active directory page 5 _ welcome to support it desk
DESCRIPTION
hhTRANSCRIPT
-
4/8/2015 Active Directory Page 5 | Welcome to Support IT Desk
http://www.supportitdesk.com/microsoft-windows/interview-question-and-answers/active-directory-interview-question-and-answers/active-directory-pag 1/2
>Explain about Trust in AD ?To allow users in one domain to access resources in another, Active Directory uses trusts. Trustsinside a forest are automatically created when domains are created.
The forest sets the default boundaries of trust, not the domain, and implicit, transitive trust isautomatic for all domains within a forest. As well as two-way transitive trust, AD trusts can be ashortcut (joins two domains in different trees, transitive, one- or two-way), forest (transitive,one- or two-way), realm (transitive or nontransitive, one- or two-way), or external (nontransitive,one- or two-way) in order to connect to other forests or non-AD domains.
Trusts in Windows 2000 (native mode)One-way trust One domain allows access to users on another domain, but the other domaindoes not allow access to users on the first domain.Two-way trust Two domains allow access to users on both domains.Trusting domain The domain that allows access to users from a trusted domain.Trusted domain The domain that is trusted; whose users have access to the trusting domain.Transitive trust A trust that can extend beyond two domains to other trusted domains in theforest.Intransitive trust A one way trust that does not extend beyond two domains.Explicit trust A trust that an admin creates. It is not transitive and is one way only.Cross-link trust An explicit trust between domains in different trees or in the same tree when adescendant/ancestor (child/parent) relationship does not exist between the two domains.Windows 2000 Server supports the following types of trusts:Two-way transitive trusts.One-way intransitive trusts.Additional trusts can be created by administrators. These trusts can be:
ACTIVE DIRECTORY PAGE 5
Welcome to Support IT Desk
-
4/8/2015 Active Directory Page 5 | Welcome to Support IT Desk
http://www.supportitdesk.com/microsoft-windows/interview-question-and-answers/active-directory-interview-question-and-answers/active-directory-pag 2/2
>What is tombstone lifetime attribute ?The number of days before a deleted object is removed from the directory services. This assists inremoving objects from replicated servers and preventing restores from reintroducing a deletedobject. This value is in the Directory Service object in the configuration NIC.
>What are application partitions? When do I use them ?AN application diretcory partition is a directory partition that is replicated only to specificdomain controller.Only domain controller running windows Server 2003 can host a replica ofapplication directory partition.Using an application directory partition provides redundany,availability or fault tolerance byreplicating data to specific domain controller pr any set of domain controllers anywhere in theforest.
>How do you create a new application partition ?Use the DnsCmd command to create an application directory partition.To do this, use the following syntax:DnsCmd ServerName /CreateDirectoryPartition FQDN of partition
>How do you view all the GCs in the forest? C:\>repadmin /showreps domain_controller where domain_controller is the DC you want toquery to determine whether it?s a GC.The output will include the text DSA Options: IS_GC if the DC is a GC.
>Can you connect Active Directory to other 3rd-party Directory Services? Name a few options.Yes, you can use dirXML or LDAP to connect to other directories.In Novel you can use E-directory.
Previous Questions Next Questions
0Like