CertCities.com -- The Ultimate Site for Certified IT Professionals
Register today for a Free Sponsored Tech Library Webcast and you could WIN! Share share | bookmark | e-mail
  Microsoft®
  Cisco®
  Security
  Oracle®
  A+/Network+™
  Linux/Unix
  More Certs
  Newsletters
  Salary Surveys
  Forums
  News
  Exam Reviews
  Tips
  Columns
  Features
  PopQuiz
  RSS Feeds
  Press Releases
  Contributors
  About Us
  Search
 

Advanced Search
  Free Newsletter
  Sign-up for the #1 Weekly IT
Certification News
and Advice.
Subscribe to CertCities.com Free Weekly E-mail Newsletter
CertCities.com

See What's New on
Redmondmag.com!

Cover Story: IE8: Behind the 8 Ball

Tech-Ed: Let's (Third) Party!

A Secure Leap into the Cloud

Windows Mobile's New Moves

SQL Speed Secrets


CertCities.com
Let us know what you
think! E-mail us at:



 
 
...Home ... Editorial ... Pop Quiz ..Pop Quiz Article Monday: January 30, 2012


Microsoft Exam #70-219: Designing a Windows 2000 Directory Services Infrastructure
Pop quiz with six questions. Case-study format. The in-depth case study is presented first, then the questions. Answers and detailed explanations can be found at the end of the quiz.


courtesy of   Transcender LLC

Visionworx Case Study

Introduction
You have been hired as a consultant to design a Windows 2000 Active Directory infrastructure for a company named Visionworx, which has a Windows NT 4.0-based network. The Visionworx administration would like the migration from Windows NT 4.0 to Windows 2000 to occur as rapidly as possible; they do not want to perform incremental upgrades. All workstation and server computers running Windows operating systems will be upgraded to Windows 2000 Professional and Windows 2000 Server, respectively. The computers running non-Microsoft operating systems will not be migrated to Windows 2000.

Background
Visionworx is a manufacturer and distributor of soft contact lenses and lens care products. The corporate headquarters is located at the main production/distribution facility in Des Moines, Iowa. Visionworx has three other production/distribution facilities located in Grand Rapids, Michigan, Harrisburg, Pennsylvania and Trenton, New Jersey. The Des Moines location is organized into the following departments:

  • Accounting
  • Administration
  • E-commerce
  • Human Resources
  • IT Services Administration
  • Maintenance
  • Marketing
  • Public Relations
  • Sales

Each of the three production/distribution facilities contains the following departments:

  • IT Services
  • Maintenance
  • Production
  • Quality Assurance
  • Research and Development
  • Shipping and Receiving
  • Existing IT Infrastructure

General
Visionworx has 8,500 employees and 7,000 computers. The Des Moines office has 4,000 employees, the Grand Rapids facility has 2,000 employees, the Trenton facility has1,500 employees and the Harrisburg facility has 1,000 employees.

Visionworx has four Windows NT 4.0 domains in an arrangement based on the single-master domain model. The Des Moines headquarters is the global accounts domain and is named DSM. The Grand Rapids, Harrisburg and Trenton production/distribution facilities are resource domains and are named GR, HB and TR, respectively. Two DSM backup domain controllers (BDCs) are installed at each production facility for fault tolerance purposes.

Each location operates a Windows NT member server that runs Simple Network Management Protocol (SNMP) software for collecting statistical and configuration information about network devices on the network, such as computers, hubs, switches, routers, and network printers. The SNMP management stations in Grand Rapids, Harrisburg and Trenton periodically upload their data to a master database server located in Des Moines. The existing SNMP infrastructure will remain unchanged after the Windows 2000 migration, with the exception that the Windows NT member servers will be upgraded to Windows 2000. Each location also maintains a NetWare 3.12 file server that provides access to various company documents. All network clients require several drive mappings that point to their respective NetWare server. These mappings are currently configured by using MS-DOS logon scripts, but, after the migration, the necessary drive mappings will be instituted by Group Policy-deployed computer startup scripts on a per-site basis.

The Trenton facility maintains four UNIX servers. One UNIX server is a standard primary Domain Name Server (DNS) server and hosts the facility's DNS zone, named trenton.visionworx.com. The other three UNIX servers are file and print servers that support Trenton's Shipping and Receiving department. The Trenton IT team is willing to migrate the file and print servers to Windows 2000, but the team will retain the UNIX DNS server after the Windows 2000 migration. The UNIX DNS server runs the latest version of BIND.

Network Connectivity
The Des Moines location is connected to the Grand Rapids and Harrisburg locations by 128-Kbps fractional T1 lines. A 64-Kbps frame-relay connection links Des Moines with the Trenton location. During peak business hours, the 128-Kbps lines reach 75 percent saturation and the 64-Kbps line reaches 90 percent saturation.

Visionworx uses a proprietary client/server human resources database application to manage its payroll and human resources data. The software development firm that contracted with Visionworx to create the application has recently provided an update that features full Active Directory integration. Visionworx plans to upgrade the human resources database application to the latest version after the Windows 2000 migration is completed.

The Des Moines location uses 100-Mbps switched Ethernet on a 100-Mbps ATM collapsed backbone. Each production facility runs 10-Mbps switched Ethernet on a 10-Mbps distributed backbone. All computers in the Visionworx enterprise use the TCP/IP protocol exclusively. Both Windows Internet Name Service (WINS) and Dynamic Host Configuration Protocol (DHCP) are used across the enterprise. WINS servers in each location are configured as push/pull partners to provide NetBIOS name resolution across the enterprise.

Visionworx maintains its own registered DNS domain named visionworx.com. The visionworx.com zone is located in Des Moines; the grandrapids.visionworx.com, harrisburg.visionworx.com and trenton.visionworx.com delegated subzones are maintained by local IT administrators at each location. For fault tolerance, Windows NT 4.0-based DNS servers in Des Moines act as secondary name servers for the primary zones located in Grand Rapids, Harrisburg and Trenton.

Visionworx has recently purchased a firewall in an effort to protect its private internal network from being attacked through the Internet. Currently, the visionworx.com zone is exposed to the Internet. As part of its Active Directory design, Visionworx wants to isolate the company's Active Directory and internal DNS namespace from its public DNS domain namespace.

Visionworx maintains one Web server named www.visionworx.com at its Des Moines headquarters. After the migration to Windows 2000, Visionworx will maintain two DNS zones; the public visionworx.com zone will reside outside the firewall and will be accessible to the public. The Visionworx internal DNS namespace will reside inside the firewall and will be completely private and inaccessible through the Internet. Visionworx uses Microsoft Exchange 5.5 as its messaging and corporate collaboration solution. The Des Moines IT department is responsible for the ongoing maintenance of Exchange 5.5.~

Client Computer Configuration
All desktop computers are running either Microsoft Windows 98 or Microsoft Windows NT Workstation 4.0. The computer hardware in use at Visionworx is fairly new; Visionworx is on a three-year lease cycle with its contracted hardware vendor. The typical desktop workstation has an Intel Pentium 700-MHz processor, 128 MB of RAM and a 20-GB hard drive.

The Visionworx IT team has chosen Office 2000 as the company's standard productivity software package. IT administrators in each location are responsible for the deployment and maintenance of Office 2000 and certain other department-specific applications in use across the enterprise.

Interviews
Chief Executive Officer (CEO): "Since I joined Visionworx in 1994, I have wanted to standardize our IT infrastructure. The NetWare-to-Windows NT migration in Trenton in 1998 was difficult. Even today, with all of our locations running Windows NT, our offices still have difficulties communicating with each other over the network. Visionworx is anticipating a significant amount of growth in the coming year. My goal for this project is to achieve a more unified, stable network. Our Windows 2000 infrastructure must enhance our production efficiency at Visionworx."

Chief Information Officer (CIO): "Because administration can only be delegated at the domain level, Windows NT has not provided the centralized, granular network administration and the decreasing level of administrative overhead we require at Visionworx. Our Windows 2000 solution must allow the IT staff in Des Moines to limit the administrative authority of the IT staff in each of our production facilities. We want to provide for easy, top-down network administration for the Visionworx Windows 2000 enterprise. Windows NT trust relationships have been problematic and difficult to manage. We want universal access to resources with stable trust relationships connecting all points of the Visionworx enterprise. In fact, we want to minimize or entirely eliminate the need to manually configure and manage inter-domain trust relationships. In addition, we need a centrally configurable and easily managed account policy that spans the entire enterprise.

"The Visionworx.com public Web site has been compromised on more than one occasion. It is imperative that we protect our internal network infrastructure from external attack. We need to separate our internal DNS and Active Directory naming structures from our public DNS domain name. We also need our Windows 2000 security infrastructure to grow with the company in the event of future acquisitions. Scalability on all levels is crucial.

"Visionworx has recently acquired NuTex, a noted manufacturer of corrective lenses and lens care supplies. The NuTex network currently consists of a single Windows 2000 domain. Although NuTex will retain its trade name, all administration, both in the IT and corporate venues, will be performed by Visionworx administrators. Because we have made the decision to retain the existing NuTex employees, we need to take into account the NuTex user and group account database after the incorporation into the Visionworx enterprise. We plan to integrate the NuTex network into our Windows 2000 forest. One important planning issue is the fact that the root domain name of the NuTex internal Active Directory structure should correspond to its public DNS domain name.

"We need a desktop client solution that provides both local security and multi-user capabilities. Many of our employees share workstations. We need to be able to provide strict control of the users' desktop environment. Because different departments at Visionworx have slightly different desktop configurations, we want to delegate the task of client desktop management to the IT administrative staff at each location.

"We hope that deploying Group Policy will meet our need for both company-wide and department-specific security and auditing policies. For example, we at headquarters want to be able to define and enforce a uniform account policy across the entire enterprise. Additionally, we would like to be able to selectively audit users and computers across all four locations and on a departmental basis at each location.

"Finally, our bandwidth utilization is unacceptably high. Our budget will not allow for a WAN link upgrade for at least another year, so we have to use our existing connections. Our user and group accounts are frequently modified; therefore, our network experiences a large amount of domain synchronization traffic between locations. We need to exploit the Windows 2000 replication management features if we are to attain the goal of minimizing replication traffic and gaining a performance increase among our four locations."

Chief Financial Officer (CFO): "We have a very profitable Web presence with www.visionworx.com. Our network infrastructure reorganization must not result in a domain name change. Our online customers know us as visionworx.com, and it is imperative that our e-commerce division remain as stable as possible. Because NuTex already has an established presence on the Internet and has registered the domain name nutex.com, we would like NuTex to retain its existing Internet name after its absorption into our enterprise. The e-commerce divisions of both Visionworx and NuTex will be working closely together to maximize profitability of both the www.visionworx.com and www.nutex.com Internet e-business sites."

History
Visionworx was founded in Des Moines in March 1990. Since its inception, Visionworx has experienced rapid growth. The first corporate expansion occurred in 1992 when Visionworx acquired the Grand Rapids production/distribution facility. The Harrisburg facility was added in 1994, and the Trenton facility was added in 1997. However, over the years, the network infrastructure has become increasingly fragmented. When Visionworx acquired the Trenton facility, it was an exclusively NetWare-based network. The Des Moines, Grand Rapids and Harrisburg offices were configured as separate Windows NT 3.51 domains. This arrangement made it very challenging to enforce corporate-wide IT policies. In addition, interoperability between the Windows NT domains and the Trenton NetWare network was cumbersome.

In the spring of 1998, Visionworx began an enterprise-wide initiative to standardize the company's network infrastructure. All locations, including Trenton, were migrated to Windows NT 4.0. To provide for single-user logon and universal resource access, the single-master domain model was adopted. The DSM domain in Des Moines was designated as the global accounts domain. The domains established in the Grand Rapids, Harrisburg and Trenton locations were designated as resource domains.

During the NetWare-to-Windows NT migration at the Trenton office, Trenton employees experienced a significant amount of downtime as a result of connectivity and user account migration problems. Consequently, the Visionworx corporate administrators are suspicious of any upgrade plans that are submitted by members of the IT department.

Security Infrastructure
Access to shared resources at Visionworx is currently managed with global and local groups. IT administrators in the Des Moines accounts domain have organized employees' user accounts into global groups by job function. Administrators in the four domains then place these global groups inside local groups to grant permissions to shared network resources.

Company-wide standards have been developed for user account and auditing policy, but enforcement has been difficult because both types of policy should be managed only from the domain level.

Envisioned IT Environment -- General
Visionworx plans to retain Des Moines as the headquarters for IT services. User account policy will be enforced on an enterprise-wide basis. Administrators at each location will be given the flexibility to manage their DNS zones, apply disk quota restrictions, configure client desktop environments and deploy software packages to desktop clients.

There will be three types of administrators at Visionworx after the Windows 2000 migration: enterprise administrators will have full administrative rights for the entire organization, plant administrators will have full administrative rights for the respective physical location, and department administrators will have full administrative rights for the respective department or departments.

Envisioned IT Environment -- Connectivity
The Visionworx Active Directory site design should optimize the utilization of its existing WAN connections.

Internal DNS for Visionworx must support secure dynamic update and have no single point of failure. IT administrators at each location will continue to be responsible for maintaining the DNS servers at their own location.

Envisioned IT Environment -- User Enviornment
Visionworx will use Group Policy to streamline software installation and maintenance. Group Policy objects (GPOs) will also be deployed to manage folder redirection and the enforcement of a consistent desktop environment through the restriction of certain Control Panel programs such as Display and Network and the restriction of certain user interface elements such as the Start menu.

Case Study Questions

1. How should you design the Active Directory infrastructure for Visionworx?

a. one forest and one domain

b. one forest and four domains

c. four forests and one domain

d. four forests and four domains

2. The IT director at Visionworx would like to delegate administrative authority of the company's human resources database application to certain experienced and trustworthy administrators at each location. A future upgrade project that is planned for the application will result in the modification of several Active Directory class and attribute definitions. Into which group must the CIO place the production/distribution facility administrators' user accounts to ensure that they can successfully upgrade the human resources database?

a. the Enterprise Admins group

b. the Schema Admins group

c. the Domain Admins group

d. the DNSAdmins group

e. the local Administrators group on the servers that host the human resources database application

3. Which of the following site designs should you implement for Visionworx to help it attain the goal of maximizing replication efficiency between the four locations?

a. one site with one IP site link

b. one site with multiple IP site links

c. one site with one SMTP site link

d. one site with multiple SMTP site links

e. four sites with one IP site link

f. four sites with multiple IP site links

g. four sites with one SMTP site link

h. four sites with multiple SMTP site links

4. How should you design the top-level OU hierarchy for Visionworx?

a. by department

b. by location

c. by domain

d. by site

5. Which of the following is the most appropriate name for the Visionworx forest root domain based on the company's namespace planning goals?

a. visionworx.com

b. visionw.com

c. ad.visionworx.com

d. ad.visionw.com

6. Which of the following methods constitute the best way to incorporate NuTex into the Visionworx enterprise with the least administrative effort?

a. by establishing external trust relationships between the Visionworx and NuTex forest root domains

b. by establishing NuTex as the root domain of a new Active Directory forest

c. by removing and reinstalling Active Directory on all NuTex domain controllers

d. by establishing NuTex as the root domain of a new domain tree in the Visionworx forest

e. by establishing NuTex as a child domain in the Visionworx forest domain tree

f. by removing and reinstalling Active Directory on the NuTex forest root domain controller

g. by integrating NuTex into the Visionworx forest root domain

Answers

1.Choice a is correct. The domain planning principles that are used to design Windows NT networks are not always valid for the design of Windows 2000 networks. Visionworx is a medium-sized organization that requires less administrative overhead, centralized management and a uniform account and auditing policy; therefore, you should create one forest and a single domain for Visionworx. The need for granular network administration can be accomplished by creating organizational units (OUs) for each production/distribution facility and by delegating administrative authority for each OU to the appropriate network administrators at each location. User account policies, such as minimum password length and age, must be defined at the domain level to apply to all users and computers within that domain. Although it is technically possible to define matching user account policies separately for each domain in a multiple domain environment, a single domain structure best satisfies the requirement for a truly enterprise-wide user account policy that is centrally configurable and easily managed. By default, the first Windows 2000 domain created will become the forest root domain. A domain tree is a collection of one or more Windows 2000 domains that share a contiguous DNS namespace and two-way, transitive Kerberos trust relationships. An Active Directory forest is a collection of one or more domain trees in which all domains share the same configuration, schema and Global Catalog information. Because Windows 2000 forests share no common directory services data, creating separate forests for each location would not meet the business requirement of an easily managed network infrastructure. The decision to create additional Windows 2000 domains is influenced by several factors. The need for decentralized network administration, isolated replication traffic and multiple domain security policies are all valid reasons to support a multiple domain Windows 2000 forest. Internal political pressure may be another strong motivator in favor of creating more than one domain. In this case, Visionworx wants to decrease administrative overhead and maintain uniform account and auditing policies. Creating separate domains for each location would not contribute to this goal. Reference: TechNet, Contents, "Windows Product Family," "MS Windows 2000," "MS Windows 2000 Server," "Third-Party Information," "Designing the Active Directory."

2. Choice b is correct. The CIO at Visionworx must place the administrators' user accounts into the Schema Admins global group in the visionworx.com forest root domain to allow those employees to successfully upgrade the human resources database application. The Active Directory directory service schema contains the definitions for all objects in Active Directory. These objects include domains, user, group and computer accounts, shared printers and shared folders. Members of the Schema Admins group are the only users authorized to modify the schema. Members of the Enterprise Admins, Domain Admins and local Administrators groups on domain controllers do not have the ability to modify the schema directly; however, members of these groups do have the ability to control membership in the Schema Admins group. Because schema changes are global and non-reversible, membership in the Schema Admins group should be carefully controlled by top-level IT administrators. The DNSAdmins domain local security group is used to simplify the task of delegating administrative authority for DNS. Members of the DNSAdmins group are granted the Full Control permission to all zones and resource records in a Windows 2000 domain in which they are specified. Reference: W2KSRK, Contents, "Distributed Systems Guide," "Active Directory," "Active Directory Schema," "Extending the Schema," "How to Extend the Schema." TechNet, Contents, "Windows Product Family," "MS Windows 2000," "MS Windows 2000 Server," "Technical Notes," "Windows 2000 DNS." W2KSOH, Contents, "Active Directory," "Concepts," "Active Directory Overview," "Introduction to Active Directory," "Active Directory schema overview." W2KSRK, Contents, "Distributed Systems Guide," "Active Directory," "Active Directory Schema," "Extending the Schema," "How to Extend the Schema."

3. Choice f is correct. You should implement four sites with at least two IP site links per site to maximize replication efficiency for Visionworx. In Active Directory, a site is defined as one or more IP subnets that have LAN-speed network connectivity. By default, Windows 2000 places domain controllers into a single default site object named DEFAULT-FIRST-SITE-NAME. Intra-site replication occurs on an as-needed basis because it is assumed that domain controllers within a site can transfer data between themselves at great speed and with minimal cost. However, when areas of a network are separated by low-bandwidth WAN connections it is advantageous to partition these areas into separate sites. Inter-site replication occurs based on the administrator-defined schedules rather than on an as-needed basis because connections between domain controllers are assumed to be slow and expensive. Creating multiple sites also provides for a high degree of control over domain replication traffic, workstation logon traffic and Global Catalog replication traffic.

The site link object is used to connect two or more Active Directory sites in order to provide a replication path between them. Windows 2000 does not automatically generate site links; they must be manually configured by a network administrator. By default, only members of a forest's Enterprise Admins group are authorized to create either sites or site links in an Active Directory forest.

Windows 2000 supports two replication transport protocols: remote procedure calls (RPC) over IP and Simple Mail Transport Protocol (SMTP). RPC over IP is available for use with both intra-site and inter-site replication and can be used either within a domain or between domains. In contrast, the SMTP site link object is available only for inter-site replication and for use between domain controllers of different domains. Another important difference between RPC over IP-based and SMTP-based replication is that only the RPC over IP transport is capable of replicating the domain directory partition. Therefore, an Active Directory network must have IP-based site links in place before SMTP-based site links are deployed. Finally, you should implement purely RPC over IP-based site links for Visionworx because the SMTP transport protocol is slower than the RPC over IP transport protocol. SMTP can produce up to twice as much traffic as RPC over TCP/IP because replicated data must be enclosed in SMTP packets before delivery.

By default, Windows 2000 creates a single RPC over IP site link named DEFAULT-IP-SITE-LINK. This default site link is used by the Knowledge Consistency Checker (KCC) process for the first and any additional site objects created by an administrator to manage inter-site replication. Although it is possible to maintain a valid replication topology for Visionworx by using a single IP site link, a more efficient choice is to create multiple IP site links. Creating multiple IP site links allows each WAN connection to be individually tailored in terms of replication schedule, interval and cost. A fully meshed site link topology is shown in the exhibit below.

topology

Creating multiple site links provides a degree of redundancy and customization in designing replication schedules. A single site link can only be assigned a single cost and a single replication schedule. Multiple site links can be configured to minimize the amount of time the WAN connections are utilized for replication updates. For example, the Trenton facility has a 64-Kbps connection to Des Moines, and the Grand Rapids and Harrisburg facilities are connected to Des Moines by 128-Kbps links. Because of the difference in available bandwidth, you should adjust the replication frequency for the Des Moines-Trenton link to a higher value than the Des Moines-Grand Rapids and the Des Moines-Harrisburg links. Doing so would cause the domain controllers in Trenton to poll the other sites less frequently for replication updates, thereby conserving bandwidth on the 64-Kbps link. Reference: W2KSOH, Contents, "Active Directory," "Concepts," "Understanding Active Directory," "Sites." W2KSOH, Contents, "Active Directory," "Concepts," "Planning for Active Directory," "Planning Site Structure," "When to establish separate sites." W2KSRK, Contents, "Deployment Planning Guide," "Active Directory Infrastructure," "Designing the Active Directory Structure," "Creating a Site Topology Plan," "Defining Sites and Site Links."

4. Choice b is correct. You should design the top-level OUs by geographic location. The OU hierarchy should mirror the administrative and security needs of Visionworx. The need for stable, easily managed administration units is best supported by creating top-level OUs for each of its three locations. Good OU planning mandates that the top-level OU structure remain as static as possible; geographic locations tend to be much less likely to change than business units or departments. If top-level OUs are geographically oriented, then, as Visionworx expands, IT administrators can create additional top-level OUs to accommodate new network locations in the enterprise. Using department names for the top-level OU structure would complicate network administration. For example, suppose that you created second-level OUs based on geographic location beneath each department's top-level OU. Defining Group Policy for all Grand Rapids employees would require linking a GPO to the Grand Rapids OU contained in every department's top-level OU. With a geography-based top-level OU design, linking a single GPO to the Grand Rapids OU would achieve the same result. Neither domains nor sites can be contained within OUs. Reference: W2KSOH, Contents, "Active Directory," "Concepts," "Planning for Active Directory," "Planning organizational unit structure." TechNet, Contents, "Windows Product Family," "MS Windows 2000," "MS Windows 2000 Server," "Technical Notes," "Planning," "Building the Active Directory Tree."

5. Choice b is correct. Visionworx wants to mask its internal DNS and Active Directory namespaces from the Internet. Visionworx also wants to continue using its registered visionworx.com domain name to support its e-commerce division. Therefore, you should define an internal DNS and Active Directory namespace that will be used only on the Visionworx corporate network and has a name that is different from the company's public DNS domain name. The public Web server, www.visionworx.com, and the associated visionworx.com DNS zone are exposed to the Internet and isolated from the internal network by the company's recently purchased firewall. Although it is possible to create an internal forest root domain with a DNS name of visionworx.com, this does not meet the company's requirement for separate public and private namespaces. Both ad.visionworx.com and ad.visionw.com are third-level domain names; they imply the presence of a third-level DNS domain, which does not exist in this scenario. Reference: TechNet, Contents, "Windows Product Family," "MS Windows 2000," "MS Windows 2000 Server," "Technical Notes," "Windows 2000 DNS." W2KSOH, Contents, "Networking," "DNS," "Concepts," "Using DNS," "Planning Issues," "Namespace planning for DNS." TechNet, Contents, "Windows Product Family," "MS Windows 2000," "MS Windows 2000 Server," "Third-Party Information," "Designing the Active Directory."

6. Only choices c and d are correct. Because Visionworx and NuTex have different public identities and separate Active Directory and DNS namespaces, you should incorporate the NuTex network into the Visionworx forest as the root domain of a new domain tree inside the Visionworx forest. Domain trees within a forest share a common schema, configuration and Global Catalog, and they allow for disjointed namespaces. Two-way, transitive Kerberos trust relationships join root domains in multiple tree forests; these trusts allow for universal access to resources and information throughout the forest. This configuration also meets the goal of centrally managing NuTex. A hallmark of the Active Directory naming structure is a contiguous namespace that conforms precisely to DNS naming standards. Therefore, integrating the NuTex domain as a child domain of the Visionworx domain tree would fail to meet the requirement that NuTex preserve its existing Active Directory name. Although it is possible to retain the NuTex domain as the root of its own forest, a multiple-forest environment is very difficult to manage. Any interaction between forests must be manually created with one-way, external trust relationships. As of its current release, Windows 2000 does not support merging two separate Active Directory forests. Therefore, integrating the NuTex network into the Visionworx forest means completely removing and then reinstalling Active Directory on all NuTex domain controllers. Reference: W2KSRK, Contents, "Deployment Planning Guide," "Active Directory Infrastructure," "Designing the Active Directory Structure," "Creating a Domain Plan," "Determining the Number of Domains in Each Forest." W2KSRK, Contents, "Deployment Planning Guide," "Active Directory Infrastructure," "Designing the Active Directory Structure," "Determining Domain Migration Strategies," "Starting the Migration Planning Process," "Domain Migration Considerations."

These questions and answers are provided by Transcender LLC. Order the full version of this exam simulation online at www.transcender.com, phone 615-726-8779, 8 a.m. - 6 p.m., (CST), M - F, fax 615-726-8884, or mail to Transcender LLC, 565 Marriott Drive, Suite 300, Nashville, TN 37214.


More Pop Quiz:


There are 13 CertCities.com user Comments for “Microsoft Exam #70-219: Designing a Windows 2000 Directory Services Infrastructure”
Page 1 of 2
4/29/01: Geir says: Very good
7/2/01: mohd says: i visited this site for the first time but it is very impressive than others
7/2/01: mohd says: i visited this site for the first time but it is very impressive than others
8/23/01: Tejinder says: i visited this site the first time and this site is the best one
10/18/01: Anonymous says: I think it should have been made clear that the last question for 70-219, re incorporating Nutex asked for "all that applies," instead of leaving it to the user to assume the answers are radio buttons allowing only one possible answer.
12/17/01: Phydeaux says: Wow what a mouthful, but what a way for this article to bring together 1400 pages of reading material. Reading two books and getting into the details is good, but this overview really helped bring together some of the joints between the books i've read.
3/4/02: tonydalm from amsterdam says: again comment on the last q: the least administrative effort > by removing and reinstalling Active Directory on all NuTex domain controllers (wow, what ya call least...)
11/28/02: Terry Davis from UK says: Hi We are holding a local quiz in aid of Demelza House Childrens Hospital. The following questions are the ones out of 100 that we are stuck on. If you know any of the awnsers would you mind pasting them in at the end of the question. The theam is " Can you find singers, instrumentalists, groups or people in groups from these clues?" Some are Anagrams" Item No. 10 Her real name is Mary Sandaman 13 Who sang the same song by Tim Rose with "Band of Joy" in 1967 and now as a soloist in 2002 15 She married Jose Ferrer and had five children, became divorced and married Dante di Paolo in 1966. She has a famous actor nephew 17 Who was the Ox? 18 Born in New York, graduated from Columbia, became a GI in the second world war, injured in action and awarded a Purple Heart 19 They sang "By the Light of the Sivery Moon" in the first "Popeye" film 23 Liners Name 25 Black Breed of dog 28 Whose autobiography will be called "Stars in my Eyes" 29 Slowhand 30 Mandela Conundrum 31 Ex Otter 34 Prize Toads from "The League of Gentlemen" 35 Kentish Village 37 Although they did not have a hit record what was the name of Tony Blair's group that he fronted while at Oxford University. 39 Who sang about the stars from the X Files 40 Colin Cooper started to group in 1967 and is still going today 42 In the Roman Catholic Church, the first Antiphon in the Vespers for the dead 43 Italian Jockey at the final resting place of King Arthur 47 He was a drummer with The Everons when he was discovered by Derek Bowman 49 Tefals 50 Wayne from Auf Wiedersehen Pet fronted this group in 1976 51 Who said "I used to dream of being a pop star, but never dreamed I'd be one 52 Who registered into a Berlin Hotel in September 2002 under the name Max De Winter 53 Who married his cleaner Agnieszka Chowniec 54 This singer should have played the lead in a pilot detective programme directed by Stephen Spielberg but went to a golf tournament instead leaving his understudy to become a multi-millionaire from the part 56 Two definite articles 58 Card game (Not Snap) 59 Enthusiasm 60 Lacking tone 65 Pliant Porcelain having undergone the first firing and before being glazed 67 4th Century Martyr mentioned in the Canon of the Mass 72 American sprinter and Australian Cricketer 74 Played soccer 67 & 27 times for England respectively 75 Courteney Cox's cousin 76 Quarter-Fialist in LG cup 2002 77 Irish surname meaning "Dark Brown" 78 Manchester Plumber who became a famous climber 79 Rotten flesh and a cheese 82 Guide 83 A blast of wind with Lario 84 Diminutive of the old German Name "Amalswint" 85 Wife of a Bond 87 Anagram of a yound lambe 88 Foretaster of Lion meat 90 Incline a sort of hammer 92 Red headed bread maker 93 Former principal choreographer to the Royal Ballet, an American actress nominated for an academy award in 1953, and the director general of the BBC 94 Injured Digit 96 Leaders of Clans 97 A degree for a Jam-Maker 98 Bras to bust If you take the trouble to help us (and Demelza House) I thank you on behalf of all the kids this will benifit There is no personal gain for any of us involved in the quiz. Thanks again and regards Terry Davis
2/11/03: mathew says: fdsfdsa
8/6/03: Ajay Kulsh from Los Angeles says: Why does the 1st question not have option of one forest and two domains? Won't NuTex tree create a new domain?
First Page   Next Page   Last Page
Your comment about: “Microsoft Exam #70-219: Designing a Windows 2000 Directory Services Infrastructure”
Name: (optional)
Location: (optional)
E-mail Address: (optional)
Comment:
   

-- advertisement (story continued below) --

top