Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Another 70-294 testking error

Status
Not open for further replies.
BenChristian

BenChristian

IS-IT--Management
Jan 11, 2004
193
AU
Version 28, Page 38:

You are a network administrator for TestKing. TestKing has 25 offices in major cities throughout the
world. The network consists of a single Active Directory forest that contains five domains. All domain
controllers run Windows 2000 Server. Each domain contains user objects for five offices.

The offices in Paris and Toronto provide help desk services to 20,000 users in all domains. The help desk
frequently processes group membership changes requested by department managers.
Help desk administrators report that changes made to group memberships are often lost and have to be
re-created. You discover that this problem is caused by replication conflicts that occur when a large
number of help desk requests are being processed in a short period of time.
You upgrade all domain controllers to Windows Server 2003. Help desk administrators continue to
report that work is often lost during times of peak activity.

You need to reduce the amount of work lost by help desk administrators. You want accomplish this task
by using the minimum amount of administrative effort.
What should you do?

A. Ensure that all help desk administrators are connecting to the PDC emulator in their domain when they
perform updates to group memberships.
B. Raise the functional level of the domain and of the forest to Windows Server 2003.
C. Enable universal group membership caching on domain controllers used by the help desk administrators.
D. Disable site link bridging for all site links in the forest.


testking Answer:

********
Answer: A
Explanation: The PDC emulator master is responsible for authentication requests for accounts with
recently changed passwords, if the change has not been replicated yet to the entire domain. In additions,
the PDC emulator receives preferential replication of password changes performed by other domain
controllers in the domain. If a password was recently changed, that change takes time to replicate to
every domain controller in the domain.

Incorrect Answers:
B: The functional level of the forest will not reduce the amount of replication that occurs at any one time.
C: Universal group membership caching enables users to log on to the domain when the WAN link is down.
The help-desk staff is already logged on.
D: Site link bridging won't reduce the amount of replication that occurs at any one time.

********

My Answer:

Answer: B

Explanation:

Linked Value replication in Windows Server 2003 allows only the changes to the group membership to be replicated instead of the whole list of members. This question specifically says that the problem is in relation to replication conflicts when the group memberships are modified. It also hints at the answer by saying that "You upgrade all domain controllers to Windows Server 2003". By completing this action by raising the forest functional level to Windows Server 2003, you will be able to take advantage of Linked Value replication, and therefore resolve the replication conflict issue.

The following article refers to linked value replication, here's an excerpt:

"Introduced in the Windows Server 2003 family, linked value replication allows individual values of a multivalued attribute to be replicated separately. In Windows 2000, when a change was made to a member of a group (one example of a multivalued attribute with linked values) the entire group had to be replicated. With linked value replication, only the group member that has changed is replicated, and not the entire group. To enable linked value replication, you must raise the forest functional level to Windows Server 2003 ."


 
I think Test King is correct. LVR just reduces the amount of replication traffic, it won't necessarily fix the conflict.
 
Thanks for your feedback, however I stil don't agree. The question is referring to group membership changes, not password changes. Testking's reason for Answer A was

The PDC emulator master is responsible for authentication requests for accounts with
recently changed passwords, if the change has not been replicated yet to the entire domain. In additions,
the PDC emulator receives preferential replication of password changes performed by other domain
controllers in the domain. If a password was recently changed, that change takes time to replicate to
every domain controller in the domain.
Click to expand...

Granted, if all helpdesk staff connect to the same DC (whether is be the PDC emulator or not) to make changes to AD objects then this will reduce replication conflicts. I don't believe that this would be the "least administrative effort" though, as connecting to a DC through a WAN link to make all changes would be very slow, and would have to be done every time changes were made (administrative burden). Rasing the forest functional level to Windows 2003 is a once off action that is very quick and easy.

LVR just reduces the amount of replication traffic, it won't necessarily fix the conflict
Click to expand...

LVR will in fact reduce replication conflicts. For example, in a Windows 2000 forest, if helpdeskmemberA in Paris adds Bob to the Sales group, and then HelpdeskMemberB in Toronto removes Sally from the same group before the changes have been replicated, then a replication conflict will accur. With LVR, this would not cause a conflict, as the whole membership list isn't replicated, only the indivudual members are.



 
I'd have to agree that testking is incorrect. B also appears to be the correct answer to me.

Denny
MCSA (2003) / MCDBA (SQL 2000) / MCTS (SQL 2005)

--Anything is possible. All it takes is a little research. (Me)
[noevil]
 
Yeah you're probably right actually, LVR would help which is all there asking for (a reduction). I was thinking PDCe more along the lines of they'd all be connecting to the same DC (which one is largely irrelevant) so replication conflicts would be eliminated. Both answers would presumably still be subject to lost changes if done at very similar times on the same DC with applying changes immediately.
You win the least admin effort part to :p But not because it means your end users have to do less work, they invariably mean in my experience least effort for you to implement. Raising the functional level is a fair bit quicker than ensuring every one on the admin staff is pointing their ADU&C to the same DC though.
 
if you don't agree, then remember it.
 
Thanks for your comments. By the way, I took my exam this morning and passed with a score of 966! That's the best score I've had so far.


 
benchristian,

While I'm not certain that your answer is correct, this question did appear on my 70-294 exam yesterday. I didn't consider this thread while taking the exam, but the answer I chose agrees with your logic.

I have no way of knowing if I answered this question correctly, since I only scored 565 and have to re-take the exam.

Wishdiak
A+, Network+, Security+, MCSA: Security 2003
 
Status
Not open for further replies.

Similar threads

Skittle
  • Locked
  • Question
Microsoft Server Admin 70-463 - Virtual Environment
Replies
0
Views
77
Skittle
Skittle
brokenhalo
  • Locked
  • Question
70-662 Exam Prep 1
Replies
2
Views
107
theravager
theravager
Absolution84
  • Locked
  • Helpful tip
70-640 Resources 1
Replies
0
Views
62
Absolution84
Absolution84
southerngent
  • Locked
  • Question
Testking or transcendor 70 236
Replies
10
Views
145
58sniper
58sniper
aetius90887
  • Locked
  • Question
70-640 AD Question
Replies
3
Views
89
kmcferrin
kmcferrin

Part and Inventory Search

Sponsor

Back
Top