Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory Domain Services (AD DS) forest. The forest contains three Active Directory sites named Site1, Site2, and Site3. Each site contains two domain controllers. The sites are connected by using DEFAULTIPSITELINK.
You open a new branch office that contains only client computers.
You need to ensure that the client computers in the new office are primarily authenticated by the domain controllers in Site1.
Solution: You create a new site named Site4 and associate Site4 to DEFAULTSITELINK.
Does this meet the goal?
Click on the arrows to vote for the correct answer
A. B.B
The solution presented in the question appears to be a viable option to meet the stated goal of ensuring that the client computers in the new branch office are primarily authenticated by the domain controllers in Site1. Here's why:
By creating a new site named Site4 and associating it with the DEFAULTIPSITELINK, the site will become a part of the Active Directory site topology. When a new client computer is joined to the domain, it will attempt to locate a domain controller to authenticate with. The computer will use the site topology information to determine which domain controller to authenticate with, based on the closest available domain controller to its location.
With the new Site4 created and linked to DEFAULTIPSITELINK, the clients in the new office will automatically attempt to authenticate with the domain controllers in Site4. However, since Site4 is linked to DEFAULTIPSITELINK, which already connects Site1, Site2, and Site3, the authentication requests from Site4 will also be forwarded to the domain controllers in the other sites as well. This ensures that the authentication requests from Site4 are not ignored, and the clients are still able to authenticate even if the domain controllers in Site4 are unavailable.
However, the solution presented in the question only ensures that the client computers in the new branch office are primarily authenticated by the domain controllers in Site1. It does not guarantee that authentication requests will always be serviced by the domain controllers in Site1. If the domain controllers in Site1 are unavailable, the authentication requests will be serviced by domain controllers in the other sites.
Therefore, while the solution presented in the question is a viable option to meet the stated goal, it is not a complete solution to ensure that the client computers in the new branch office are always authenticated by the domain controllers in Site1. If this is a requirement, additional steps, such as adjusting the site link costs or modifying the site link bridging, may need to be taken to achieve this.