###BeginCaseStudy###
Case Study: 6
Lucerne Publishing
Scenario:
COMPANY OVERVIEW
Overview
Lucerne Publishing is a large publishing company that produces both traditional books and ebooks.
Physical Location
The company has a main office and a branch office. The main office is located in New York.
The branch office is located in San Francisco. The main office has a satellite office located in
Boston. The company has 7,500 users.
EXISTING ENVIRONMENT
Active Directory Environment
The network contains an Active Directory forest. The forest contains a single domain named
lucernepublishing.com.
Network Infrastructure
Client computers in the New York office and the San Francisco office run either Windows
Vista or Windows XP. All client computers in the Boston office run Windows 7.

The company has a finance department. All of the client computers in the finance department
run Windows XP. The finance department uses an Application named App1. App1 only runs
on Windows XP.
The relevant servers in the New York office are configured as shown in the following table.

The servers have the following configurations:
• Remote Desktop is enabled on all servers.
• The passwords for all service accounts are set to never expire.
• Server1 stores roaming user profiles for users in the Boston office.
• SQL1 and SQL2 are deployed in a two-node failover cluster named Clusterl.
• All servers have Pre-Boot Execution Environment (PXE)-compliant network
adapters.
• The servers in the San Francisco office contain neither a recovery partition nor optical
media drives. DFSl and DFS2 are members of the same DFS Replication group. The DFS
namespace is configured to use Windows 2000 Server mode.
The Boston office has no servers. The Boston office connects to the New York office by
using a dedicated hardware VPN device.
The finance department publishes monthly forecast reports that are stored in DFS.
REQUIREMENTS
Business Goals
Lucerne Publishing must minimize administrative costs, hardware costs, software costs, and
development costs, whenever possible.
Planned Changes
All client computers will be upgraded to Windows 7.
A VPN server will be deployed in the main office. All VPN clients must have the latest
Windows updates before they can access the internal network.
You plan to deploy a server that has the Remote Desktop Gateway (RD Gateway) role
service installed.
Technical Requirements

Lucerne Publishing must meet the following technical requirements:
• Upgrade all client computers to Windows 7.
• Minimize Group Policy-related replication traffic.
• Ensure that App1 can be used from client computers that run Windows 7.
• Ensure that users can use App1 when they are disconnected from the network.
• Ensure that you can perform a bare metal recovery of the servers in the San Francisco
office.
• Minimize the amount of time it takes users in the Boston office to log on to their
client computers.
• Ensure that domain administrators can connect remotely to all computers in the
domain through RD Gateway.
• Ensure that file server administrators can access DFS servers and file servers through
the RD Gateway.
• Prevent file server administrators from accessing other servers through the RD
Gateway
Security Requirements
Lucerne Publishing must meet the following security requirements:
• USB storage devices must not be used on any servers.
• The passwords for all user accounts must be changed every 60 days.
• Users must only be able to modify the financial forecast reports on DFSl. DFS2 must
contain a read-only copy of the financial forecast reports.
• All operating system drives on client computers that run Windows 7 must be
encrypted.
• Only approved USB storaqe devices must be used on client computers that run
Windows 7.
###EndCaseStudy###

You need to recommend an RD Gateway configuration that meets the company’s technical
requirements. What should you recommend?

###BeginCaseStudy###
Case Study: 6
Lucerne Publishing
Scenario:
COMPANY OVERVIEW
Overview
Lucerne Publishing is a large publishing company that produces both traditional books and ebooks.
Physical Location
The company has a main office and a branch office. The main office is located in New York.
The branch office is located in San Francisco. The main office has a satellite office located in
Boston. The company has 7,500 users.
EXISTING ENVIRONMENT
Active Directory Environment
The network contains an Active Directory forest. The forest contains a single domain named
lucernepublishing.com.
Network Infrastructure
Client computers in the New York office and the San Francisco office run either Windows
Vista or Windows XP. All client computers in the Boston office run Windows 7.

The company has a finance department. All of the client computers in the finance department
run Windows XP. The finance department uses an Application named App1. App1 only runs
on Windows XP.
The relevant servers in the New York office are configured as shown in the following table.

The servers have the following configurations:
• Remote Desktop is enabled on all servers.
• The passwords for all service accounts are set to never expire.
• Server1 stores roaming user profiles for users in the Boston office.
• SQL1 and SQL2 are deployed in a two-node failover cluster named Clusterl.
• All servers have Pre-Boot Execution Environment (PXE)-compliant network
adapters.
• The servers in the San Francisco office contain neither a recovery partition nor optical
media drives. DFSl and DFS2 are members of the same DFS Replication group. The DFS
namespace is configured to use Windows 2000 Server mode.
The Boston office has no servers. The Boston office connects to the New York office by
using a dedicated hardware VPN device.
The finance department publishes monthly forecast reports that are stored in DFS.
REQUIREMENTS
Business Goals
Lucerne Publishing must minimize administrative costs, hardware costs, software costs, and
development costs, whenever possible.
Planned Changes
All client computers will be upgraded to Windows 7.
A VPN server will be deployed in the main office. All VPN clients must have the latest
Windows updates before they can access the internal network.
You plan to deploy a server that has the Remote Desktop Gateway (RD Gateway) role
service installed.
Technical Requirements

Lucerne Publishing must meet the following technical requirements:
• Upgrade all client computers to Windows 7.
• Minimize Group Policy-related replication traffic.
• Ensure that App1 can be used from client computers that run Windows 7.
• Ensure that users can use App1 when they are disconnected from the network.
• Ensure that you can perform a bare metal recovery of the servers in the San Francisco
office.
• Minimize the amount of time it takes users in the Boston office to log on to their
client computers.
• Ensure that domain administrators can connect remotely to all computers in the
domain through RD Gateway.
• Ensure that file server administrators can access DFS servers and file servers through
the RD Gateway.
• Prevent file server administrators from accessing other servers through the RD
Gateway
Security Requirements
Lucerne Publishing must meet the following security requirements:
• USB storage devices must not be used on any servers.
• The passwords for all user accounts must be changed every 60 days.
• Users must only be able to modify the financial forecast reports on DFSl. DFS2 must
contain a read-only copy of the financial forecast reports.
• All operating system drives on client computers that run Windows 7 must be
encrypted.
• Only approved USB storaqe devices must be used on client computers that run
Windows 7.
###EndCaseStudy###

You need to recommend a solution to ensure that all of the client computers that run Windows 7
meet the company’s security requirements. What should you include in the recommendation?

###BeginCaseStudy###
Case Study: 7