Answers to UAG SP1 DirectAccess Contest Quiz Three-Round One

  • Article

Happy Holidays guys! We got a great response to this weeks quiz and added some new contestants. That’s great! Even with the busy holiday it’s cool to see you all interested in playing and learning more about UAG DirectAccess.

Now for the answers:

===========================================

Question 1:
You must be running IPv6 on your corporate network in order to deploy a UAG DirectAccess server that enables DirectAccess clients to connect to intranet resources from virtually anywhere.
     A.  True
     B. False

The answer to Question 1 is B. When you use the UAG DirectAccess server solution, there are no IPv6 dependencies for resources on the intranet. Because the UAG DirectAccess server includes the NAT64/DNS64 service, all the machines behind the UAG DirectAccess server can be IPv4-only operating systems. When you use the UAG DirectAccess server, the only machine that needs to be Windows Server 2008 R2 on the network is the UAG DirectAccess server. Note that when you use an IPv4-only network behind the UAG DirectAccess server, you will not be able to take advantage of a full “manage-out” deployment. In a full “manage-out” deployment, hosts on the intranet can initiate connections to DirectAccess clients. IPv4-only hosts cannot initiate connections from DirectAccess clients, but DirectAccess clients can initiate connections to IPv4-only hosts on the intranet.

===========================================

Question 2:
You have installed UAG RTM and you want to begin the configuration of the DirectAccess feature. The UAG Management console opens and you are able to see the information on all nodes except for the DirectAccess node in the left pane of the console. When you click on the DirectAccess node in the left pane of the console, you see the following error dialog box:

image
     (Cannot Load the DirectAccess view (0). )

What is a possible cause of this problem?
     A. The NetBIOS name of the UAG server contains more than 15 characters
     B.  In order to configure DirectAccess, you must first install UAG Update 1
     C.  The DirectAccess server is a member of a Windows Server 2003 domain
     D.  A firewall behind the UAG server is blocking the SNA (TCP/UDP 108) protocol

The answer to Question 2 is A. This is an interesting problem that was discovered by Shannon Fritz, which he shared on the TechNet forums and discusses in his blog post over at https://blog.concurrency.com/infrastructure/uag-cannot-load-the-directaccess-view-0/ The solution was to rename the machine so that the host name portion of the FQDN was 15 characters or less.

===========================================
Question 3:
A UAG DirectAccess server must be a domain member. However, the UAG DirectAccess server does not need to be a member of the same forest or domain as the resources that DirectAccess users will connect to. What Active Directory domain functional level is required for the domain that the UAG DirectAccess server belongs to for DirectAccess to work correctly?
     A.  Windows Server 2008 R2
     B.  Windows Server 2008
     C.  Windows Server 2003
     D. None of the above

The answer to Question 3 is D. This is a tricky question. Many of you answered C because you might have read that Windows Server 2003 domain functional level is the minimum domain functional level. I can’t confirm or deny that is true, since it’s not documented anywhere and I suspect that no testing was done with Windows 2000 Server domain functional level. However, regardless of what the minimal domain functional level might be, the question asked which was required. Because you can use any of these domain functional levels in answers A, B and C, none of them are required – you can use any one of them. This makes answer D the correct answer.

===========================================

Leaderboard

image

The race remains pretty close as we enter into the last quiz of the first round. Six contestants are within two points for the lead. Also, note that the zeros you see in the results are due to contestants that didn’t send an entry for that quiz – no one has scored a zero on any of their entries. The blue highlighting on the cell indicates that no entry was received. But you can see that a few of the new entrants have some strong performances and could end up in the top three if any of those near the top decide to take a Christmas vacation for Quiz 4 Smile.

===========================================

I want to thank everyone who participated in Quiz 3, Round 1. Quiz 4 and the last quiz in Round 1 will be posted on December 23, 2010 – so make sure you put that on your calendar so you don’t miss the quiz because if you do, someone behind you might sneak up and take your position!  But even if you don’t end up in the top three, you’ll learn a lot and remember more when you have some “skin in the game”. And then there’s always Round 2. See you then!

===========================================

Thanks!

Tom

Tom Shinder
tomsh@microsoft.com
Knowledge Engineer, Microsoft DAIP iX/Forefront iX
UAG Direct Access/Anywhere Access Group (AAG)
The “Edge Man” blog (DA all the time): https://blogs.technet.com/tomshinder/default.aspx
Follow me on Twitter: https://twitter.com/tshinder
Facebook: https://www.facebook.com/tshinder