Professional Documents
Culture Documents
Scenario
A. Datum Corporation has deployed a single AD DS domain, with all the domain controllers
located in the London data center. As the company has grown and added branch offices with
large numbers of users, it has become apparent that the current AD DS environment does not
meet the company requirements. Users in some branch offices report that it can take a long
time for them to sign in on their computers. Access to network resources such as the company’s
Microsoft Exchange® 2013 servers and the Microsoft SharePoint® servers can be slow, and they
fail sporadically.
As one of the senior network administrators, you are responsible for planning and implementing
an AD DS infrastructure that will help address the business requirements for the organization.
You are responsible for configuring AD DS sites and replication to optimize the user experience
and network utilization within the organization.
As the company has grown and added branch offices with large numbers of users, it is becoming
increasingly apparent that the current AD DS environment does not meet company
requirements. The network team is concerned about the amount of AD DS–related network
traffic that is crossing WAN links, which are becoming highly utilized.
The company has also become increasingly integrated with partner organizations, some of which
need access to shared resources and applications that are located on the A. Datum internal
network. The security department at A. Datum wants to ensure that the access for these
external users is as secure as possible.
As one of the senior network administrators at A. Datum, you are responsible for implementing
an AD DS infrastructure that will meet the company requirements. You are responsible for
planning an AD DS domain and forest deployment that will provide optimal services for both
internal and external users, while addressing the security requirements at A. Datum.
LAB Setup
1
MCSA Lab Scenario - A. Datum Corp – Part 3 Erfan Taheri
2
MCSA Lab Scenario - A. Datum Corp – Part 3 Erfan Taheri
3
MCSA Lab Scenario - A. Datum Corp – Part 3 Erfan Taheri
4
MCSA Lab Scenario - A. Datum Corp – Part 3 Erfan Taheri
5
MCSA Lab Scenario - A. Datum Corp – Part 3 Erfan Taheri
5. Using the DNS management console, configure a DNS stub zone for adatum.com.
6. Use 172.16.0.10 as the Master DNS server.
7. Close DNS Manager.
Task 2: Configure a forest trust with selective authentication
1. On LON-DC1, create a one-way outgoing trust between the treyresearch.net AD DS forest and
the adatum.com forest. Configure the trust to use Selective authentication.
2. On LON-DC1, confirm and validate the trust from TreyResearch.net.
3. Close Active Directory Domains and Trusts.
Task 3: Configure a server for selective authentication
1. On LON-DC1, from the Server Manager, open Active Directory Users and Computers.
2. On LON-SVR2, configure the members of TreyResearch\IT group with the Allowed to
authenticate permission. If you are prompted for credentials, type TreyResearch\administrator
with the password Pa$$w0rd.
3. On LON-SVR2, create a shared folder named IT-Data, and grant Read and Write access to
members of the TreyResearch\IT group. If you are prompted for credentials, type
TreyResearch\administrator with the password Pa$$w0rd.
4. Sign out of TREY-DC1.
5. Sign in to TREY-DC1 as TreyResearch\Alice with the password Pa$$w0rd, and verify that you
can access the shared folder on LON-SVR2.