Question:

a) You are using Active Directory Users under Windows Server 2003 and Computers to configure user objects in your domain, and you are able to change the address and telephone number properties of the user object representing yourself. However, the New User command is unavailable to you. What is the most likely explanation?

b) You enable the password complexity policy for your domain under Windows Server 2003. Describe the requirements for passwords, and when those requirements will take effect.

c) A user has forgotten his or her password and attempts to log on several times with an incorrect password. Eventually, the user receives a logon message indicating that the account is either disabled or locked out. The message suggests that the user contact an administrator. What must you do?

d) If your environment consists of two domains, one Windows Server 2003 and one Windows NT 4, what group scopes can you use for assigning permissions on any resource on any domain-member computer?

e) (i) On the network you administer, you maintain a primary DNS server authoritative for the zone lucernepublishing.com under windows Server 2003. You have also deployed two caching-only servers that forward all requests to the primary server. If most of the name queries directed toward the caching-only servers is for names within the lucernepublishing.com domain, which parameter can you modify on the primary server to decrease DNS query traffic between the caching-only servers and the primary server?

(ii) Under what conditions is it not considered secure to host a DHCP server on a domain controller? Why is this setup not secure?