###BeginCaseStudy###
Case Study: 4
Woodgrove Bank
Scenario:
COMPANY OVERVIEW
Overview
Woodgrove Bank is an international financial organization.
Physical Location
The company has a main office and multiple branch offices.
EXISTING ENVIRONMENT
Active Directory Environment
The network contains one Active Directory forest. A separate domain exists for each office.
Network Infrastructure
All offices have domain controllers that are configured as DNS servers. All client computers
are configured to connect to the DNS servers in their respective office only.
The main office has the following servers and client computers:
• One Windows Server Update Services (WSUS) server.
• Client computers that run either Windows XP Service Pack 3 (SP3) or Windows 7.
• Ten file servers that host multiple shared folders. The file servers run either Windows
Server 2003 or Windows Server 2008 R2.
• One domain-based Distributed File System (DFS) namespace that has two replicas.
The DFS servers run Windows Server 2008 R2. The DFS namespace is configured to use
Windows 2000 Server mode.
Each branch office has a WAN link to the main office. The WAN links are highly saturated.
Each office has a dedicated high-speed Internet connection.
All of the client computers in the branch offices run Windows 7.
User Problems
Users report that it is difficult to find the shared folders on the network.
REQUIREMENTS
Planned Changes
Woodgrove Bank plans to implement the following changes:
• Deploy a new Application named App1 on each client computer. App1 has a
Windows Installer package and is compatible with Windows XP, Windows Vista, and
Windows 7.
• Designate a user in each office to manage the address information of the user accounts
in that office.
• Deploy a new branch office named Branch22 that has the following servers:
• One file server named Server1.
• Two domain controllers named DC10 and DC11 that are configured as DNS servers.
Technical Requirements
Woodgrove Bank must meet the following technical requirements:
• Minimize hardware and software costs, whenever possible.
• Encrypt all DNS replication traffic between the DNS servers.
• Ensure that users in the branch offices can access the DFS targets if a WAN link fails.
• Ensure that users can only view the list of DFS targets to which they are assigned
permissions.
• Minimize the amount of network traffic between the main office and the branch
offices, whenever possible.
• Minimize the amount of name resolution traffic from the branch offices to the DNS
servers in the main office.
• Ensure that the administrators in the main office manage all Windows update
approvals and all computer groups.
• Manage all of the share permissions and the folder permissions for the file servers
from a single management console.
• Ensure that if a file on a file server is deleted accidentally, users can revert to a
previous version of the file without administrator intervention.
• Ensure that administrators are notified by e-mail each time a user successfully copies
a file that has an .avi extension to one of the file servers.
Security Requirements
Woodgrove Bank must meet the following security requirements:
• Access rights and user rights must be minimized.
• The Guest account mustoe disabled on all servers.
• Internet Information Services (IIS) must only be installed on authorized servers.
###EndCaseStudy###
You need to recommend changes to the DFS infrastructure that meet the company’s technical
requirements. What should you recommend implementing in each branch office? (Each correct
answer presents part of the solution. Choose two.)
A.
a DFS namespace server
B.
a DFS replica
C.
a standalone DFS namespace
D.
BranchCache in Distributed Cache mode
E.
BranchCache in Hosted Cache mode
Explanation:
When deploying domain-based namespaces, you can add additional namespace servers to host a
namespace.
This has several advantages:
If one namespace server hosting the namespace goes down, the namespace will still be available to
users who need to access shared resources on your network. Adding another namespace thus
increases the availability of your namespace.
If you have a namespace that must be available to users all across your organization but your Active
Directory network has more than one site, then each site should have a namespace server hosting
your namespace. That way, when users in a site need to contact a namespace server for referrals,
they can do so locally instead of sending traffic requests to other sites. This improves performance
and reduces unnecessary WAN traffic.
Note that adding additional namespace servers is only supported for domain-based namespaces, not
standalone namespaces.
http ://technet.microsoft.com/en-us/library/cc732863%28v=ws.10%29.aspx
DFS Namespaces enables you to group shared folders located on different servers by transparently
connecting them to one or more namespaces. A namespace is a virtual view of shared folders in anorganization. When you create a namespace, you select which shared folders to add to the
namespace, design the hierarchy in which those folders appear, and determine the names that the
shared folders show in the namespace. When a user views the namespace, the folders appear to
reside on a single, high-capacity hard disk. Users can navigate the namespace without needing to
know the server names or shared folders hosting the data.
The path to a namespace is similar to a Universal Naming Convention (UNC) path of a shared folder,
such as \\Server1\Public\Software\Tools. If you are familiar with UNC paths, you know that in this
example the shared folder, Public, and its subfolders, Software and Tools, are all hosted on Server1.
Now, assume you want to give users a single place to locate data, but you want to host data on
different servers for availability and performance purposes. To do this, you can deploy a namespace
similar to the one shown in the following figure. The elements of this namespace are described after
the figure.Namespace server. A namespace server hosts a namespace. The namespace server can be a member
server or a domain controller.
Namespace root. The root is the starting point of the namespace. In the previous figure, the name of
the root is Public, and the namespace path is \\Contoso\Public. This type of namespace is known as
a domain-based namespace, because it begins with a domain name (for example, Contoso) and its
metadata is stored in AD DS. Although a single namespace server is shown in the previous figure, a
domain-based namespace can be hosted on multiple namespace servers.
Folder. Folders help build the namespace hierarchy. Folders can optionally have folder targets. When
users browse a folder with targets in the namespace, the client computer receives a referral that
directs the client computer to one of the folder targets.
Folder targets. A folder target is a UNC path of a shared folder or another namespace that is
associated with a folder in a namespace. In the previous figure, the folder named Tools has two
folder targets, one in London and one in New York, and the folder named Training Guides has a
single folder target in New York. A user who browses to \\Contoso\Public\Software\Tools is
transparently redirected to the shared folder \\LDN-SVR-01\Tools or \\NYC-SVR-01\Tools, depending
on which site the user is in.