SlideShare a Scribd company logo

Windows server Interview question and answers

Download as DOCX, PDF
A
Availity Fore Support Services pvt ltd

Windows server Interview question and answers

Technology
1 of 10
1. What is Active Directory? Active DirectoryisaMeta Data. Active Directoryisadata base whichstoresa data base like youruser information,computerinformationandalsoothernetworkobjectinfo.Ithascapabilitiestomanage and administerthe complete Networkwhichconnect withAD. Active Directory directory service is an extensible and scalable directory service that enables you to manage network resources efficiently. Active Directory is directory service that stores information about objects on a network and makes this information available to users and network administrators. Active Directory gives network users access to permitted resources anywhere on the network using a single logon process. It provides network administrators with an intuitive, hierarchical view of the network and a single point of administration 3for all network objects 2. What is LDAP? LDAP(lightweightdirectory accessprotocol) isaninternetprotocol whichEmail andotherservicesis usedto lookupinformationfromthe server. 3. What is the Global Catalog? The global catalogisa distributeddatarepositorythatcontainsasearchable,partial representationof everyobjectineverydomaininamultidomainActive Directoryforest.The global catalogisstoredon domaincontrollersthathave beendesignatedasglobal catalogserversandisdistributedthrough multimasterreplication.Searchesthatare directedtothe global catalogare fasterbecause theydonot involve referralstodifferentdomaincontrollers. Global Catalog Server is basically a container where you put the same type of member, computer etc and applied the policies and security on the catalog server in place of individual user or computer 4. What is the KCC? KCC ( knowledgeconsistencychecker) isusedto generate replicationtopologyforintersite replication and forintrasite replication.With inasite replicationtrafficisdone viaremote procedure callsoverip, while betweensiteitisdone througheitherRPCorSMTP 5. What is the SYSVOL folder? The sysVOL folder stores the server’s copy of the domain’s public files. The contents such as group policy, users etc of the sysvol folder are replicated to all domain controllers in the domain. The sysvol folder must be located on an NTFS volume. 6. Where is the AD database held? What other folders are related toAD? The AD data base is store in NTDS.DIT. 7. What is the ISTG? Who has that role by default?
Windows 2000 Domain controllers each create Active Directory Replication connection objects representing inbound replication from intra-site replication partners. For inter-site replication, one domain controller per site has the responsibility of evaluating the inter-site replication topology and creating Active Directory Replication Connection objects for appropriate bridgehead servers within its site. The domain controller in each site that owns this role is referred to as the Inter-Site Topology Generator (ISTG). 8. What is LDP? What is REPLMON? What is ADSIEDIT? What is NETDOM? What is REPADMIN? LDP: Label Distribution Protocol (LDP) is often used to establish MPLS LSPs when traffic engineering is not required. It establishes LSPs that follow the existing IP routing, and is particularly well suited for establishing a full mesh of LSPs between all of the routers on the network. Replmon: Replmon displays information about Active Directory Replication. ADSIEDIT: ADSIEdit is a Microsoft Management Console (MMC) snap-in that acts as a low-level editor for Active Directory. It is a Graphical User Interface (GUI) tool. Network administrators can use it for common administrative tasks such as adding, deleting, and moving objects with a directory service. The attributes for each object can be edited or deleted by using this tool. ADSIEdit uses the ADSI application programming interfaces (APIs) to access Active Directory. The following are the required files for using this tool: ADSIEDIT.DLL ADSIEDIT.MSC NETDOM: NETDOM is a command-line tool that allows management of Windows domains and trust relationships. It is used for batch management of trusts, joining computers to domains, verifying trusts, and secure channels. REPADMIN: This command-line tool assists administrators in diagnosing replication problems between Windows domain controllers.Administrators can use Repadmin to view the replication topology (sometimes referred to as RepsFrom and RepsTo) as seen from the perspective of each domain controller. In addition, Repadmin can be used to manually create the replication topology (although in normal practice this should not be necessary), to force replication events between domain controllers, and to view both the replication metadata and up-to-dateness vectors. 9. How to take backup of AD ? 1.for taking backup of active directory you have to do this : first go to START -> PROGRAM ->ACCESORIES -> SYSTEM TOOLS -> BACKUP when the backup screen is flash then take the backup of SYSTEM STATE it will take the backup of all the necessary information about the systemincluding AD backup , DNS ETC. 2. Commond with administrator wbadmin start systemstatebackup backuptarget:D 10. How to restore the AD ? 1. START -> PROGRAM ->ACCESORIES -> SYSTEM TOOLS -> RESTORE 2. Restart server  F8 restore Active Directory Domain services 11. What is the ISTG? Who has that role by default? Inter-Site Topology Generator (istg) is responsible for managing the inbound replication
connection objects for all bridgehead servers in the site in which it is located. This domain controller is known as the Inter-Site Topology Generator (ISTG). The domain controller holding this role may not necessarily also be a bridgehead server. 12. What are the DS* commands You really are spoilt for choice when it comes to scripting tools for creating Active Directory objects. In addition to CSVDE, LDIFDE and VBScript, we now have the following DS commands: the da family built in utility DSmod - modify Active Directory attributes DSrm - to delete Active Directory objectsDSmove - to relocate objectsDSadd - create new accountsDSquery - to find objects that match your query attributesDSget - list the properties of an object 13. What’s the difference between LDIFDE and CSVDE? Usage considerations? CSVDE is a command that can be used to import and export objects to and from the AD into a CSV-formatted file. A CSV (Comma Separated Value) file is a file easily readable in Excel. I will not go to length into this powerful command, but I will show you some basic samples of how to import a large number of users into your AD. Of course, as with the DSADD command, CSVDE can do more than just import users. Consult your help file for more info. Like CSVDE, LDIFDE is a command that can be used to import and export objects to and from the AD into a LDIF-formatted file. A LDIF (LDAP Data Interchange Format) file is a file easily readable in any text editor, however it is not readable in programs like Excel. The major difference between CSVDE and LDIFDE (besides the file format) is the fact that LDIFDE can be used to edit and delete existing AD objects (not just users), while CSVDE can only import and export objects. 14. What is tombstone lifetime attribute? The number of days before a deleted object is removed from the directory services. This assists in removing objects from replicated servers and preventing restores from reintroducing a deleted object. This value is in the Directory Service object in the configuration NIC. You want to standardize the desktop environments (wallpaper, My Documents, Start menu, printers etc.) on the computers in one department. How would you do that? How it is possible 15. What are the requirements for installing AD on a new server? The Domain structure2)The Domain Name3)storage location of the database and log file4)Location of the shared system volume folder5)DNS config Methode6)DNS configuration 16. What are application partitions? When do I use them? An application directory partition is a directory partition that is replicated only to specific domain controller. Only domain controller running windows Server 2003 can host a replica of application directory partition. Using an application directory partition provides redundancy, availability or fault tolerance by replicating data to specific domain controller pr any set of domain controllers anywhere in the forest
17. You want to standardize the desktop environments (wallpaper, My Documents, Start menu, printers etc.) on the computers in one department. How would you dothat? How it is possible. Login on client as Domain Admin user change whatever you need add printers etc go to system-User profiles copy this user profile to any location by select everyone in permitted to use after copy change ntuser.dat to ntuser.man and assign this path under user profile 18. How do you create a new application partition? Use the DnsCmd command to create an application directory partition. To do this, use the following syntax: DnsCmd ServerName /CreateDirectoryPartition FQDN of partition Global catalog provides a central repository of domain information for the forest by storing partial replicas of all domain directory partitions. These partial replicas are distributed by multimaster replication to all global catalog servers in a forest. 19. How do you view all the GCs in the forest? C:>repadmin /showreps domain controller where domain controller is the DC you want to query to determine whether it’s a GC. The output will include the text DSA Options: IS_GC if the DC is a GC. . . . 20. Trying to look at the Schema, how can I do that type “adsiedit.msc” in run or command prompt 21. Can you connect Active Directory toother3rd-party Directory Services? Name a few options. Yes, you can use dirXML or LDAP to connect to other directories In Novell you can use E-directory 22. How do you change the DS Restore admin password? A. In Windows 2000 Server, you used to have to boot the computer whose password you wanted to change in Directory Restore mode, then use either the Microsoft Management Console (MMC) Local User and Groups snap-in or the command net user administrator * to change the Administrator password. Win2K Server Service Pack 2 (SP2) introduced the Setpwd utility, which lets you reset the Directory Service Restore Mode password without having to reboot the computer. (Microsoft refreshed Setpwd in SP4 to improve the utility’s scripting options.) In Windows Server 2003, you use the Ntdsutil utility to modify the Directory Service Restore Mode Administrator password. To do so, follow these steps: 1. Start Ntdsutil (click Start, Run; enter cmd.exe; then enter ntdsutil.exe). 2. Start the Directory Service Restore Mode Administrator password-reset utility by entering the argument “set dsrm password” at the ntdsutil prompt: ntdsutil: set dsrm password
3. Run the Reset Password command, passing the name of the server on which to change the password, or use the null argument to specify the local machine. For example, to reset the password on server thanos, enter the following argument at the Reset DSRM Administrator Password prompt: Reset DSRM Administrator Password: reset password on server thanos To reset the password on the local machine, specify null as the server name: Reset DSRM Administrator Password: reset password on server null 4. You’ll be prompted twice to enter the new password. You’ll see the following messages: 5. Please type password for DS Restore Mode Administrator Account: 6. Please confirm new password: Password has been set successfully. 7. Exit the password-reset utility by typing “quit” at the following prompts: 8. Reset DSRM Administrator Password: quit ntdsutil: quit 23. What are Group Policy objects (GPOs)? Group Policy objects, other than the local Group Policy object, are virtual objects. The policy setting information of a GPO is actually stored in two locations: the Group Policy container and the Group Policy template. The Group Policy container is an Active Directory container that stores GPO properties, including information on version, GPO status, and a list of components that have settings in the GPO. The Group Policy template is a folder structure within the file system that stores Administrative Template-based policies, security settings, script files, and information regarding applications that are available for Group Policy Software Installation. The Group Policy template is located in the systemvolume folder (Sysvol) in the Policies subfolder for its domain. 24. What is the order in which GPOs are applied ? Group Policy settings are processed in the following order: 1. Local Group Policy object—Each computer has exactly one Group Policy object that is stored locally. This processes for both computer and user Group Policy processing. 2. Site—Any GPOs that have been linked to the site that the computer belongs to are processed next. Processing is in the order that is specified by the administrator, on the Linked Group Policy Objects tab for the site in Group Policy Management Console (GPMC). The GPO with the lowest link order is processed last, and therefore has the highest precedence. 3. Domain—Processing of multiple domain-linked GPOs is in the order specified by the administrator, on the Linked Group Policy Objects tab for the domain in GPMC. The GPO with the lowest link order is processed last, and therefore has the highest precedence. 4. Organizational units—GPOs that are linked to the organizational unit that is highest in the Active Directory hierarchy are processed first, then GPOs that are linked to its child
organizational unit, and so on. Finally, the GPOs that are linked to the organizational unit that contains the user or computer are processed. At the level of each organizational unit in the Active Directory hierarchy, one, many, or no GPOs can be linked. If several GPOs are linked to an organizational unit, their processing is in the order that is specified by the administrator, on the Linked Group Policy Objects tab for the organizational unit in GPMC. The GPO with the lowest link order is processed last, and therefore has the highest precedence. This order means that the local GPO is processed first, and GPOs that are linked to the organizational unit of which the computer or user is a direct member are processed last, which overwrites settings in the earlier GPOs if there are conflicts. (If there are no conflicts, then the earlier and later settings are merely aggregated.) 25. What is LDAP? Lightweight Directory Access Protocol LDAP isa set of protocol usedforprovidingaccessto information directories. What are the standard port numbers for SMTP, POP3, IMAP4, RPC, LDAP and Global Catalog? - SMTP – 25, POP3 – 110, IMAP4 – 143, RPC – 135, LDAP – 389, Global Catalog - 3268 29. What are main differences between WINS and DNS? WINS: - It is used to resolve IP address into netbios Vice versa it is used prior version of win 2000 DNS:-It is used to resolve IP address into host name. Vice versa it is used in 2000, XP, 2003 server Advantages of WINS: WINS will be really helpful in a multidomain environment where in user’s would need to access many of the resources in different domains, rather than adding different DNS suffixes of each domain on the local machine. WINS is the best option. But i could also say WINS is not as stable as DNS. 30. What is a defaultgateway? The exit-pointfromone networkandentry-wayintoanothernetwork,oftenthe router Of the network. 31. How do you seta defaultroute on an IOS Cisco router? iproute 0.0.0.0 0.0.0.0 x.x.x.x [where x.x.x.x representsthe destinationaddress] 32. What is the difference between a domain local group and a global group? Domain local groups grant permissions to objects within the domain in which the reside. Global groups contain grant permissions tree or forest wide for any objects within the Active Directory. 33. What tool have you usedto create and analyze packet capture?
Network MonitorinWin2K / Win2K3,Ethereal inLinux,OptiView SeriesII(byFluke Networks). 34. What is the significance ofthe IP address 255.255.255.255? The limitedbroadcastaddressisutilizedwhenanIPnode mustperforma one-to-everyone deliveryon the local networkbutthe networkID isunknown. 35. What Is Tree? Tree is a hierarchical arrangementof windowsDomainthatshare acontiguousname space. 36. What Is Domain? Domainislogical groupof networkobjects. 37. What Is Schema? Active directoryschemaisthe setof definitionsthatdefine the kindsof objectandthe type of informationaboutthose objectsthatcanbe storedinActive Directory Active directoryschemaisCollectionof objectclassandthere attributes ObjectClass = User Attributes=firstname,lastname,email,andothers 38. Tel Me about the Fsmo Roles? SchemaMaster DomainNamingMaster Infrastructure Master RID Master PDC SchemaMaster and DomainNamingMasterare forestwide role andonlyavailableone oneachForest, Otherrolesare Domainwide andone for each Domain. AD replicationismulti masterreplicationandchange canbe done inanyDomainControllerandwill get replicatedtoothersDomainControllers,exceptabove file roles,thiswill be flexible singlemaster operations(FSMO),these changesonlybe done ondedicatedDomainControllersoit’ssingle master replication. 39. How To Check WhichServerHolds WhichRole? NetdomqueryFSMO. 40. Tel Me About Active Directory Database And List The Active Directory Database Files? NTDS.DIT EDB.Log EDB.Che Res1.logandRes2.log All ADchangesdidn’twrite directlytoNTDS.DITdatabase file,firstwrite toEDB.Logand fromlog file to database,EDB.Che usedtotrack the database update fromlogfile,toknow whatchangesare copiedto database file. NTDS.DIT:NTDS.DIT isthe AD database and store all AD objects,Defaultlocationisthe %system root%nrdsnrds.dit,ActiveDirectorydatabase engine isthe extensible storage enginewhichusbasedon the Jetdatabase EDB.Log: EDB.Log isthe transactionlogfile whenEDB.Logisfull,itisrenamedtoEDB Num.logwhere numis the increasingnumberstartingfrom1,like EDB1.Log
EDB.Che:EDB.Che isthe checkpointfileusedtotrace the data not yetwrittentodatabase file this indicate the startingpointfromwhichdatais to be recoveredfromthe logfile incase if failure Res1.logandRes2.log: Resis reservedtransactionlogfilewhichprovide the transactionlogfile enough time to shutdownif the diskdidn’thave enoughspace. 41. What Is Use Active Directory Partitions?And How To Find The Active Directory PartitionsAnd There Location? SchemaPartition – It store detailsaboutobjectsandattributes.Replicatestoall domaincontrollersin the Forest DN locationisCN=Schema,CN=Configuration,DC=Domainname,DC=com ConfigurationPartition –It store detailsaboutthe ADconfigurationinformationlike,Site,site-link, subnetandotherreplicationtopologyinformation.Replicatestoall domaincontrollers inthe Forest DN LocationisCN=Configuration,DC=Domainname,DC=com DomainPartitions –objectinformationforadomainlike user,computer,group,printerandother Domainspecificinformation.Replicatestoall domaincontrollerswithinadomain DN LocationisDC=Domainname,DC=com ApplicationPartition – informationaboutapplicationsinActiveDirectory.Like ADintegratedDNSis usedthere are two applicationpartitionsforDNSzones –ForestDNSZonesandDomainDNSZones,see more 42. Active Directory RestoresTypes? Authoritative restore Non-authoritativerestore 43. How Many Domain ControllersNeedTo Back Up?Or which Domain ControllersTo Back Up? Minimumrequirementistobackup two domaincontrollersineachdomain,one shouldbe an operations masterrole holderDC,no needtobackupRID Master (relative ID) because RIDmaster shouldnotbe restored. 44. Can We Restore Backup Of Domain ControllerTo Other/differentDomainController? Backup of one domaincontrollercan’tbe restoringtootherdomaincontroller,shouldbe restoredto same domaincontroller. 45. What Are GroupPolicies? Group policiesspecifyhowprograms,networkresources,andthe operatingsystemworkforusersand computersinan organization.Theyare collectionsof user andcomputerconfigurationsettingsthatare appliedonthe usersandcomputers(noton groups).Forbetteradministrationof grouppoliciesinthe Windowsenvironment,the grouppolicyobjects(GPOs)are used. 46. What Is Non-local Policy? Non-local GPOs are usedto control policiesonanActive Directory-basednetwork.A Windows 2000/2003 serverneedstobe configuredasa domaincontrolleronthe networktouse a non-local GPO. The non-local GPOsmustbe linkedtoa site,domain,ororganizational unit (OU) toapplygrouppolicies to the useror computerobjects. The non-local GPOsare storedin%systemroot%SYSVOLPOLICIESADM,where isthe GPO’sglobally unique identifier.Twonon-local GPOsare createdbydefaultwhenthe Active Directoryisinstalled:
1. DefaultDomainPolicy:ThisGPOislinkedtothe domainandit affectsall usersandcomputersinthe domain. 2. DefaultDomainControllersPolicy:ThisGPOislinkedtothe DomainControllersOUand itaffectsall domaincontrollersplacedinthisOU.Multiple GPOs. 47. What Is No Override?Block PolicyInheritance? The followingare the exceptionswithregardtothe above-mentionedsettings: No Override: AnyGPO can be setto NoOverride.If the NoOverride configurationissettoa GPO,no policy configuredinthe GPOcan be overridden.If more thanone GPO hasbeensetto No Override,thenthe one that isthe highestinthe Active Directoryhierarchytakesprecedence BlockPolicyInheritance: The Block PolicyInheritanceoptioncanbe appliedtothe site,domain,orOU.It deflectsall grouppolicy settingsthatreachthe site,domain,orOU fromthe objecthigherinthe hierarchy.However,the GPOs configuredwiththe NoOverride optionare alwaysapplied. 48. FollowingAre The RulesRegarding Group PolicyInheritance: A policysettingisconfigured(EnabledorDisabled) foraparentOU, and the same policysettingisnot configuredforitschildOUs.The childOUsinheritthe parent’spolicy A policysettingisconfigured(EnabledorDisabled) for aparentOU, and the same policysettingis configuredforitschildOUs.The childOUssettingsoverride the settingsinheritedfromthe parent’sOU If any policyisnot configured,noinheritance takesplace Compatible policysettingsconfiguredatthe parentandchildOUs are accumulated. Incompatible policysettingsfromthe parentOUare not inherited 49. What Is NetlogonFolder? Netlogonfolder containlogon/logoff/startup/shutdownscriptswhichisinside the Sysvolfolder. 50. What Is DNS Scavenging? DNS Scavengingistocleanupandremoval of stale DNSrecords,like housekeepingactivitytodelete unwantedorunusedDNSentriesinDNSserver/zone,itonlycleanupthe dynamicDNSrecordnotthe record createdmanually. 51. What Is Dynamic Dns Record? The record createddynamicallybyclient/serveronDNSzone,automaticallyaddedtozoneswhen computersstart onthe network. 52. How to Force The Dns Dynamic Update? Simple wayisrestartthe systemwhichtriggerthe DNSDynamicUpdate,we can user the below commandto force DNS DynamicUpdate Ipconfig/registerdns You can alsorestart the netlogonservice onservice.msc 53. If Dns Dynamic Updates Not WorkingWhat Are The Checks NeedsTo Do? Checkthe primaryDNS configurationonthe system,PrimaryDNSservershouldbe reachable fromclient inorder to registerDNSrecord.
RegisterthisconnectionsaddressesinDNSshouldbe selectedonnetworkcardproperties(advance optionswhere youconfigure the IPAddress). AlsoCheckthe DHCP configurationif the managedthroughDHCP. 54. What Are PrerequisitesToDo The Dns Scavenging? Scavengingmustbe enabledonDNSserverandonthe zone youwantto scavenging. DNS recordsmustbe dynamicallyaddedtozonesoryou can manuallymodifiedthe timestamp configuration. 55. What Is ScavengingPeriod? Defaultvalue forScavengingissevendays(the minimumallowedvalue forthisisone hour) scavengingtime onDNSzone isthe serverto determine whenazone becomesavailableforscavenging So 7 + 7, every14 days 56. WhenThe Record RefreshesHappen?(dynamicUpdatesOf Record)? EveryDNS recordtime stampbeenupdatedWhile the time of computerrestart A periodicrefreshissentbythe computerevery24hours. Networkservicesmake refreshattempts, like DHCPservers,whichrenew clientaddress,clusterservers, whichregisterandupdate recordsfora cluster,andthe NetLogonservice,whichcanregisterand update resource recordsthatare usedby ADdomaincontrollersSothatthe recordnot taken as a stale DNS record. 57. What Is ScavengingServers?Is Dns ScavengingConfiguredInAll Domain Controllers? Notall DNSserversare Scavengingservers,youcanconfigure/promoteDNSservertoScavenging servers. Zone parameteronadvancedsettingsthat enablesyoutospecifyarestrictedlistof IPaddressesforDNS serversthatare enabledtoperformscavenging.

Recommended

Active directory domain administration tools
Active directory domain administration toolsActive directory domain administration tools
Active directory domain administration tools
Imran Khan
 
active-directory-domain-services
active-directory-domain-servicesactive-directory-domain-services
active-directory-domain-services
202066
 
What is active directory
What is active directoryWhat is active directory
What is active directory
rajasekar1712
 
Domain Controller Critical Services
Domain Controller Critical ServicesDomain Controller Critical Services
Domain Controller Critical Services
Jani Sabtriady
 
Ctive directory interview question and answers
Ctive directory interview question and answersCtive directory interview question and answers
Ctive directory interview question and answers
sankar palla
 
Introduction_of_ADDS
Introduction_of_ADDSIntroduction_of_ADDS
Introduction_of_ADDS
Harsh Sethi
 
Active directory interview_questions
Active directory interview_questionsActive directory interview_questions
Active directory interview_questions
subhashmr
 
Activedirecotryfundamentals
ActivedirecotryfundamentalsActivedirecotryfundamentals
Activedirecotryfundamentals
Shekhar Singh
 

Recommended

Active directory domain administration tools
Active directory domain administration toolsActive directory domain administration tools
Active directory domain administration tools
Imran Khan
 
active-directory-domain-services
active-directory-domain-servicesactive-directory-domain-services
active-directory-domain-services
202066
 
What is active directory
What is active directoryWhat is active directory
What is active directory
rajasekar1712
 
Domain Controller Critical Services
Domain Controller Critical ServicesDomain Controller Critical Services
Domain Controller Critical Services
Jani Sabtriady
 
Ctive directory interview question and answers
Ctive directory interview question and answersCtive directory interview question and answers
Ctive directory interview question and answers
sankar palla
 
Introduction_of_ADDS
Introduction_of_ADDSIntroduction_of_ADDS
Introduction_of_ADDS
Harsh Sethi
 
Active directory interview_questions
Active directory interview_questionsActive directory interview_questions
Active directory interview_questions
subhashmr
 
Activedirecotryfundamentals
ActivedirecotryfundamentalsActivedirecotryfundamentals
Activedirecotryfundamentals
Shekhar Singh
 
70 640 Lesson01 Ppt 041009
70 640 Lesson01 Ppt 04100970 640 Lesson01 Ppt 041009
70 640 Lesson01 Ppt 041009
Coffeyville Community College
 
MCITP
MCITPMCITP
MCITP
Naqib Khan
 
Active Directory Training
Active Directory TrainingActive Directory Training
Active Directory Training
Nishad Sukumaran
 
Active Directory
Active Directory Active Directory
Active Directory
Sandeep Kapadane
 
Windows Server 2008 Active Directory Guide
Windows Server 2008 Active Directory GuideWindows Server 2008 Active Directory Guide
Windows Server 2008 Active Directory Guide
webhostingguy
 
Hadoop
HadoopHadoop
Hadoop
Shahbaz Sidhu
 
OSCh16
OSCh16OSCh16
OSCh16
Joe Christensen
 
70 640 Lesson04 Ppt 041009
70 640 Lesson04 Ppt 04100970 640 Lesson04 Ppt 041009
70 640 Lesson04 Ppt 041009
Coffeyville Community College
 
Mcitp course details
Mcitp course detailsMcitp course details
Mcitp course details
cisco training
 
What is active directory
What is active directoryWhat is active directory
What is active directory
Adeel Khurram
 
Introduction to Active Directory
Introduction to Active DirectoryIntroduction to Active Directory
Introduction to Active Directory
thoms1i
 
Active directory ii
Active directory iiActive directory ii
Active directory ii
deshvikas
 
Mcse 2012
Mcse 2012Mcse 2012
Mcse 2012
Mohammed Zainul Abiddin
 
Directory services by SAJID
Directory services by SAJIDDirectory services by SAJID
Directory services by SAJID
Sajid khan
 
Rdbms Practical file diploma
Rdbms Practical file diploma Rdbms Practical file diploma
Rdbms Practical file diploma
mustkeem khan
 
Active directory and application
Active directory and applicationActive directory and application
Active directory and application
aminpathan11
 
Active directory
Active directoryActive directory
Active directory
gunakhan
 
Active directory
Active directory Active directory
Active directory
deshvikas
 
Active Directory
Active DirectoryActive Directory
Active Directory
Jessica Henderson
 
Server interview[1]
Server interview[1]Server interview[1]
Server interview[1]
sourav nanda
 
Windows sys admin interview questions
Windows sys admin interview questionsWindows sys admin interview questions
Windows sys admin interview questions
Student
 
Server 2008 r2 ppt
Server 2008 r2 pptServer 2008 r2 ppt
Server 2008 r2 ppt
Raj Solanki
 

More Related Content

What's hot

Windows Server 2008 Active Directory Guide
Windows Server 2008 Active Directory GuideWindows Server 2008 Active Directory Guide
Windows Server 2008 Active Directory Guide
webhostingguy
 
Active directory ii
Active directory iiActive directory ii
Active directory ii
deshvikas
 
Active directory
Active directoryActive directory
Active directory
gunakhan
 
Active directory
Active directory Active directory
Active directory
deshvikas
 

What's hot (18)

70 640 Lesson01 Ppt 041009
70 640 Lesson01 Ppt 04100970 640 Lesson01 Ppt 041009
70 640 Lesson01 Ppt 041009
 
MCITP
MCITPMCITP
MCITP
 
Active Directory Training
Active Directory TrainingActive Directory Training
Active Directory Training
 
Active Directory
Active Directory Active Directory
Active Directory
 
Windows Server 2008 Active Directory Guide
Windows Server 2008 Active Directory GuideWindows Server 2008 Active Directory Guide
Windows Server 2008 Active Directory Guide
 
Hadoop
HadoopHadoop
Hadoop
 
OSCh16
OSCh16OSCh16
OSCh16
 
70 640 Lesson04 Ppt 041009
70 640 Lesson04 Ppt 04100970 640 Lesson04 Ppt 041009
70 640 Lesson04 Ppt 041009
 
Mcitp course details
Mcitp course detailsMcitp course details
Mcitp course details
 
What is active directory
What is active directoryWhat is active directory
What is active directory
 
Introduction to Active Directory
Introduction to Active DirectoryIntroduction to Active Directory
Introduction to Active Directory
 
Active directory ii
Active directory iiActive directory ii
Active directory ii
 
Mcse 2012
Mcse 2012Mcse 2012
Mcse 2012
 
Directory services by SAJID
Directory services by SAJIDDirectory services by SAJID
Directory services by SAJID
 
Rdbms Practical file diploma
Rdbms Practical file diploma Rdbms Practical file diploma
Rdbms Practical file diploma
 
Active directory and application
Active directory and applicationActive directory and application
Active directory and application
 
Active directory
Active directoryActive directory
Active directory
 
Active directory
Active directory Active directory
Active directory
 

Similar to Windows server Interview question and answers

Proposal For Their Integration Of Windows Server
Proposal For Their Integration Of Windows ServerProposal For Their Integration Of Windows Server
Proposal For Their Integration Of Windows Server
Brenda Higgins
 
Windows Server 2008 - Active Directory Components
Windows Server 2008 - Active Directory ComponentsWindows Server 2008 - Active Directory Components
Windows Server 2008 - Active Directory Components
André Braga
 
Administering computer accounts and resources in active directory
Administering computer accounts and resources in active directoryAdministering computer accounts and resources in active directory
Administering computer accounts and resources in active directory
Kavinda Prabhath
 
DataStage_Whitepaper
DataStage_WhitepaperDataStage_Whitepaper
DataStage_Whitepaper
Sourav Maity
 

Similar to Windows server Interview question and answers (20)

Active Directory
Active DirectoryActive Directory
Active Directory
 
Server interview[1]
Server interview[1]Server interview[1]
Server interview[1]
 
Windows sys admin interview questions
Windows sys admin interview questionsWindows sys admin interview questions
Windows sys admin interview questions
 
Server 2008 r2 ppt
Server 2008 r2 pptServer 2008 r2 ppt
Server 2008 r2 ppt
 
32 Most Commonly Asked Windows Server Administrator Interview Questions (With...
32 Most Commonly Asked Windows Server Administrator Interview Questions (With...32 Most Commonly Asked Windows Server Administrator Interview Questions (With...
32 Most Commonly Asked Windows Server Administrator Interview Questions (With...
 
Top 10 Active Directory Interview Questions & Answers
Top 10 Active Directory Interview Questions & AnswersTop 10 Active Directory Interview Questions & Answers
Top 10 Active Directory Interview Questions & Answers
 
29041329 interview-questions-for-server-2003
29041329 interview-questions-for-server-200329041329 interview-questions-for-server-2003
29041329 interview-questions-for-server-2003
 
Active directory interview_questions
Active directory interview_questionsActive directory interview_questions
Active directory interview_questions
 
Final domain control policy
Final domain control policy Final domain control policy
Final domain control policy
 
Proposal For Their Integration Of Windows Server
Proposal For Their Integration Of Windows ServerProposal For Their Integration Of Windows Server
Proposal For Their Integration Of Windows Server
 
My top 22-windows-server-interview-questions
My top 22-windows-server-interview-questionsMy top 22-windows-server-interview-questions
My top 22-windows-server-interview-questions
 
Dell linux cluster sap
Dell linux cluster sapDell linux cluster sap
Dell linux cluster sap
 
Windows Server 2008 - Active Directory Components
Windows Server 2008 - Active Directory ComponentsWindows Server 2008 - Active Directory Components
Windows Server 2008 - Active Directory Components
 
Ads int faq
Ads int faqAds int faq
Ads int faq
 
Administering computer accounts and resources in active directory
Administering computer accounts and resources in active directoryAdministering computer accounts and resources in active directory
Administering computer accounts and resources in active directory
 
S3 l5 db2 - process model
S3 l5 db2 - process modelS3 l5 db2 - process model
S3 l5 db2 - process model
 
My sql basic
My sql basicMy sql basic
My sql basic
 
DataStage_Whitepaper
DataStage_WhitepaperDataStage_Whitepaper
DataStage_Whitepaper
 
Lecture 4 -_internet_infrastructure_2_updated_2011
Lecture 4 -_internet_infrastructure_2_updated_2011Lecture 4 -_internet_infrastructure_2_updated_2011
Lecture 4 -_internet_infrastructure_2_updated_2011
 
Nt1330 Unit 1
Nt1330 Unit 1Nt1330 Unit 1
Nt1330 Unit 1
 

Recently uploaded

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

Windows server Interview question and answers

  • 1. 1. What is Active Directory? Active DirectoryisaMeta Data. Active Directoryisadata base whichstoresa data base like youruser information,computerinformationandalsoothernetworkobjectinfo.Ithascapabilitiestomanage and administerthe complete Networkwhichconnect withAD. Active Directory directory service is an extensible and scalable directory service that enables you to manage network resources efficiently. Active Directory is directory service that stores information about objects on a network and makes this information available to users and network administrators. Active Directory gives network users access to permitted resources anywhere on the network using a single logon process. It provides network administrators with an intuitive, hierarchical view of the network and a single point of administration 3for all network objects 2. What is LDAP? LDAP(lightweightdirectory accessprotocol) isaninternetprotocol whichEmail andotherservicesis usedto lookupinformationfromthe server. 3. What is the Global Catalog? The global catalogisa distributeddatarepositorythatcontainsasearchable,partial representationof everyobjectineverydomaininamultidomainActive Directoryforest.The global catalogisstoredon domaincontrollersthathave beendesignatedasglobal catalogserversandisdistributedthrough multimasterreplication.Searchesthatare directedtothe global catalogare fasterbecause theydonot involve referralstodifferentdomaincontrollers. Global Catalog Server is basically a container where you put the same type of member, computer etc and applied the policies and security on the catalog server in place of individual user or computer 4. What is the KCC? KCC ( knowledgeconsistencychecker) isusedto generate replicationtopologyforintersite replication and forintrasite replication.With inasite replicationtrafficisdone viaremote procedure callsoverip, while betweensiteitisdone througheitherRPCorSMTP 5. What is the SYSVOL folder? The sysVOL folder stores the server’s copy of the domain’s public files. The contents such as group policy, users etc of the sysvol folder are replicated to all domain controllers in the domain. The sysvol folder must be located on an NTFS volume. 6. Where is the AD database held? What other folders are related toAD? The AD data base is store in NTDS.DIT. 7. What is the ISTG? Who has that role by default?
  • 2. Windows 2000 Domain controllers each create Active Directory Replication connection objects representing inbound replication from intra-site replication partners. For inter-site replication, one domain controller per site has the responsibility of evaluating the inter-site replication topology and creating Active Directory Replication Connection objects for appropriate bridgehead servers within its site. The domain controller in each site that owns this role is referred to as the Inter-Site Topology Generator (ISTG). 8. What is LDP? What is REPLMON? What is ADSIEDIT? What is NETDOM? What is REPADMIN? LDP: Label Distribution Protocol (LDP) is often used to establish MPLS LSPs when traffic engineering is not required. It establishes LSPs that follow the existing IP routing, and is particularly well suited for establishing a full mesh of LSPs between all of the routers on the network. Replmon: Replmon displays information about Active Directory Replication. ADSIEDIT: ADSIEdit is a Microsoft Management Console (MMC) snap-in that acts as a low-level editor for Active Directory. It is a Graphical User Interface (GUI) tool. Network administrators can use it for common administrative tasks such as adding, deleting, and moving objects with a directory service. The attributes for each object can be edited or deleted by using this tool. ADSIEdit uses the ADSI application programming interfaces (APIs) to access Active Directory. The following are the required files for using this tool: ADSIEDIT.DLL ADSIEDIT.MSC NETDOM: NETDOM is a command-line tool that allows management of Windows domains and trust relationships. It is used for batch management of trusts, joining computers to domains, verifying trusts, and secure channels. REPADMIN: This command-line tool assists administrators in diagnosing replication problems between Windows domain controllers.Administrators can use Repadmin to view the replication topology (sometimes referred to as RepsFrom and RepsTo) as seen from the perspective of each domain controller. In addition, Repadmin can be used to manually create the replication topology (although in normal practice this should not be necessary), to force replication events between domain controllers, and to view both the replication metadata and up-to-dateness vectors. 9. How to take backup of AD ? 1.for taking backup of active directory you have to do this : first go to START -> PROGRAM ->ACCESORIES -> SYSTEM TOOLS -> BACKUP when the backup screen is flash then take the backup of SYSTEM STATE it will take the backup of all the necessary information about the systemincluding AD backup , DNS ETC. 2. Commond with administrator wbadmin start systemstatebackup backuptarget:D 10. How to restore the AD ? 1. START -> PROGRAM ->ACCESORIES -> SYSTEM TOOLS -> RESTORE 2. Restart server  F8 restore Active Directory Domain services 11. What is the ISTG? Who has that role by default? Inter-Site Topology Generator (istg) is responsible for managing the inbound replication
  • 3. connection objects for all bridgehead servers in the site in which it is located. This domain controller is known as the Inter-Site Topology Generator (ISTG). The domain controller holding this role may not necessarily also be a bridgehead server. 12. What are the DS* commands You really are spoilt for choice when it comes to scripting tools for creating Active Directory objects. In addition to CSVDE, LDIFDE and VBScript, we now have the following DS commands: the da family built in utility DSmod - modify Active Directory attributes DSrm - to delete Active Directory objectsDSmove - to relocate objectsDSadd - create new accountsDSquery - to find objects that match your query attributesDSget - list the properties of an object 13. What’s the difference between LDIFDE and CSVDE? Usage considerations? CSVDE is a command that can be used to import and export objects to and from the AD into a CSV-formatted file. A CSV (Comma Separated Value) file is a file easily readable in Excel. I will not go to length into this powerful command, but I will show you some basic samples of how to import a large number of users into your AD. Of course, as with the DSADD command, CSVDE can do more than just import users. Consult your help file for more info. Like CSVDE, LDIFDE is a command that can be used to import and export objects to and from the AD into a LDIF-formatted file. A LDIF (LDAP Data Interchange Format) file is a file easily readable in any text editor, however it is not readable in programs like Excel. The major difference between CSVDE and LDIFDE (besides the file format) is the fact that LDIFDE can be used to edit and delete existing AD objects (not just users), while CSVDE can only import and export objects. 14. What is tombstone lifetime attribute? The number of days before a deleted object is removed from the directory services. This assists in removing objects from replicated servers and preventing restores from reintroducing a deleted object. This value is in the Directory Service object in the configuration NIC. You want to standardize the desktop environments (wallpaper, My Documents, Start menu, printers etc.) on the computers in one department. How would you do that? How it is possible 15. What are the requirements for installing AD on a new server? The Domain structure2)The Domain Name3)storage location of the database and log file4)Location of the shared system volume folder5)DNS config Methode6)DNS configuration 16. What are application partitions? When do I use them? An application directory partition is a directory partition that is replicated only to specific domain controller. Only domain controller running windows Server 2003 can host a replica of application directory partition. Using an application directory partition provides redundancy, availability or fault tolerance by replicating data to specific domain controller pr any set of domain controllers anywhere in the forest
  • 4. 17. You want to standardize the desktop environments (wallpaper, My Documents, Start menu, printers etc.) on the computers in one department. How would you dothat? How it is possible. Login on client as Domain Admin user change whatever you need add printers etc go to system-User profiles copy this user profile to any location by select everyone in permitted to use after copy change ntuser.dat to ntuser.man and assign this path under user profile 18. How do you create a new application partition? Use the DnsCmd command to create an application directory partition. To do this, use the following syntax: DnsCmd ServerName /CreateDirectoryPartition FQDN of partition Global catalog provides a central repository of domain information for the forest by storing partial replicas of all domain directory partitions. These partial replicas are distributed by multimaster replication to all global catalog servers in a forest. 19. How do you view all the GCs in the forest? C:>repadmin /showreps domain controller where domain controller is the DC you want to query to determine whether it’s a GC. The output will include the text DSA Options: IS_GC if the DC is a GC. . . . 20. Trying to look at the Schema, how can I do that type “adsiedit.msc” in run or command prompt 21. Can you connect Active Directory toother3rd-party Directory Services? Name a few options. Yes, you can use dirXML or LDAP to connect to other directories In Novell you can use E-directory 22. How do you change the DS Restore admin password? A. In Windows 2000 Server, you used to have to boot the computer whose password you wanted to change in Directory Restore mode, then use either the Microsoft Management Console (MMC) Local User and Groups snap-in or the command net user administrator * to change the Administrator password. Win2K Server Service Pack 2 (SP2) introduced the Setpwd utility, which lets you reset the Directory Service Restore Mode password without having to reboot the computer. (Microsoft refreshed Setpwd in SP4 to improve the utility’s scripting options.) In Windows Server 2003, you use the Ntdsutil utility to modify the Directory Service Restore Mode Administrator password. To do so, follow these steps: 1. Start Ntdsutil (click Start, Run; enter cmd.exe; then enter ntdsutil.exe). 2. Start the Directory Service Restore Mode Administrator password-reset utility by entering the argument “set dsrm password” at the ntdsutil prompt: ntdsutil: set dsrm password
  • 5. 3. Run the Reset Password command, passing the name of the server on which to change the password, or use the null argument to specify the local machine. For example, to reset the password on server thanos, enter the following argument at the Reset DSRM Administrator Password prompt: Reset DSRM Administrator Password: reset password on server thanos To reset the password on the local machine, specify null as the server name: Reset DSRM Administrator Password: reset password on server null 4. You’ll be prompted twice to enter the new password. You’ll see the following messages: 5. Please type password for DS Restore Mode Administrator Account: 6. Please confirm new password: Password has been set successfully. 7. Exit the password-reset utility by typing “quit” at the following prompts: 8. Reset DSRM Administrator Password: quit ntdsutil: quit 23. What are Group Policy objects (GPOs)? Group Policy objects, other than the local Group Policy object, are virtual objects. The policy setting information of a GPO is actually stored in two locations: the Group Policy container and the Group Policy template. The Group Policy container is an Active Directory container that stores GPO properties, including information on version, GPO status, and a list of components that have settings in the GPO. The Group Policy template is a folder structure within the file system that stores Administrative Template-based policies, security settings, script files, and information regarding applications that are available for Group Policy Software Installation. The Group Policy template is located in the systemvolume folder (Sysvol) in the Policies subfolder for its domain. 24. What is the order in which GPOs are applied ? Group Policy settings are processed in the following order: 1. Local Group Policy object—Each computer has exactly one Group Policy object that is stored locally. This processes for both computer and user Group Policy processing. 2. Site—Any GPOs that have been linked to the site that the computer belongs to are processed next. Processing is in the order that is specified by the administrator, on the Linked Group Policy Objects tab for the site in Group Policy Management Console (GPMC). The GPO with the lowest link order is processed last, and therefore has the highest precedence. 3. Domain—Processing of multiple domain-linked GPOs is in the order specified by the administrator, on the Linked Group Policy Objects tab for the domain in GPMC. The GPO with the lowest link order is processed last, and therefore has the highest precedence. 4. Organizational units—GPOs that are linked to the organizational unit that is highest in the Active Directory hierarchy are processed first, then GPOs that are linked to its child
  • 6. organizational unit, and so on. Finally, the GPOs that are linked to the organizational unit that contains the user or computer are processed. At the level of each organizational unit in the Active Directory hierarchy, one, many, or no GPOs can be linked. If several GPOs are linked to an organizational unit, their processing is in the order that is specified by the administrator, on the Linked Group Policy Objects tab for the organizational unit in GPMC. The GPO with the lowest link order is processed last, and therefore has the highest precedence. This order means that the local GPO is processed first, and GPOs that are linked to the organizational unit of which the computer or user is a direct member are processed last, which overwrites settings in the earlier GPOs if there are conflicts. (If there are no conflicts, then the earlier and later settings are merely aggregated.) 25. What is LDAP? Lightweight Directory Access Protocol LDAP isa set of protocol usedforprovidingaccessto information directories. What are the standard port numbers for SMTP, POP3, IMAP4, RPC, LDAP and Global Catalog? - SMTP – 25, POP3 – 110, IMAP4 – 143, RPC – 135, LDAP – 389, Global Catalog - 3268 29. What are main differences between WINS and DNS? WINS: - It is used to resolve IP address into netbios Vice versa it is used prior version of win 2000 DNS:-It is used to resolve IP address into host name. Vice versa it is used in 2000, XP, 2003 server Advantages of WINS: WINS will be really helpful in a multidomain environment where in user’s would need to access many of the resources in different domains, rather than adding different DNS suffixes of each domain on the local machine. WINS is the best option. But i could also say WINS is not as stable as DNS. 30. What is a defaultgateway? The exit-pointfromone networkandentry-wayintoanothernetwork,oftenthe router Of the network. 31. How do you seta defaultroute on an IOS Cisco router? iproute 0.0.0.0 0.0.0.0 x.x.x.x [where x.x.x.x representsthe destinationaddress] 32. What is the difference between a domain local group and a global group? Domain local groups grant permissions to objects within the domain in which the reside. Global groups contain grant permissions tree or forest wide for any objects within the Active Directory. 33. What tool have you usedto create and analyze packet capture?
  • 7. Network MonitorinWin2K / Win2K3,Ethereal inLinux,OptiView SeriesII(byFluke Networks). 34. What is the significance ofthe IP address 255.255.255.255? The limitedbroadcastaddressisutilizedwhenanIPnode mustperforma one-to-everyone deliveryon the local networkbutthe networkID isunknown. 35. What Is Tree? Tree is a hierarchical arrangementof windowsDomainthatshare acontiguousname space. 36. What Is Domain? Domainislogical groupof networkobjects. 37. What Is Schema? Active directoryschemaisthe setof definitionsthatdefine the kindsof objectandthe type of informationaboutthose objectsthatcanbe storedinActive Directory Active directoryschemaisCollectionof objectclassandthere attributes ObjectClass = User Attributes=firstname,lastname,email,andothers 38. Tel Me about the Fsmo Roles? SchemaMaster DomainNamingMaster Infrastructure Master RID Master PDC SchemaMaster and DomainNamingMasterare forestwide role andonlyavailableone oneachForest, Otherrolesare Domainwide andone for each Domain. AD replicationismulti masterreplicationandchange canbe done inanyDomainControllerandwill get replicatedtoothersDomainControllers,exceptabove file roles,thiswill be flexible singlemaster operations(FSMO),these changesonlybe done ondedicatedDomainControllersoit’ssingle master replication. 39. How To Check WhichServerHolds WhichRole? NetdomqueryFSMO. 40. Tel Me About Active Directory Database And List The Active Directory Database Files? NTDS.DIT EDB.Log EDB.Che Res1.logandRes2.log All ADchangesdidn’twrite directlytoNTDS.DITdatabase file,firstwrite toEDB.Logand fromlog file to database,EDB.Che usedtotrack the database update fromlogfile,toknow whatchangesare copiedto database file. NTDS.DIT:NTDS.DIT isthe AD database and store all AD objects,Defaultlocationisthe %system root%nrdsnrds.dit,ActiveDirectorydatabase engine isthe extensible storage enginewhichusbasedon the Jetdatabase EDB.Log: EDB.Log isthe transactionlogfile whenEDB.Logisfull,itisrenamedtoEDB Num.logwhere numis the increasingnumberstartingfrom1,like EDB1.Log
  • 8. EDB.Che:EDB.Che isthe checkpointfileusedtotrace the data not yetwrittentodatabase file this indicate the startingpointfromwhichdatais to be recoveredfromthe logfile incase if failure Res1.logandRes2.log: Resis reservedtransactionlogfilewhichprovide the transactionlogfile enough time to shutdownif the diskdidn’thave enoughspace. 41. What Is Use Active Directory Partitions?And How To Find The Active Directory PartitionsAnd There Location? SchemaPartition – It store detailsaboutobjectsandattributes.Replicatestoall domaincontrollersin the Forest DN locationisCN=Schema,CN=Configuration,DC=Domainname,DC=com ConfigurationPartition –It store detailsaboutthe ADconfigurationinformationlike,Site,site-link, subnetandotherreplicationtopologyinformation.Replicatestoall domaincontrollers inthe Forest DN LocationisCN=Configuration,DC=Domainname,DC=com DomainPartitions –objectinformationforadomainlike user,computer,group,printerandother Domainspecificinformation.Replicatestoall domaincontrollerswithinadomain DN LocationisDC=Domainname,DC=com ApplicationPartition – informationaboutapplicationsinActiveDirectory.Like ADintegratedDNSis usedthere are two applicationpartitionsforDNSzones –ForestDNSZonesandDomainDNSZones,see more 42. Active Directory RestoresTypes? Authoritative restore Non-authoritativerestore 43. How Many Domain ControllersNeedTo Back Up?Or which Domain ControllersTo Back Up? Minimumrequirementistobackup two domaincontrollersineachdomain,one shouldbe an operations masterrole holderDC,no needtobackupRID Master (relative ID) because RIDmaster shouldnotbe restored. 44. Can We Restore Backup Of Domain ControllerTo Other/differentDomainController? Backup of one domaincontrollercan’tbe restoringtootherdomaincontroller,shouldbe restoredto same domaincontroller. 45. What Are GroupPolicies? Group policiesspecifyhowprograms,networkresources,andthe operatingsystemworkforusersand computersinan organization.Theyare collectionsof user andcomputerconfigurationsettingsthatare appliedonthe usersandcomputers(noton groups).Forbetteradministrationof grouppoliciesinthe Windowsenvironment,the grouppolicyobjects(GPOs)are used. 46. What Is Non-local Policy? Non-local GPOs are usedto control policiesonanActive Directory-basednetwork.A Windows 2000/2003 serverneedstobe configuredasa domaincontrolleronthe networktouse a non-local GPO. The non-local GPOsmustbe linkedtoa site,domain,ororganizational unit (OU) toapplygrouppolicies to the useror computerobjects. The non-local GPOsare storedin%systemroot%SYSVOLPOLICIESADM,where isthe GPO’sglobally unique identifier.Twonon-local GPOsare createdbydefaultwhenthe Active Directoryisinstalled:
  • 9. 1. DefaultDomainPolicy:ThisGPOislinkedtothe domainandit affectsall usersandcomputersinthe domain. 2. DefaultDomainControllersPolicy:ThisGPOislinkedtothe DomainControllersOUand itaffectsall domaincontrollersplacedinthisOU.Multiple GPOs. 47. What Is No Override?Block PolicyInheritance? The followingare the exceptionswithregardtothe above-mentionedsettings: No Override: AnyGPO can be setto NoOverride.If the NoOverride configurationissettoa GPO,no policy configuredinthe GPOcan be overridden.If more thanone GPO hasbeensetto No Override,thenthe one that isthe highestinthe Active Directoryhierarchytakesprecedence BlockPolicyInheritance: The Block PolicyInheritanceoptioncanbe appliedtothe site,domain,orOU.It deflectsall grouppolicy settingsthatreachthe site,domain,orOU fromthe objecthigherinthe hierarchy.However,the GPOs configuredwiththe NoOverride optionare alwaysapplied. 48. FollowingAre The RulesRegarding Group PolicyInheritance: A policysettingisconfigured(EnabledorDisabled) foraparentOU, and the same policysettingisnot configuredforitschildOUs.The childOUsinheritthe parent’spolicy A policysettingisconfigured(EnabledorDisabled) for aparentOU, and the same policysettingis configuredforitschildOUs.The childOUssettingsoverride the settingsinheritedfromthe parent’sOU If any policyisnot configured,noinheritance takesplace Compatible policysettingsconfiguredatthe parentandchildOUs are accumulated. Incompatible policysettingsfromthe parentOUare not inherited 49. What Is NetlogonFolder? Netlogonfolder containlogon/logoff/startup/shutdownscriptswhichisinside the Sysvolfolder. 50. What Is DNS Scavenging? DNS Scavengingistocleanupandremoval of stale DNSrecords,like housekeepingactivitytodelete unwantedorunusedDNSentriesinDNSserver/zone,itonlycleanupthe dynamicDNSrecordnotthe record createdmanually. 51. What Is Dynamic Dns Record? The record createddynamicallybyclient/serveronDNSzone,automaticallyaddedtozoneswhen computersstart onthe network. 52. How to Force The Dns Dynamic Update? Simple wayisrestartthe systemwhichtriggerthe DNSDynamicUpdate,we can user the below commandto force DNS DynamicUpdate Ipconfig/registerdns You can alsorestart the netlogonservice onservice.msc 53. If Dns Dynamic Updates Not WorkingWhat Are The Checks NeedsTo Do? Checkthe primaryDNS configurationonthe system,PrimaryDNSservershouldbe reachable fromclient inorder to registerDNSrecord.
  • 10. RegisterthisconnectionsaddressesinDNSshouldbe selectedonnetworkcardproperties(advance optionswhere youconfigure the IPAddress). AlsoCheckthe DHCP configurationif the managedthroughDHCP. 54. What Are PrerequisitesToDo The Dns Scavenging? Scavengingmustbe enabledonDNSserverandonthe zone youwantto scavenging. DNS recordsmustbe dynamicallyaddedtozonesoryou can manuallymodifiedthe timestamp configuration. 55. What Is ScavengingPeriod? Defaultvalue forScavengingissevendays(the minimumallowedvalue forthisisone hour) scavengingtime onDNSzone isthe serverto determine whenazone becomesavailableforscavenging So 7 + 7, every14 days 56. WhenThe Record RefreshesHappen?(dynamicUpdatesOf Record)? EveryDNS recordtime stampbeenupdatedWhile the time of computerrestart A periodicrefreshissentbythe computerevery24hours. Networkservicesmake refreshattempts, like DHCPservers,whichrenew clientaddress,clusterservers, whichregisterandupdate recordsfora cluster,andthe NetLogonservice,whichcanregisterand update resource recordsthatare usedby ADdomaincontrollersSothatthe recordnot taken as a stale DNS record. 57. What Is ScavengingServers?Is Dns ScavengingConfiguredInAll Domain Controllers? Notall DNSserversare Scavengingservers,youcanconfigure/promoteDNSservertoScavenging servers. Zone parameteronadvancedsettingsthat enablesyoutospecifyarestrictedlistof IPaddressesforDNS serversthatare enabledtoperformscavenging.