Your network contains an Active Directory forest named contoso.com. The forest contains a System
Center 2012 Operations Manager infrastructure. Your company, named Contoso, Ltd., has a partner
company named A . Datum Corporation. The A . Datum network contains an Active Directory forest
named adatum.com. Adatum.com does not have any trusts. A firewall exists between the A . Datum
network and the Contoso network. You configure conditional forwarding on all of the DNS servers to
resolve names across the forests. You plan to configure Operations Manager to monitor client
computers in both of the forests. You need to recommend changes to the infrastructure to monitor
the client computers in both of the forests. What should you include in the recommendation? (Each
correct answer presents part of the solution. Choose two.)
A.
Allow TCP port 5723 on the firewall.
B.
Deploy a gateway server to adatum.com.
C.
Create a DNS zone replica of adatum.com.
D.
Allow TCP port 5986 on the firewall.
E.
Create a DNS zone replica of contoso.com.
F.
Deploy a gateway server to contoso.com.
Explanation:
A: Gateway, System Center Management service, 5723/TCP
B: if there is a firewall between the agents and management servers, multiple authorized
endpoints must be defined and maintained in the firewall rules to allow communication between
them.
To reduce this administrative overhead, Operations Manager has a server role called the gateway
server. Gateway servers are located within the trust boundary of the agents and can participate in
the mandatory mutual authentication. Because they lie within the same trust boundary as the
agents, the Kerberos V5 protocol for Active Directory is used between the agents and the gateway
server. Each agent then communicates only with the gateway servers that it is aware of. The
gateway servers communicate with the management servers.
Operations Manager 2012 Firewall Scenarios
Distributed Deployment of Operations Manager
What about the DNS piece?
No need as conditional forwarding is already configured on both domains.