n673714486_172341_8389[1] A fail and then a pass

Hey there, how’s it going? It’s Andrew again. I’m sorry for the delay; I’ve been studying very hard indeed for my last exam, which I am glad to say that I passed, but not before failing it. Yes, that’s right; your humble bloggist failed an exam. It was the 70-294 exam: “Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.” I was so shocked and upset; I'm sure you can understand.

If you’ve ever failed an exam, especially a Microsoft one, it can make you feel quite down. On the plus side, you do get a very encouraging email from Microsoft saying “Bad luck, have another go,” but this only served to make me feel worse: I just felt like a failure. Which I guess I was! You also get a feeling that if only you had just answered one or two questions differently, maybe you’d have passed. This is dangerous thinking: there’s no point thinking it, and also it doesn’t change the facts or the result.

Luckily on your result print-out you get a detailed analysis of how you fared in each of the exam criteria, which gives you an idea of where you should focus your studies if you want to pass.

I spent the next 2 weeks studying all hours I could, even whilst bent double on the tube (London’s underground metro/subway system). I was very grateful for some feedback from a couple of you out there, including a Microsoft employee, who offered some very useful (and challenging) advice, which I will share with you:

  1. Get the “Measure Ups.” I’ve been using the Microsoft Press Self-Paced Training Kit books for all my Microsoft exams, but one thing to note with a book that was published over 5 years ago is that the practice questions that come with it are going to be quite different to the questions you will actually get in your exam because Microsoft is always updating the questions in the light of technology changes and software revisions (e.g., Service Packs 1 and 2, and R2). I’m sure Microsoft won’t mind me mentioning MeasureUp.com, which currently has a 40% discount offer on their practice tests, using code “MUP1009”, which expires at the end of October 2009, so hurry!
  2. Get to know and love structural/architectural diagrams of Active Directory, including the triangles for domains, circles for Organisational Units, etc. They use these liberally in the exam and if you’re not 100% happy with this visual convention, you will be at a disadvantage. I’ll be honest: when I used to see these diagrams I was put in mind of Quality Street, especially the “Noisette Triangle” for domains! But this is the way to represent the various components of Active Directory and that’s that! I first of all downloaded the Microsoft Active Directory Topology Diagrammer, and second I availed myself of the Windows Server TechCenter pages, including this article, “Active Directory Logical Structure Background Information.”
  3. Set-up a virtual lab. When my peers were studying for their MCSE exams on Windows 2000 and 2003 a few years ago, they had to find spare hardware to install trial versions of Windows Server on, but now, we can all easily make study labs using virtualisation, so there’s no excuse for us now! I made a small study lab comprising a couple of sites, a couple of domains, and a few domain controllers, and then I did all the practices from the books. This was invaluable in my studies and I highly recommend this to you for the “70-294” exam in particular, as in my opinion it is the exam that most closely focuses on your real-life abilities.

I’d also like to mention something that a very intelligent man once told me about Microsoft exams—if you’re reading this, you’ll know who you are—which is that everyone can have good days and bad days and that the exams can measure only how well you’re doing on the day you take it. So, study as hard as you can so that you’re prepared for the toughest questions, but if you fail, nothing’s changed: you’re still the same and you’ve passed exams before and you can pass them again. This helped me no end.

Onwards to the prize: the MCSE...

I’m now studying for the 70-297 exam, “Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure.” This is the last exam required for me to gain the coveted Microsoft Certified Systems Engineer qualification, and with it another colourful certificate signed by Steve Ballmer!

This is proving to be the most in-depth exam yet in the sense that while it doesn’t delve into the exactitudes of how to perform technical operations, it requires that you know how to perform operations *and* decide when it is appropriate given the current environment and given specific future requirements.

Also, if the practice tests from the Microsoft Press book—MCSE Self-Paced Training Kit (Exam 70-297): Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure—and “Measure Ups” are anything to go by, the exam is way different to any that I have done before: it looks like there will be a certain number of sections each with a case study and there are a number of questions pertaining to that case study, which means reading and understanding the current environment, interviews with key personnel, and future requirements and then answering questions about what to do based upon all this information.

Even if the questions are all ABCD multiple choice (I don’t know if they are, I’m just saying “if”), that is still quite a tall order. But it is obviously much more in line with real-world scenarios, preparing you to one day become a consultant who can come into an organisation and clearly understand the current environment and design the infrastructure based on business and technical requirements.

I’m only on Chapter 5 of the book so far, and already I’ve been challenged to think about the current environment at my company. We have a small, single-forest, single-domain set-up, which is obviously the simplest way of doing things and according to the book this is the most common implementation in the real world. There is a common theme to the book: “keep it simple.”

It advocates aiming for single-forest, single-domain and then adding domains and forests only if you can justify it. This is a great way of looking at things. Rather than just say, OK, we have three locations—London, Tokyo, and New York—so let’s have three domains—lon.contoso.com, tyo.contoso.com, and ny.contoso.com—the advice is to look and see whether there are specific requirements for more than one domain.

For your information, some of the criteria for having more than one domain are:

  • You need to implement different domain-level security policies, such as password policies or account lockout policies: I need to remember I’m talking about Windows Server 2003, as you may or may not know that this limitation has now been removed from Windows Server 2008.
  • You need to provide decentralised administration.
  • You need to optimise replication across WAN links more than you can with sites.
  • You need to provide different namespaces.
  • You need to retain existing Windows NT domains.
  • You want to put the Schema master in a different domain to account or resource domains.

So now you know.

I’ve been forced to really think about the structure of sites, subnets, Organisational Units, Security Groups, and domain controllers/global catalog servers as well. And it’s fair to say that in all respects my current environment is not as simple as it could be. So, I’m now working on a plan to simplify the environment based on this newly found “Keep it simple” attitude.

I’m allowing myself more time for this exam as I don’t think it’s a good use of my money to take an exam and fail it. I will let you know how I do in the post after next as I plan to take it in about 3 weeks. As ever, please get in touch if you have any questions or comments.