What should you recommend?

Your company has a main office and a new branch office. The network consists of one Active
directory domain. The branch office contains two member servers that run Windows Server 2008 R2.
One of the servers is configured as a file server that hosts shared folders. An administrator in the
branch office is responsible for maintaining the servers. You have a single DNS zone that is hosted on
a DNS server located in the main office. A wide area network (WAN) link between the branch office
and the main office is unreliable. You need to recommend a network services solution for the new
branch office. The solution must meet the following requirements:
• Users must be able to log on to the domain if a WAN link fails.

• Users must be able to access file shares on the local server if a WAN link fails.
• Branch office administrators must be prevented from initiating changes to Active Directory.
• Branch office administrators must be able to make configuration changes to the servers in the
branch office.
What should you recommend?

Your company has a main office and a new branch office. The network consists of one Active
directory domain. The branch office contains two member servers that run Windows Server 2008 R2.
One of the servers is configured as a file server that hosts shared folders. An administrator in the
branch office is responsible for maintaining the servers. You have a single DNS zone that is hosted on
a DNS server located in the main office. A wide area network (WAN) link between the branch office
and the main office is unreliable. You need to recommend a network services solution for the new
branch office. The solution must meet the following requirements:
• Users must be able to log on to the domain if a WAN link fails.

• Users must be able to access file shares on the local server if a WAN link fails.
• Branch office administrators must be prevented from initiating changes to Active Directory.
• Branch office administrators must be able to make configuration changes to the servers in the
branch office.
What should you recommend?

A.
Promote the member server to a domain controller and add the branch office administrators to
the Domain Admins group.

B.
Promote the member server to a read-only domain controller (RODC) and add the branch office
administrators to the Domain Admins group.

C.
Promote the member server to a read-only domain controller (RODC) and configure the DNS role.
Delegate administrative rights to the local branch office administrator.

D.
Promote the member server to a domain controller and configure the DNS role. Create an
organizational unit (OU) for each branch office and delegate administrative rights to the local branch
office administrator.

Explanation:
To ensure that the users in the branch office are able to log on to the domain even if the WAN link
fails, you need to promote the member server to a read-only domain controller (RODC) because the
RODC works as a domain controller and allow log in to the domains except allowing modifications
and changes to the Active directory domain. Delegating administrative rights to the local branch
office administrator after promoting a member server to a RODC will make sure that branch office
administrator is not allowed to initiate any changes to Active Directory but should be allowed to
make configuration changes to the servers in the branch office. Configuring the DNS role to the
member server, will ensure that the users are allowed to access file shares on the local server in the
absence of the WAN link. Without name resolution and the other services that are provided by DNS
servers, client access to remote host computers would be prohibitively difficult. DNS servers need to
be configured because in intranets computer users rarely know the IP addresses of computers on
their local area network (LAN).
DNS Server Role: Read-only domain controller support/ Who will be interested in this
server role?
http://technet2.microsoft.com/windowsserver2008/en/library/533a1cfc-5173-4248-914c-
433bd018f66d1033.mspx?mfr=true



Leave a Reply 0

Your email address will not be published. Required fields are marked *