You need to minimize Active Directory replication traffic across the WAN connections

You are a network administrator for your company. The network consists of a single Active Directory forest that contains three domains. The functional level of the forest and of all three domains is Window Server 2003. The company has a main office and 30 branch offices. Each branch office is connected to the main office by a 56-Kbps WAN connection.

You configure the main office and each branch office as a separate Active Directory site. You deploy a Windows Server 2003 domain controller at the main office and at each branch office. Each domain controller is configured as a DNS server. You can log on to the network from client computers in the branch offices at any time.

However, users in the branch offices report that they cannot log on to the network during peak hours. You need to allow users to log on to the network from branch office computers. You do not want to affect the performance of the branch office domain controllers. You need to minimize Active Directory replication traffic across the WAN connections.

What should you do?

You are a network administrator for your company. The network consists of a single Active Directory forest that contains three domains. The functional level of the forest and of all three domains is Window Server 2003. The company has a main office and 30 branch offices. Each branch office is connected to the main office by a 56-Kbps WAN connection.

You configure the main office and each branch office as a separate Active Directory site. You deploy a Windows Server 2003 domain controller at the main office and at each branch office. Each domain controller is configured as a DNS server. You can log on to the network from client computers in the branch offices at any time.

However, users in the branch offices report that they cannot log on to the network during peak hours. You need to allow users to log on to the network from branch office computers. You do not want to affect the performance of the branch office domain controllers. You need to minimize Active Directory replication traffic across the WAN connections.

What should you do?

A.
Use Active Directory Sites and Services to enable universal group membership caching for each branch office site.

B.
Use Active Directory Sites and Services to configure each branch office domain controller as a global catalog server.

C.
Use the DNS console to configure the branch office DNS servers to use an Active Directory- integrated zone.

D.
Use the DNS console to configure the branch office DNS servers to forward requests to a DNS server in the main office.

Explanation:
When a user logs on to the network, the global catalog provides universal group membership information for the account to the domain controller processing the user logon information. If a global catalog is not available when a user initiates a network logon process, the user is able to log on only to the local computer unless the site has been specifically configured to cache

“A Composite Solution With Just One Click” – Certification Guaranteed 132 Microsoft 70-293 Exam

universal group membership lookups when processing user logon attempts. In this scenario the domain controller must contact the global catalog server across a WAN link that is saturated. Enabling universal group membership caching will overcome this problem.

Reference:

Jill Spealman, Kurt Hudson & Melissa Craft, MCSE Self-Paced Training Kit (Exam 70-294); Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure, Microsoft Press, Redmond, Washington, 2004, pp. 1-17 to 1-18, 5-41 to 5-43.



Leave a Reply 0

Your email address will not be published. Required fields are marked *