###BeginCaseStudy###
Case Study: 3
Litware, Inc
Overview
Litware, Inc., is a manufacturing company located in North America.
The company has a main office and two branch offices. The main office is located in Chicago. The
branch offices are located in Baltimore and Los Angeles.
Existing Environment
Active Directory Environment
The network contains one Active Directory forest named litwareinc.com. Each office is configured as
an Active Directory site.
All domain controllers in the Los Angeles office run Windows Server 2008 R2. All domain controllers
in the Chicago office run Windows Server 2003 Service Pack 1 (SP1). All domain controllers in the
Baltimore office run Windows Server 2012.
All of the FSMO roles are located on a domain controller in the Baltimore office. All of the domain
controllers are configured as global catalog servers.
You have a distribution group for each department. The distribution groups contain all of the users
in each respective department.
Network Infrastructure
The servers in each office are configured as shown in the following table.
The Baltimore and Chicago offices have independent Internet connections. Internet connectivity for
the Los Angeles office is provided through Chicago.
Users frequently send large email messages to other users in the company. Recently, you increased
the maximum message size to 50 MB.
Planned Changes
The company plans to deploy a new Exchange Server 2013 infrastructure that will contain two
Clients Access servers and two Mailbox servers in the Chicago office. The servers will be configured
as shown in the following table.
All client connections to the Exchange Server organization will be routed through a hardware load
balancer. The name client.litwareinc.com will point to the virtual IP address of the hardware load
balancer.
Once the transition to Exchange Server 2013 in the Chicago office is complete, all mail flow to and
from the Internet will be managed centrally through that office by using a Send connector that has
the following configurations:
• Connector name: CH-to-Internet
• Address space: *
• Source servers: CH-EX2, CH-EX3
• Cost: 10
###EndCaseStudy###
You are testing the planned implementation of Exchange Server 2013.
After you begin moving several mailboxes to Exchange Server 2013, you discover that users on the
internal network that have been moved are prompted repeatedly for their credentials when they
run Microsoft Outlook.
You run the Get-OutlookAnywhere cmdlet on CH-EX4, and receive the following output:
You need to prevent the internal users from being prompted for their credentials when they connect
to their mailbox by using Outlook.
Which property should you modify by using the Set-OutlookAnywhere cmdlet?
A.
IISAuthenticationMethods
B.
InternalHostname
C.
ExternalHostname
D.
ExternalClientAuthenticationMethod
E.
InternalClientAuthenticationMethod
When an Outlook client connects from an internal domain-joined machine, it can connect to the Exchange server and provide Kerberos with the authentication information required to connect. NTLM is selected for authentication when the Outlook client provides insufficient information to use the Kerberos authentication.
Change the settings on all your earlier CAS servers so that internal (between CAS) connections are authenticated with Kerberos. To do this, use Set-OutlookAnywhere like this:
Set-OutlookAnywhere –Server CH-EX4 –IISAuthenticationMethods Basic, NTLM
0
0
When an Outlook client connects to Exchange 2013, but the user mailbox is located on Exchange 2007, Exchange 2013 CAS proxies the connection to Exchange 2007 CAS. For the proxy process to work, Outlook Anywhere must be enabled on Exchange 2007 CAS servers. You must also ensure that client authentication on all CAS servers, including Exchange 2013 and Exchange 2007, is set to Basic and the Internet Information Services (IIS) authentication method includes NTLM. NTLM is required on IIS because the Exchange 2013 CAS uses Windows authentication to authenticate to Exchange 2007 servers.
0
0