none
RODC功能 RRS feed

  • 问题

  • 请教:

    本题答案为D,默认情况下RODC不会缓存密码,创建组策略是不是多余,是否A更合理?

    Topic 5, Alpine Ski
    Overview
    Alpine Ski House provides vacation travel accommodations. Its main office is in Vancouver. Alpine Ski House
    also has branch offices in Montreal, Denver, and New York.
    An additional sales office is located in Los Angeles. This office has client devices only.
    All servers in each office run Windows Server 2012 R2. All client devices in each office run Windows 8.1.
    Alpine Ski House plans to acquire another company named Margie’s Travel. Margies Travel has an AD DS
    domain named margiestravel.com.
    Danner and New York
    The Denver and New York offices have their own child domain named us.alpineskihouse.com. The domain
    controllers are displayed in the following table:

    Vancouver and Montreal
    Alpine Ski House has an Active Directory Domain Services (AD DS) domain named aplineskihouse.com for the
    Vancouver and Montreal offices. The forest and domain functional levels are set to Windows Server 2008.
    The domain controllers in the domain contain Dynamic Host Configuration Protocol (DHCP) servers and DNS
    servers. The domain controllers are displayed in the following table:

    The Vancouver office also has a certification authority (CA) installed on a server named ALP-CA01.
    Business Requirements
    Growth
    An additional branch office is planned in an extremely remote, mountainous location that does not have
    traditional access to the Internet.
    The remote branch office location will use a high-latency, low-bandwidth satellite connection to the Denver
    and Vancouver offices.
    The Los Angeles office will be expanded to include sales and billing staff. The Los Angeles location will not
    contain IT staff.
    File Management
    Currently, each office has a dedicated file share that is hosted on a domain controller. The company plans to
    implement a new file sharing capability to synchronize data between offices and to maximize performance
    for locating files that are saved in a different branch office. Sales users in the Los Angeles office must also be
    able to retrieve file data from each branch office.
    Recovery time objective
    The business requires that the data stored in AD DS must be recovered within an hour. This data includes
    user accounts, computer accounts, groups, and other objects. Any customized attributes must also be
    recovered. The current backup solution uses a tape drive, which requires a minimum of two hours between
    notification and recovery.Office 365
    Alpine Ski House purchased Office 365 Enterprise E3 licenses for all users in the organization.
    Technical Requirements
    Existing environment
    Users in the Montreal office of Alpine Ski House report slow times to log on to their devices. An
    administrator determines that users in the Montreal location occasionally authenticate to a domain
    controller with an IP address of 172.16.0.10/24. All authentication requests must first be attempted in the
    same location as the client device that is being authenticated.
    Growth
    The remote branch office must have a single domain controller named REMOTEDC01.us.aplineskihouse.com.
    The replication between domains must either use best-effort or low-cost replication. After the expansion,
    authentication must occur locally.
    Any server placed in the Los Angeles office must not contain cached passwords.
    File management
    Where possible, the new file management solution must be centralized. If supported, the data must be
    stored in a single location in each branch office.
    Acquisition
    After acquiring Margie’s Travel, all AD DS objects, including user account passwords, must be a migrated to
    the alpineskihouse.com domain. Alpine Ski House plans to use the Active Directory Migration Tool (ADMT) to
    complete the migration process.
    The password complexity requirements for the margiestravel.com domain are unknown. Users should not be
    forced to change their passwords after migrating their user accounts. Some computer objects will be
    renamed during the migration.
    Office 365
    Alpine Ski House must use Microsoft Azure to facilitate directory synchronization (DirSync) with Office 365.
    The DirSync utility must be installed on a virtual machine in Microsoft Azure.

    ###EndCaseStudy###

    You need to plan the expansion of the Los Angeles office.
    What should you do?A. Install a read-only domain controller in Los Angeles.

    B.
    Install a domain controller in Los Angeles.

    C.
    Create and apply a filtered attribute set to the Los Angeles site.

    D.
    Create and apply a Group Policy object to the Los Angeles site.

    2018年7月11日 8:10

答案

  • 你好,

    RODC不会缓存密码,但是会缓存凭据。




    Best Regards,
    Frank


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    • 已标记为答案 pjj1112 2018年7月12日 4:01
    2018年7月12日 2:48
    版主

全部回复