Scenario: A Citrix Architect is reviewing a XenApp and XenDesktop design for an environment with multiple Active Directory forests.
Click the Exhibit button to view the design details.
Which risk should the architect highlight to the customer, based on the details listed in the Exhibit?
The risk highlighted in the scenario involves the DNS lookup strategy. In an Active Directory environment with multiple forests, using only DNS forward lookup zones may not be sufficient for ensuring proper name resolution, especially when there are trust relationships between the forests. DNS forwarders or conditional forwarders are typically required to resolve names across different forests correctly. Without proper DNS configuration, communication between components across the forests may fail, leading to issues in the environment.
On second thoughts: maybe Stoebi is right. - The SupportMultipleForest registry key is supported. - he Active Directory trust method is supported. - The Active Directory functional level is supported? -The DNS lookup strategy is supported? https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/system-requirements.ht Citrix documentation mention that Windows 2000 native level is support. So it's not C. DNS: In an Active Directory environment with multiple forests, if one-way or two-way trusts are in place, you can use DNS forwarders for name lookup and registration. - Use DNS forwarders for name lookup and registration. - Reverse DNS zones are not necessary if forwarders are in place. - Reverse DNS necessary if your DNS namespace is different than that of Active Director Situation did't use conditional forwarder but forward lookup zone, so maybe Reverse DNS zones is necessary...
According to https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/system-requirements.html the Windows 2000 native level is support. But for the registration the DDC wnats to make a connection to the fqdn of the vda. But if he cannot resolf the fqdn of the VDA the registration fails.
The diagram is kind of gave it away (DNS forward lookup ONLY). Yes, DNS forwarder to other DNS zone is required, or no communication via hostname can be established between forests. D is definitely the answer. (I have had experienced with this setup for my client)
C is correct: The minimum requirement for XenDesktop to work successfully with Active Directory (AD) is that the domain controllers must run on a server whose operating system is Windows Server 2003 or later. This does not affect the domain functional level, which can still be Windows 2000 native or higher. Multiple Forest with 2 way or 1 way trust: The following diagram illustrates XenDesktop deployment in a Multi-Forest Deployment. This is where the DDC is in a different Active Directory forest and the end users and desktops can be either in the same forest or in a separate Active Directory forest. Note: For Forest trusts, both Forests must be in Win2003 Forest Functional Level. https://support.citrix.com/article/CTX134971
I'd go with C. I can't ignore "Note: For Forest trusts, both Forests must be in Win2003 Forest Functional Level."