###BeginCaseStudy###
Case Study: 2
Photo Processing
Background
General Background
You are a SharePoint administrator for an online photo-processing company named Contoso, Ltd.
Contoso’s primary customers are professional photographers. The Contoso SharePoint 2013
environment includes the sites described in the following table.
The intranet site includes a document library for each employee in which the employee stores
photos.
Technical Background
The SharePoint environment contains five front-end web servers that use Windows Network Load
Balancing (NLB) with NLB affinity set to None. The company maintains all processed photos in the
SharePoint content database. The content database uses RAID 5 storage. Photo files that are more
than one year old are rarely viewed. Employees actively use the default self-service site creation
feature.
The network infrastructure contains an Active Directory Domain Services (AD DS) environment. All
servers run Windows Server 2008 R2. The internal AD DS domain is named contoso.com. Active
Directory Federation Services (AD FS) is deployed in the LAN. Two AD FS proxy servers are deployed
in the perimeter network. Users log on to client computers by using the syntax
[email protected].
Contoso has a lab environment that includes a dedicated AD DS environment and SharePoint 2013.
The main lab SharePoint site is located at lab.intranet.contoso.com. A test site for a project named
Project2 exists under lab.intranet.contoso.com/corp. The default self-service site creation feature is
enabled for the test site.
Contoso has a development team that maintains the public website, maintains the intranet site, and
creates SharePoint apps. The development team recently created a SharePoint-hosted app named
App1 that converts .tif files to .png files.
Future Development
• Contoso is forming a new corporation named Proseware, Inc. that
will sell SharePoint apps. The company has acquired the proseware.com
domain name.
• Contoso is preparing to federate with Microsoft Office 365 and will
use the proseware.com domain for Office 365 services.
Technical Requirements
You must meet the following technical requirements:
• App1 must have access to each employee’s photo
document library.
• App1 must use Windows Authentication.
• Each front-end web server must use a single IP
address for all SharePoint sites and apps on that server.
• All SharePoint sites and apps must listen on port
9000.
• Office 365 must use single sign-on (SSO).
The company has established the following new monitoring requirements for the production
SharePoint environment:
• Monitor whether a large number of documents are
checked out.
• Monitor whether a large number of unpublished
items are being requested.
The company has established the following new monitoring requirements for Project2:
• Monitor changes to a value in a specific registry key.
• Monitor the SharePoint cache hit ratios.
• Perform monitoring only from 9:00 A.M. to 3:00
P.M. daily.
Existing Problems
Multiple authentications often occur when users log on to and navigate in SharePoint. Users have
reported some small delays accessing data.
The content database is currently stored on Serial Attached SCSI (SAS) disk drives and is growing at a
rapid pace. The following related issues currently exist:
• SharePoint is not performing as well as it was when the content database was smaller.
• Storage costs to house the photo files are too expensive.
Scanned contracts are stored in binary large object (BLOB) cache storage. The BLOB cache is
routinely filling up. End users are reporting poor performance when viewing scanned contracts.
###EndCaseStudy###
You need to implement Office 365 authentication.
What should you do?
A.
Add only adatum.com as an Office 365 SSO domain and use the SupportMultipleDomain
parameter.
B.
Create an AD DS domain named proseware.com and join the AD FS servers to the proseware.com
domain.
C.
Add adatum.com and proseware.com as Office 365 SSO domains and use the
SupportMultipleDomain parameter.
D.
Add only proseware.com as an Office 365 SSO domain and use the SupportMultipleDomain
parameter.
Correct answer is (C)
“Currently, Microsoft Office 365 customers who utilize single sign-on (SSO) through AD FS 2.0 and have multiple top level domains for users’ user principal name (UPN) suffixes within their organization (for example, @contoso.com or @fabrikam.com) are required to deploy a separate instance of AD FS 2.0 Federation Service for each suffix. There is now a rollup for AD FS 2.0 (http://support.microsoft.com/kb/2607496) that works in conjunction with the “SupportMultipleDomain” switch to enable the AD FS server to support this scenario without requiring additional AD FS 2.0 servers.”
https://blogs.technet.microsoft.com/abizerh/2013/02/05/supportmultipledomain-switch-when-managing-sso-to-office-365/
Agreed, thanks Ted! Answer is C