server 2008 R2. The VMs are stored on the Clustered Shared
Volume. Each VM runs Microsoft SQL Server 2008.
• A server named Server1 that hosts two shared folders named Sharel and Share2. Sharel
hosts 50,000 research documents that are shared by multiple users. Share2 hosts documents
that are created by users in the sales department.
Administration Model
All users in Branch 1 are members of global groups and universal groups. The groups are
located in an OU named Groups in the ad.baldwinmuseumofscience.com domain.
REQUIREMENTS
Planned Changes
The Baldwin Museum of Science plans to implement a new branch office named Branch2.
Branch2 wi and will be configured as a separate Active Directory site. Branch2 will be
configured to meet the following requirements:
• Minimize the cost of deploying new servers.
• Contain only client computers that run Windows 7.
• Connect to the main office by using a saturated WAN link.
• Contain only servers that run Windows Server 2008 R2. The servers will be configured as
either file servers or Web servers. The file shares on the file servers must be available if a
single file server fails.
In Branch2, if a single domain controller or a WAN link fails, users in the branch must be
able to:
• Change their passwords.
• Log on to their client computers.
Technical Requirements
The Baldwin Museum of Science must meet the following technical requirements:
• Hardware and software costs must be minimized whenever possible.
• All VMs must be backed up twice a day.
• All VM backups must include the VM configuration information.
• Events generated by App1 must be stored in a central location.
• An administrator must be notified by e-mail when App1 generates an error.
• The number of permissions assigned to help desk technicians must be minimized.
• The help desk technicians must be able to reset the passwords and modify the membership
of all users in Branch1.
• If a user overwrites another user’s research document, the user must be able to recover a
previous version of the document.
• When users in the sales department work remotely, they must be able to access the files in
Share1 in the minimum amount of time.
Security
The Baldwin Museum of Science must meet the following security requirements:
• All scripts that run on production servers must be signed.
• Managers in Branch1 must be allowed to access the Internet at all times.
• Web site administrators must not be required to log on interactively to Web servers.
• Users in Branch1 must only be allowed to access the Internet between 12:00 and
13:00.
• Users and managers must be prevented from downloading executable files from the
Internet.
• Administration of the corporate Web sites must support all bulk changes and
scheduled content updates.
###EndCaseStudy###
You need to recommend a highavailability solution for the file servers in Branch2 that supports the
museum’s planned changes. What should you include in the recommendation?
A.
a standalone Distributed File System (DFS) namespace and DFS Replication
B.
a domainbased Distributed File System (DFS) namespace and DFS Replication
C.
Failover Clustering and Clustered Shared Volumes
D.
Network Load Balancing (NLB) and Storage Manager
Explanation:
Distributed File System (DFS)
DFS is a method of both simplifying your organization’s shared folder structure and providing data
redundancy through replication. DFS lets you collect shared folders located on different servers into
one or more logically structured namespaces. Rather than having to remember which server hosts a
specific shared folder, they can access the DFS namespace and find all shared folders.
You can replicate a DFS namespace and folders within a site and across WAN links. A user connecting
to files within the shared folder structures contained in the DFS namespace will connect
automatically to shared folders in the same Active Directory Directory Services (AD DS) site (when
available) rather than across a WAN. You can have several DFS Namespace servers in a site and
spread over several sites, so if one server goes down a user can still access files within the shared
folder structure. The architecture of DFS ensures that a change to a file on a DFS share is replicated
quickly and efficiently to all other replicas of that DFS share.
Creating a DFS Namespace
You can create a namespace when you install the DFS Management role service, as shown in Figure
10-2, or create it later.
You can add additional namespaces by right-clicking DFS Namespaces in the DFS Management
console and selecting New Namespace. You can create namespaces on a member server or domain
controller running Windows Server 2008. However, you cannot create more than one namespace on
a server running Windows Server 2008 Standard edition. You can create multiple namespaces on
servers running Windows Server 2008 Enterprise and Datacenter editions.
A namespace is a virtual view of shared folders in an organization, and it has a path to a namespace
similar to a Universal Naming Convention (UNC) path to a shared folder. You can create two types of
namespaces:
Domain-Based Namespaces
A domain namespace uses a domain as its namespace root, such as \\adatum.com\MyNameSpace. A
domainbased namespace can be hosted on multiple namespace servers to increase its availability,
and its metadata is stored in AD DS. Domain-based namespaces can be created on one or more
member servers or domain controllers in the same domain, and metadata for a domain-based
namespace is stored by AD DS. Each server must contain an NTFS volume to host the namespace.
Multiple namespace servers increase the availability of the namespace. A domain-based namespace
cannot be a clustered resource in a failover cluster. However, you can locate the namespace on a
server that is also a node in a failover cluster provided that you configure the namespace to use only
local resources on that server.Standalone Namespaces
A stand-alone namespace uses a namespace server as its namespace root, such as
\\ServerA\MyNameSpace.
A stand-alone namespace is hosted on only one server. You would choose a stand-alone namespace
if your organization does not use AD DS, if you needed to create a single namespace with more than
5,000 DFS folders but your organization did not support Windows Server 2008 mode, or if you
wanted to use a failover cluster to increase availability.