EXERCISE 1.01G ENERATING A G ROUP P OLICY M ODELING R EPORTIN THIS EXE...

Question

255_70_293_ch01.qxd 9/10/03 1:42 PM Page 42

42

Chapter 1 • Using Windows Server 2003 Planning Tools and Documentation

Q:

What are the advantages of deploying an AD structure consisting of multiple domains,rather than a single domain with a separate OU for each department?

A:

The chief difference between these two deployments is that of security requirements.Some security settings—such as auditing, password complexity requirements, andaccount lockout policies—can be implemented only at the domain level. If you have agroup of users who require a substantially different set of security mechanisms than therest of your network, you might wish to create a child domain for that group. Featuressuch as two-way transitive trusts will still enable you to manage multiple domains cen-trally.

Q:

I have recently begun a new position as a network administrator for a Windows Server2003 forest containing many domains and child domains.The previous administratorcreated a number of GPOs, and it seems as if each network user has different policysettings applied to their accounts. I would like to simplify the GPO implementation onthe network and wish to begin by creating a “baseline” report of exactly which GPOsare in effect for the various users on the network.What is the most efficient means ofaccomplishing this?

A:

You can use the GPResult command-line utility in the Windows Server 2003Resource Kit. GPResult provides the same functionality as the Resultant Set of PolicyLogging mode, but you can run it from the command line, during each user’s logonscript.

Q:

What happens to Windows NT trust relationships when you upgrade to WindowsServer 2003?

A:

When you upgrade a Windows NT domain to a Windows Server 2003 domain, all ofyour existing Windows NT trusts will be preserved as-is. Remember that trust relation-ships between Windows Server 2003 domains and Windows NT domains are nontran-sitive.

Q:

My company is working on a limited budget for its Windows Server 2003 upgrade. DoI need to provide separate licenses for the equipment in my training lab?

A:

If the training lab machines will be either decommissioned or transferred from the testenvironment into production, you should not need a separate license than what you’vebudgeted for the machine upgrades. If, however, the test lab will be a permanent orsemipermanent installed base of equipment, you do need to provide separate licensingfor the software in the test lab.https://traloihay.net

Answer

255_70_293_ch01.qxd 9/10/03 1:42 PM Page 42

42

Chapter 1 • Using Windows Server 2003 Planning Tools and Documentation

Q:

What are the advantages of deploying an AD structure consisting of multiple domains,rather than a single domain with a separate OU for each department?

A:

The chief difference between these two deployments is that of security requirements.Some security settings—such as auditing, password complexity requirements, andaccount lockout policies—can be implemented only at the domain level. If you have agroup of users who require a substantially different set of security mechanisms than therest of your network, you might wish to create a child domain for that group. Featuressuch as two-way transitive trusts will still enable you to manage multiple domains cen-trally.

Q:

I have recently begun a new position as a network administrator for a Windows Server2003 forest containing many domains and child domains.The previous administratorcreated a number of GPOs, and it seems as if each network user has different policysettings applied to their accounts. I would like to simplify the GPO implementation onthe network and wish to begin by creating a “baseline” report of exactly which GPOsare in effect for the various users on the network.What is the most efficient means ofaccomplishing this?

A:

You can use the GPResult command-line utility in the Windows Server 2003Resource Kit. GPResult provides the same functionality as the Resultant Set of PolicyLogging mode, but you can run it from the command line, during each user’s logonscript.

Q:

What happens to Windows NT trust relationships when you upgrade to WindowsServer 2003?

A:

When you upgrade a Windows NT domain to a Windows Server 2003 domain, all ofyour existing Windows NT trusts will be preserved as-is. Remember that trust relation-ships between Windows Server 2003 domains and Windows NT domains are nontran-sitive.

Q:

My company is working on a limited budget for its Windows Server 2003 upgrade. DoI need to provide separate licenses for the equipment in my training lab?

A:

If the training lab machines will be either decommissioned or transferred from the testenvironment into production, you should not need a separate license than what you’vebudgeted for the machine upgrades. If, however, the test lab will be a permanent orsemipermanent installed base of equipment, you do need to provide separate licensingfor the software in the test lab.https://traloihay.net

EXERCISE 1.01G ENERATING A G ROUP P OLICY M ODELING R EPORTIN THIS EXE...

Q:

A:

Q:

A:

Q:

A:

Q:

A:

Bạn đang xem 255_ - MCSE EXAM 70 293 PLANNING AND MAINTAINING A WINDOWS SERVER 2003 NETWORK INFRASTRUCTURE PHẦN 1 PPTX