all in one interview questions
TRANSCRIPT
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 1/91
1
List of important Ports numbers:-
15Netstat 110POP3 37Time
21,20FTP 143IMAP 3389 Terminal services
23 Telnet 119NNTP443SSL (https) (http protocol over
TLS/SSL)
25
SMTP
123NTP (Network time
protocol) 220
IMAP3
42WINS 139NetBIOS 3268 AD Global Catalog
53DNS 161SNMP 3269AD Global Catalog over SSL
67 Bootp 180RIS500 Internet Key Exchange, IKE (IPSec)
(UDP 500)
68DHCP389LDAP (Lightweight Directory Access Protocol)
80HTTP 443
HTTPS (HTTP overSSL/TLS)
88Kerberos 520RIP
79FINGER101HOSTNAME
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 2/91
2
Desktop Interview Questions:-
Hardware:-
Operating system:-
Os is a software program that enables the computer hardware to communicate and operatewith the computer software. Without operating system computer would be useless.
Bios chip-
This is the most important chip in computer. It contains bios software that tells the
processor how to interact with rest of hardware in computer.
(Bios Manufacturer- AMI, PHONIX, AWARD)
CMOS:-
Complementary metal oxide semiconductor. It is type of memory chip it is parameter
memory for the bios. When pc turn off it saves some setting like, date, time, hard drive
configuration for this setting the memory must have power constant. CMOS battery
powered to CMOS chip.
Microprocessor:-
Microprocessor is a program control device.
Microprocessor speed depends on data bus width.
Difference between primary storage and secondary storage device:-
Primary storage devise storage capacity is limited, it has volatile memory eg. ROM
Secondary storage devise storage capacity is larger; it has non volatile memory eg. Floppy,
harddisk.
Difference between SDR and DDR Ram:-
SDR- stands for single data rate
SDR has 168 pins and 2 notches.
SDR comes in pc66, pc100, pc133 (Mhz)
SDR maximum frequency is 133 MHz.
SDR has low speed for data transfer.
SDR has no refreshing.
DDR-stands for Double Data Rate.DDR has 184 pins and 1 notch.
DDR comes in pc166, pc200, pc266, pc333, pc400 (Mhz)
DDR minimum frequency is 266 Mhz.
DDR has high speed data transfer.
DDR has refreshed periodically.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 3/91
3
Difference between FAT and NTFS:-
FAT:-
Fat must kept when multi booting OS like NT, 95,98, DOS
Fat has no security.
Maximum size of partition is up to 2TB.
Maximum file size up to 4GB.Security at NTFS permission not support.
NTFS:-
High level security (Files and Folders)
Support file compression, encryption, and disk quota.
Support XP, Windows 2000, and windows 2003.
Maximum size of partition 2 terabyte and more.
Maximum file size up to 16 terabyte.
Disk Quota:-A disk quota is a limit set by a system administrator that restricts certain aspects of file
system usage on modern operating systems. The function of using disk quotas is to allocate
limited disk space in a reasonable way.
Alternatively referred to as a quota, disk quota management are permissions given by
administrators that set limits on the user, workgroups, or other groups of storage space. By
setting a quota, this helps prevents a server or share from becoming full of data, but allows
users to still be able to save files on a server or share.
Power supply:-
Voltage of power supply- +3.3VDC, +5VDC, -5VDC (ground), +12VDC, -12VDC (ground)
Stand by voltage - +3.3VDC, +5VDC
Hard disk- +5VDC
Floppy Drive- +3.3VDC
Mother Board- +12VDC.
Types of power supply:-
AT and ATX.
AT- this power supply connects to mother board through pair of 6 wires.
ATX- this power supply connect through a single 20 pin connector.
What is virtual memory?
Virtual memory is a hardware technique where system appears to have more memory that
is actual does.
System partition:-
It is a partition that needs to boot any operating system, system partition allows C: where
MBR (maser boot record).
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 4/91
4
Network :-
What is network?
Network is the chain of the computers in which u can share data centre server, mail server,
print server, web server with appropriate assign rights.
What is LAN?
Local Area Network, if your network setup in one room, one floor, one building then u can
say it’s a local area network. In such types of network all computer connect through a cable.
MAN?
Metropolin Area Network, MAN is bigger than LAN in size, within MAN all city cover
through networking. Approximately 10 to 100 kms cover through MAN. Fiber optic cable is
used in MAN.
WAN?
Wide Area Network, if your computer are very long distance like two cities, states, nations
in such cases all computers connect to satellite this type of network called as WAN.
Internet:-
Internet is also one of the types of network. Different different cities, states, nations all
networks are connected under one network are called as internet. In simple words u can
say internet is network of networks.
Router:-
Router is a devise which routes or sends packets in two or more than two different
networks.
HUB:-
HUB is a devise which access data from one port and broadcast it to all over ports.
Switch:-
Switch is a devise which accepts data from one port and send such packet on perfect
specified port with the help of MAC address.
Bridge:-Use to divide the network segment bridge keep traffic on one side from crossing to the
other
Gateway:-
Gateway converts data and repackage it to meet the requirement of the destination address.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 5/91
5
OSI Model:-
Open system interconnect- OSI is a reference model which is used for software developers
to understand that how data pass from one computer to another.
Layers of OSI model:-
Application layer-user creates his particular application.Presentation layer- when user saves such file that file compressed and encrypted at source
side and vice versa.
Session layer-once user send a data to a destination computer, session layer takes place it
is responsible for end to end communication.
Transport layer-necessary to send data to the help of protocol over network.
TCP/IP and UDP- these protocols used in transport layer.
Network layer-it is responsible for send packets for perfect destination network with the
help of router. Router is no. 3 device.
Data link layer-send packet, perfect, particular destination machine with the help of mac
address. Switch Is no. 2 devise.Physical layer- responsible for sending data at appropriate destination
Hub is no. 1 devise.
Network topology:-
Topology is a way of laying out the network. Topology is either physical or logical.
Physical topology describes how the cables are run.
Logical topology describes how the network message travels.
There are 4 types of topology- BUS, STAR, RING, MESH.
Bus- bus is the simplest physical topology, it consists of a single cable that runs to every
work station, each computer shares the same data and address path. Easy to install and low
cost.
Star- there is one central devise called as HUB. Making it very easy to add new workstation.
If anyone workstation down not affect the entire network. Easy to install.
Ring- each computer connects two other computers joining them in a circle creating a
unidirectional path. When message move from workstation to workstation it is difficult to
add new computer.
Mesh-Simplest topology it terms data flow. In physical topology each device is connect toother device. It is very expensive to install and maintain.
Protocol:-
Protocol is the standard set of rules used to communicate.
IP Address-
It is primarily responsible for addressing and routing packets between hosts.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 6/91
6
Class of IP Address:-
Class A 1 to 126 255.0.0.0
Class B 128 to 191 255.255.0.0
Class C 192 to 223 255.255.255.0
Class D 224 to 247 used for multicastingClass E 248 to 255 used for experimental purpose.
127.0.0.1 – loop back address.
169.254.0.1 To 169.254.255.254- APPIPA address ( Automatic private IP address )
Difference between IPv4 & IPv6:-
IPv4 IPv6
Source and destination addresses are 32 bits(4 bytes) in length.
Source and destination addresses are 128 bits (16bytes) in length. For more information, see “IPv6Addressing.”
IPsec support is optional. IPsec support is required. For more information, see“IPv6 Header.”
No identification of packet flow for QoShandling by routers is present within the
IPv4 header.
Packet flow identification for QoS handling byrouters is included in the IPv6 header using the Flow
Label field. For more information, see “IPv6 Header.”
Fragmentation is done by both routers andthe sending host.
Fragmentation is not done by routers, only by thesending host. For more information, see “IPv6Header.”
Header includes a checksum. Header does not include a checksum. For moreinformation, see “IPv6 Header.”
Header includes options. All optional data is moved to IPv6 extension headers.For more information, see “IPv6 Header.”
Address Resolution Protocol (ARP) usesbroadcast ARP Request frames to resolve anIPv4 address to a link layer address.
ARP Request frames are replaced with multicast Neighbor Solicitation messages. For moreinformation, see “Neighbor Discovery.”
Internet Group Management Protocol (IGMP)is used to manage local subnet groupmembership.
IGMP is replaced with Multicast Listener Discovery(MLD) messages. For more information, see“Multicast Listener Discovery.”
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 7/91
7
ICMP Router Discovery is used to determinethe IPv4 address of the best default gatewayand is optional.
ICMP Router Discovery is replaced with ICMPv6Router Solicitation and Router Advertisement messages and is required. For more information, see“Neighbor Discovery.”
Broadcast addresses are used to send trafficto all nodes on a subnet.
There are no IPv6 broadcast addresses. Instead, alink-local scope all-nodes multicast address is used.For more information, see “Multicast IPv6Addresses.”
Must be configured either manually orthrough DHCP.
Does not require manual configuration or DHCP. Formore information, see “Address Autoconfiguration.”
Uses host address (A) resource records in theDomain Name System (DNS) to map host
names to IPv4 addresses.
Uses host address (AAAA) resource records in theDomain Name System (DNS) to map host names to
IPv6 addresses. For more information, see “IPv6 andDNS.”
Uses pointer (PTR) resource records in theIN-ADDR.ARPA DNS domain to map IPv4addresses to host names.
Uses pointer (PTR) resource records in the IP6.ARPADNS domain to map IPv6 addresses to host names.For more information, see “IPv6 and DNS.”
Must support a 576-byte packet size(possibly fragmented).
Must support a 1280-byte packet size (without fragmentation). For more information, see “IPv6MTU.”
Public IP Address:-
Every IP address on the public internet is unique. Your ISP (Internet service provider)
assign one public IP address for each of your computer i.e. directly connect to the ISP.
Private IP Address:-
Used for host that requires IP connectivity but that don’t need to see on public network.
Private IP address is free for every user. Using one public IP we can access thousands of
private IP addresses in that LAN.
Range for Private IP addresses:-
10.0.0.0 to 10.255.255.255 - 16,777,215
172.16.0.0 to 172.31.255.255 – 1,048,576
192.168.0.0 to 192.168.255.255 – 65,535
Subnet Mask:-
The use of subnet mask actually tells you the number of host/terminals that could be use on
the same network.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 8/91
8
Default Gateway:-
Default Gateway is the IP address given to a router which is used to communicate over the
networks.
MAC Address (Physical Address)
MAC address is unique value associated with a network adapter it is 12 digits.
TCP- (Transmission control protocol)
Connection oriented protocol, reliable communication, guaranteed to delivery of packets,
gives the acknowledgement data was received, secure data send.
UDP-(User Datagram Protocol)
Connectionless communication, unreliable, unsecured but faster than TCP.
ARP-(Address Resolution Protocol)
Address finds physical computer for which IP packets are destinated. ARP entries aredynamic.
ICMP-(Internet control manage protocol)
ICMP used for ping command, it is network layer protocol.
SMTP-(Simple mail transfer protocol)
SMTP used for sending mails and it is used for public folder.
SNMP-(Simple network management protocol)
Used for sending messages.
FTP-(File transfer protocol)
FTP is member of TCP/IP site protocol, used to copy files between two computers on the
internet.
Point to Point protocol
It is commonly used to establish a direct connection between two nodes, it is occasionally
used over broadband connection.
Kerberos protocol
It is used for an authentication. Kerberos keep one copy of authentication list to itself andone copy remained to a server.
HTTP-(Hyper text transfer protocol)
How will request send by HTTP browser from workstation to any website?
First of all your browser request will cross to your network and goes to related URL DNS
and then it resolved your web address name with related IP. In this whole process all
protocols are working simultaneously like (HTTP, ARP etc.)
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 9/91
9
Routing Protocol-
IGRP-Interior gateway routing protocol.
RIP- Routing Information protocol.
Difference between Workgroup and Domain?
Workgroup:-Workgroup is the Peer to Peer network; there is no any centralized management and
security. Each and every user can access any resource and data with the help of assigned
rights. No administrator task. Computers must be on the same network.
Domain:-
In domain there you find centralized management with full security. All tasks perform
under administrator. Relation between server and client. Computer can be on different local
network.
Minimum Hardware Requirements for OS-Windows XP- Processor 230 Mhz. to 300 Mhz.
Memory 64 MB to 128 MB
Disc Space Minimum 2GB, maximum any.
Standard Server- Processor 233 Mhz. to 550 Mhz.
Memory 128 MB to 256 MB
Disc Space minimum 2 GB
Maximum support up to 4 processor.
Enterprise server- Processor 233 Mhz. to 733 Mhz.
Memory 128 MB to 512 MB
Disc Space minimum 2 GB
Maximum support up to 8 processor.
Data Centre server- Processor 400 Mhz. to 733 Mhz.
Memory 512 MB to 1 GB (Max. 64 GB)
Disc Space minimum 2 GB
Minimum requirement 8 processor.
Maximum support up to 32 processor.
Difference between Basic disk and Dynamic disk:-Basic Disk- basic disk provide backward compatibility with older windows OS. Basic disk
contains for volume such as primary partition, extended and logical drives.
Dynamic Disk- dynamic storage is support XP Pro, windows 2000, windows 2003. A
dynamic disk contains dynamic volume such as simple volume, spanned, stripped, mirrored
and RAID 5 volumes.
Basic disk to dynamic disk convert easily and vice versa.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 10/91
10
Disk management:-
Simple Volume- converts basic to dynamic.
Spanned volume- extends drive only show first HDD.
Striped- 50% data saves in second HDD raid 0.
Mirrored – Raid 1 data is mirrored in other disk.
Raid 5- parity bit is set in all HDD.
Features of XP:-
Automatic update, compression of folders, desktop cleanup wizard, fax support, remote
desktop, welcome screen, help and support centre.
Difference between NT and 2003 domain:-
NT domain- domain controller known as PDC (Primary domain controller). PDC database
read and write, for the backup purpose multiple BDC (Backup domain controller). BDC
database read only.
2003 Domain:-
No PDC and BDC concept. There is multi master domain controller who have read and write
database.
Advantages of 2003:-
Domain rename, domain controller rename, multiuser property select, admin account
deletetion, default APIPA, shadow copy, IIS version 6, security purpose, password
complexity.
Difference between 98 and XP:-
In XP high resolution, support NTFS file system, secure OS, plug and play facility for USB,
Fax support, inbuilt graphics drivers, faster than 98, XP can support 2 processors, new
version of Internet explorer.
Difference between PATA and SATA:-
PATA- Parallel advance technology attachment, this will used IDE interface of 40 pins,
transfers data parallel, low speed transmission.
SATA- Serial advanced technology attachment, this will have 7 pin interface, transfers data
serially, high speed transmission.
DNS- (Domain Name System):-
DNS used for the name resolution its mainly used to resolve from name to IP address and IP
address to name, mainly used in internet. DNS divide in form of hierarchical.
Two categories Zone-
1. Forward lookup zone- Resolved query name to IP address2. Reverse lookup zone- Resolved query IP address to name.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 11/91
11
DNS zone types:-
Standard primary zone- Load master copy of zone, zone information written in text file.
Secondary zone- backup zone for the primary zone
Active directory integrated zone-information stored in active directory
Stub zone- copy of SOA (Sod of Authority) records, copy of NS record, copy of A records forthat zone with stub zone DNS traffic will be low.
DNS Record Types:-
Host (A) Record- A record used to map a DNS domain name to a host, host record
information.
Allias – Record duplicate name, for eg. www.yahoo.com
NS Record- name server records for domain.
Mail Exchanger (MX)- this record used to email application to locate a mail server.
Pointer (PTR)- this record used in reverse lookup zone.
SOA (Start of Authority) – SOA resource record is the first resource record create when
adding a new zone.
How DNS Solve Query:-
DHCP (Dynamic Host Configuration Protocol):-
DHCP provide IP address dynamically to client machine, when client machine not found
DHCP server then it get APIPA (automatic private IP address) .
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 12/91
12
Advantages of DHCP:-
1. DHCP capability it build with windows server 2003 so it don’t cost extra
2. Once we entered IP address configuration in one place on DHCP server it automatically
assigned to DHCP client.
3. Configuration problem automatically minimum.
DHCP Lease process:-
A DHCP lease is the amount of time that the DHCP server grants to the DHCP client
permission to use a particular IP address.
Describe Lease process of DHCP (DORA Process):-
Discover- DHCP client sends broadcast packet to identify DHCP server.
Offer-once packet received by DHCP server, the server will send the packet containing
source IP and source MAC.
Request- client will now connect DHCP server directly and request for IP address.
Acknowledgement- DHCP server will send and acknowledgement packet which contain the
IP address.
Default lease period is 8 days.
Difference between Scope and Super Scope:-
Scope in DHCP where you can specify range of IP address which will lease to DHCP client
Super Scope is the combination of multiple scope.
What is DHCP relay agent?
If you have two or more subnet you need to configure more DHCP server, in each subnet
instead of place DHCP server, we can configure DHCP relay agent whenever you want.
IIS (Internet Information Service):-
It is a software service that support website creation, configuration and management.
IIS include FTP, SMTP and NNTP.
WINS (Windows Internet Naming System):-
Wins maps net bios name to IP address.
Every host entry in LM host file.
RAS (Remote Access Service)-
RAS means Remote Access Server, we can access server remotely through VPN from
anywhere but for this high speed internet is necessary. In RAS maximum two users
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 13/91
13
remotely accessed. If you want to access more users then we have to make license. In RAS
Point to Point protocol is used
VPN (Virtual Private Network):-
The extension of a private network that encrypted, authenticated, linked across public
network, VPN connection can provide remote access and routed connection to private
network over the internet.
PPTP- Point to Point Tunnel Protocol
L2TP- Layer to Tunnel Protocol
These protocol are used in VPN.
IP Sec (Internet Protocol Security Systems):-
IP sec is nothing but one of the service which provide security to your packets, internet
communication by using L2TP.
IP sec provide packet like encryption, integrity, authentication level.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 14/91
14
PKI Public Key Infrastructure:-
You can create certificate on your ADS.
ICS (Internet Connection Sharing):-
It is designed for a small network, in ICS your all machines must be in fixed IP range. In ICS
you required two network cards. For ICS DNS and DHCP is also required.
NAT (Network Address Translation):-
Nating designed for biggest network. An IP translation process that allow a network with
private IP address to access information on the internet. Share internet connection.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 15/91
15
Active Directory:-
Active directory is a central database which controls the network. It is windows based
director service. Active directory stores information about objects on the network and make
this information available to users and network administrator. Active directory gives
network users access to permitted resources anywhere on the network using single logon
process. Active directory is a single point of administration for all network objects.
Objects of Active Directory:-
Resources (Printers), Services(Email), User(User account and groups), object is uniquely
identified by its names
Attributes- Describes the objects in Active Directory
Example- All user object share attributes to share a user name, full name and description.
System is also object but they have separate attributes.
Schema-
The set of attributes available for any particular object type is called as schema. Schema
information stored in active directory.
Contents-
Contents are used to organize the Active Directory.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 16/91
16
Tree-
Tree is used to describe a set of object within active directory.
Forest-
Forest describe tree that are not part of same name space, but that share a common schema,
configuration global catalogue. Tree in forest all trust each other. Organization that aredivided into multiple domain should group the trees into a single forest.
Site-
Site is a geographical location site corresponds to logical IP subnet, they can locate closest
server in the network. Site can reduce the traffic on wide area network.
Global Catalogue Server-
Global catalogue server maintains full information about its own domain and partial
information about other domain.
How will take backup of Active Directory?
Takes system state Data Backup. Contains system state data backup are boot file, system
file, active directory, sysvol folder, certificate and registry.
FSMO Roles-
Flexible single master operations:-
1. Schema master- it maintain a structure of active directory in forest.
2. Domain naming master- controls the addition and removal domain of the forest.
3. PDC emulator- provides backward compatibility.
4. RID Master- it assign RID and SID to a newly created object.
5. Infrastructure master-synchronize cross domain group membership changes.
Why we can use exchange server?
Exchange server is a mail server; we can use this server to send mail in intranet as well as
outside.
New Features of Exchange 2003-
RPC over HTTPS
Volume shadow copy for backup
Super upgrade tool like ex deploy
Improved security
What are the requirements for installation of exchange server-
IIS, SMTP, WWW service, NNTP, Dot net framework, ASP .NET.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 17/91
17
Active Directory Interview Questions:-
1. What is Active Directory?
Active Directory is a directory service used for Organizing, Managing and controlling theresources available on the network. It is used for saving information of all the resources
available on the window 2000/2003 networks. AD objects includes Users, Groups,
Computers, Printers etc. server, domains and sites are also consider as AD object.
2. Functions of Active Directory?
Centralizes control of network resources-
By centralizing control of resources such as servers, shared files and printers, only
authorized users can access resources in Active Directory.
Centralizes and Decentralizes resource management-
Administrators have centralized administration with ability to delegateadministration of subsets of the n/w to a limited number of individuals giving them
greater granularity in resource management.
Stores object securely in logical structure-
Active directory stores all the resources as objects in a secure, hierarchical logical
structure.
Optimizes network traffic –
The physical structure of active directory enables you to use network bandwidth
more efficiently e.g. it ensures that when user logon to the network, the
authentication authority that is nearest to the user, authenticate them reducing the
amount of network traffic.
3. What is the requirement of Installing Active Directory?
A computer running windows server 2003.
Minimum disk space of 250 MB and partition formatted with NTFS.
Administrative privileges for creating domain.
TCP/IP installed and configured to use DNS.
An authorative DNS server that supports SRV resource records.
4. How to install Active Directory?
Start Run dcpromo
5. How will you verify whether the AD installation is proper of not?
Verify SRV records
After AD is installed, the Domain controller will register SRV records in DNS, when it
restarts we can check this using DNS MMC or nslookup command.
If the SRV records are registered, the following folders will be there in the domain folder in
forward lookup zone.
msdes, site, tcp, adp
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 18/91
18
using nslookup
nslookup
is –t srv domain
if the SRV records are properly created , they will be listed.
Verify SYSVOL folder –
If SYSVOL folder is not properly created, data stores in SYSVOL such as scripts, GPO etc. willnot replicated between domain controllers.
First verify the following folder structure is created in SYSVOL
Domain, staging, staging areas, SYSVOL.
The verify necessary shares are created
Net share.
It should show two shares as netlogon and SYSVOL
Verifying database and log files-
Make sure that the following files are there at %systemroot%\ntds.
Ntds.dit, EDB.*, Res*.log.
6. Active directory post installation checkups?
Dsa.msc
Dnsmgmt.msc
Domain.msc
Dssite.msc
7. What is the location of Active directory database?
The AD database is stored in NTDS.DIT file.
C:\windows\NTDS\ntds.dit.
8. Explain about ADS database?
Active Directory includes 4 files.
NTDS.dit, EDB.log, EDB.chk, REG1.log and REG2.log
NTDS.dit – this the AD database and stores all AD Objects.
Ntds.dit consists of following tables.
Schema Table – the types of objects that can be created in active directory relationships
between them, and the attributes on each type of objects. This table is much smaller than
data table.
Link Table- consists linked attributes, which consist values referring to other objects inActive Directory, take the member of attribute on a user object. This is also smaller than
data table.
Data Table- users, groups, applications specific data and any other data stored in active
directory. Active directory has 3 types of data.
1. Schema information- definitional details about objects and attributes that one can store
in active directory. Replicates to all domain controller.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 19/91
19
2. Configuration information- configuration data about forest and tree. Replicates to all
domain controllers.
3. Domain information- objects information for the domain. Replicates to all domain
controllers within a domain. The object partition becomes part of global catalogue.
EDB.log – this is the transaction log file (10MB). When edb.log is full it is renamedto edbnnnn.log, where nnnn is the increasing number starting from 1.
EDB.chk – this is the checkpoint file used to track the data not yet written to
database file. This indicates the starting point from which data is to be recovered
from the log file incase of failure.
REG1.log and REG2.log – this is reserved transaction log file of (20MB, 10MB) each,
which provides transaction log files sufficient room to be shutdown if the other
space are being used.
9. Explain Active Directory Database garbage collection process?
Garbage collection is a process that is designed to free space within the active directory
database. This process runs independently on every domain controller with a default
lifetime interval of 12 hours.
The garbage collection process has 3 main steps-
1. Removing “tombstones” from the database. Tombstones are remains of objects that
have been previously deleted.
2. Deletion of any unnecessary log files.
3. The process launches a defragmentation thread to claim additional free space.
10. Which authentication protocols are supported by ADS?
NTLM and Kerberos.
11. What is the active directory defragmentation?
Defragmentation of active directory means separating used space and empty space created
by deleted objects and reduces directory size. (Only in offline defragmentation).
12. What difference is between online and offline defragmentation?
Online Defragmentation – will be performed by garbage collection process, which runs for
every 12 hours. By default which separate used space and white space. (White space is the
space created because of object deletion in AD. E.g. User.) And improve the efficiency of ADwhen the domain controller is up and running.
Offline Defragmentation – can be done manually by taking domain controller into
restoration mode. We can only reduce the file size of directory database where as the
efficiency will be same as in online defragmentation.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 20/91
20
13. How can you forcibly remove active directory from a server?
Demote the Domain Controller by running dcpromo with the / forceremoval ( dcpromo
/forceremoval) switch.
14. Structure of Active Directory :-
Physical Structure – Domain controller, sites.Logical Structure – domain, tree, forest, organizational unit (OU).
Domain Controller- domain controller are the physical storage location for the active
directory service database.
Windows 2000 server + active directory service= domain controller.
Site- a site is defined as a group of subnets. A site is a physical component of AD that is used
to define and represent physical topology of a network
Domain – domain is defined as a security boundary within which an administrator canorganize, manage and control resources. A domain can also be defined as a unit of NT
replication.
A domain is logical grouping of network, computers in which more than one computer has
shared resources (domain are the fundamental units that make up active directory).
Tree- a tree is defined as hierarchical grouping of one or more domains which shares
contagious name space or single DNS name space. E.g. techmahindra.com is the domain and
att.techmahindra.com is the tree.
Forest – a forest is a group of one or more domain trees which share a common schema and
global catalogue.
First domain in a forest is called as forest root domain.
Organizational Unit (OU) - OU is defined as a logical container which is used for
representing the physical structure of an organization. OU is administrative level containerobject in ADS that organize users, computers, groups and other OU’s together. So that any
changes, security privileges or any other administrative tasks could be accomplished more
efficiently.
15. What is Object?
Active Directory objects are the entities that makeup a network. An object is distinct name
set of attributes that represents something concrete such as user, printer, or anyapplication.
E.g. when we create a user object active directory assigns the globally unique identifier
(GUID)
and we provide values for such attributes as the users given name, surname, the logonidentifier and so on.
16. Sites?
Site is the combination of TCP/IP, subnets connected with high speed links.Site provides replication.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 21/91
21
There are two types of replication
1. Intrasite replication – it is replication within the same site. It offers full timereplication between domain controller and additional domain controller when they are
within the same site.
2. Intersite replication- it is the replication between two different sites. Intersite
replication is implemented when the site are away from each other it required site link.
Site link is the logical connection between sites, which can be created and scheduled.Site link offers communication only at scheduled interval.
17. What is the use of sites?
Sites are primarily used to control replication traffic.
More specifically sites are used to control the following –
Workstation logon traffic, replication traffic, distributed file system (DSF)
Distributed file system (DFS) – is a server component that provides unified naming
convention for folder and files stored on different server on the network.
File replication service (FRS) – a windows sever 2003 service named file replication
service is responsible for replicating files in the SYSVOL folders between domain
controllers.
18. What are the objects a site contains?
Site contains only two types of objects. The first type is the domain controllers contained in
the site. The second type of the object is the site links configured to connect the site to other
sites.
19. What is the site link?
Within a site replication happens automatically. For replication to occur between sites, you
must establish a link between the sites. There are two components to this link. The actual
physical connection between the sites (usually WAN link) and site link object. The site link object is created within AD and determines the protocol used for transferring replication
traffic (internet protocol (IP) or Simple Mail Transfer Protocol (SMTP). The site link object also governs when replication is scheduled to occur.
20. What is the Active Directory Schema?
The active directory schema is the set of definitions that defines the kinds of objects and thetype of information about those objects that can be stored in active directory. The
definitions are the selves stored as objects so that active directory can manage the schema
objects with the same object management operations used for managing the rest of the
objects in the directory.There are two types of definitions in the schema – attributes and classes.
Attributes and classes are also referred to as schema objects or metadata. Attributes aredefined separately from classes. Each attribute is defined only once and can be used in
multiple classes.E.g. the description attribute is used many classes, but is defined once in the schema,
assuring consistency.
Classes also referred to as object classes, described the possible directory object that can becreated. Each class is collection of attributes. When you create an object, the attribute store
the information that describe the object. The user classes, for e.g. is composed of many
attributes, including network address, home directory, and so on.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 22/91
22
Every object in AD is an instance of an object class.
Active directory does not support deletion of schema object, however objects can bemarked as deactivated providing many of the benefits of the deletion.
The structure and contents of the schema is controlled by the domain controller that holds
the schema operation master role. A copy of the schema is replicated to all domain
controllers in the forest. The use of the common schema ensures data integrity and
consistency throughout the forest.
21. Explain AD Database?
The information stored in AD is called as AD database.The information stored in AD on every domain controller in the forest is partitioned in to 3
categories, they are as follows.
Domain partition – the domain partition contains the entire object in the directory for a
domain.Domain data in each domain is replicated to every domain controller in that domain, but on
beyond its domain.
Schema Partition- the schema partition contains all objects types and their attributes that can be created in AD. This data is common to all domain controllers in the domain tree or
forest and is replicated by AD to all domain controllers in the forest.
Configuration partition.
22. What is Global Catalogue?
Global Catalogue server maintains full information about its own domain and partial
information about other domains.
The global catalogue holds a partial replica of domain data directory partitions for alldomain in the forest.
Use of Global Catalogue-
Contains partial replica of all objects in the entire forest.
Contains universal groups
Validates user principle names (UPN)
23. Global Catalogue Contains?
The attributes that are most frequently used in queries, such as a user’s first name,
last name and login name.
The information that is necessary to determine the location of any object in the
directory. The access permissions for each object and attributes that is stored in global
catalogue, if you search for an object that you do not have appropriate permission to
view the object will not appear in the search result. Access permission ensures that
users can find only object to which they have been assigned access.
24. How to check which server is having global catalogue server?First load support tools
Run cmd ldpThen you will get a window there
Click on fileselect connect to type the required server.
They you will get some information at the bottom, you can find global catalogue. If you findTRUE global catalogue is available on that server.
FALSE no global catalogue is available on that server.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 23/91
23
Note- by default global catalogue service is enabled in main domain controller. By default
global catalogue service is disabled in additional domain controller. If you want to transferglobal catalogue service from main domain controller to additional domain controller then
you can transfer it.
25. What is LDAP?
LDAP stands for Lightweight Directory Access ProtocolLDAP is an internet protocol that email and other programs use to lookup information from
a server.
An LDAP aware directory service (such as AD) indexes all the attributes of all the objectsstored in directory and publish them.
LDAP aware clients can query the server in a wide variety of ways
LDAP is based on TCP/IP model
It runs on port no. 389DAP is based on OSI Model.
26. What is SYSVOL folder?
The SYSVOL folder stores the server copy to domain public files.
The contents such as group policy, users etc. of the SYSVOL folder are replicated to all
domain controllers in the domain.
File replication service (FRS) is responsible for replicating all policies and scripts.
27. What is member server?
Member server which belongs to a domain, but does not contains a copy of active directory
data.
28. What is stand alone server?
A server that belongs to a workgroup, not a domain is called as standalone server.
29. What is Desktop?The desktop which is a screen you see after you logon to windows all OS. It is most
important feature on your computer.
30. What is Client?
A client is any device such as personal computer, printer or any other server which request
services or resources from a server.
31. What is Server?
A server is a computer that provides network resources and services to workstation and
other clients.
32. What is domain controller?The first computer in the entire forest, on which you have installed active directory.
33. What is additional domain controller?
It maintains a backup copy of Active Directory which will be read only format. This is used
for load balancing and fault tolerance.
34. How to know whether a server is domain controller or not?
By My Computer properties
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 24/91
24
On network identification tab, the properties button will be disabled.
By typing dcpromoIf it is already a Domain controller, you will get un installation wizard for Active
directory.
You see ntds folder in regedit.
35. Explain replication in Active Directory?Windows server 2003 uses replication model call multimaster replication, in which all
replicas in Active directory database are considered equal masters. You can make changes
to the database on any domain controller and changes will be replicated to other domaincontrollers in the domain.
Domain controller in the same site replicate on the basis of notification. When changes are
made in the domain controller it notifies its replication partners (the other domain
controller in the site) the partner then request changes and replication occurs. Because of the high speed, low cost connection assumed within a site replication occurs as needed
rather than according to a schedule.
You can create additional sites when you need to control how replication traffic occurs overa slow WAN link.
36. Is it possible to rename domain name and how?
In Windows 2000 it is not possible, in windows 2003 it is possible. On domain controller bygoing to my computer properties we can change.
37. When should you create a Forest?
The organization that operates on radically different bases may require separate tree withdistinct namespace. Unique brand names often give rise to separate DNS identities.
Organization form partnership and joint ventures. While access the common resources is
described separately defined tree can enforce more direct administrative and security
restrictions.
38. How can you authenticate between forests?
There are four types of authentication1. Kerberos and NTLM network logon for remote access to server in another forest.
2. Kerberos and NTLM interactive logon for physical logon outside the user’s home forest.
3. Kerberos delegation to entire application in another forest.
4. User principal name (UPN) credential.
39. How to publish printer in active directory?
1. Logon to computer as an Administrator.
2. Click start, point to settings and then click printer.3. In printer folder right click the printer that you want to publish in active directory and
then click properties.4. Click the sharing tab, click share as and the type a share name.
5. Click to select the list in directory check box and then click ok 6. And then close printer folder.
40. What is FSMO role and explain?
Flexible Single Master Operation Role
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 25/91
25
Forest Level Role – Domain naming master
Schema master.
Domain Level Role- PDC Emulator
RID Master
Infrastructure Master.
Domain Naming Master- domain naming master is responsible for maintaining
relationship between the domains. Without this role it is not possible to add or remove any
domain.
Schema Master- schema contains, set of classes and attributes. E.g. users, computers and
printers are the object in active directory which are having their own set of attributes.Schema master is responsible for maintaining schema; changes to the schema will affect
entire forest.
PDC Emulator- server which is performing this role acts as a PDC in mix mode tosynchronize directory information between windows 2000 Domain controller to windows
NT. Backup domain controllers (BDC). Server which is performing this role will containlatest password information. This role is also responsible for time synchronization in theforest.
RID Master- server which is performing this role for processing RID pool request from all
domain controllers within a given domain. It is also responsible for removing an object fromits domain and putting it in another domain during an object move.
Infrastructure Master-it is responsible for managing group membership information inthe domain. This role is responsible for updating DN when name and location of object is
modified.
Operations Master Roles
The five operations master roles are assigned automatically when the first domain controller in a
given domain is created. Two forest-level roles are assigned to the first domain controller created in
a forest and three domain-level roles are assigned to the first domain controller created in a
domain.
Forestwide Operations Master Roles
The schema master and domain naming master are forestwide roles, meaning that there is only one
schema master and one domain naming master in the entire forest.
Schema Master
The schema master is responsible for performing updates to the AD DS schema. The schema masteris the only domain controller that can perform write operations to the directory schema. Those
schema updates are replicated from the schema master to all other domain controllers in the forest.
Having only one schema master for each forest prevents any conflicts that would result if two or
more domain controllers attempt to concurrently update the schema.
Domain Naming Master
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 26/91
26
The domain naming master manages the addition and removal of all domains and directory
partitions, regardless of domain, in the forest hierarchy. The domain controller that has the domain
naming master role must be available in order to perform the following actions:
Add new domains or application directory partitions to the forest.
Remove existing domains or application directory partitions from the forest.
Add replicas of existing application directory partitions to additional domain controllers.
Add or remove cross-reference objects to or from external directories.
Prepare the forest for a domain rename operation.
Domainwide Operations Master Roles
The other operations master roles are domainwide roles, meaning that each domain in a forest hasits own RID master, PDC emulator, and infrastructure master.
RID Master
The relative identifier (RID) operations master allocates blocks of RIDs to each domain controller in
the domain. Whenever a domain controller creates a new security principal, such as a user, group,
or computer object, it assigns the object a unique security identifier (SID). This SID consists of a
domain SID, which is the same for all security principals created in the domain, and a RID, which
uniquely identifies each security principal created in the domain.
PDC Emulator
The PDC emulator operations master acts as a Windows NT PDC in domains that contain client computers operating without AD DS client software or Windows NT backup domain controllers
(BDC). In addition, the PDC emulator processes password changes from clients and replicates the
updates to the Windows NT BDCs. Even after all Windows NT domain controllers are upgraded to
AD DS, the PDC emulator receives preferential replication of password changes performed by other
domain controllers in the domain.
If a logon authentication fails at another domain controller due to a bad password, that domain
controller forwards the authentication request to the PDC emulator before rejecting the logon
attempt.
Infrastructure MasterThe infrastructure operations master is responsible for updating object references in its domain
that point to the object in another domain. The infrastructure master updates object references
locally and uses replication to bring all other replicas of the domain up to date. The object reference
contains the object’s globally unique identifier (GUID), distinguished name and possibly a SID. The
distinguished name and SID on the object reference are periodically updated to reflect changes
made to the actual object. These changes include moves within and between domains as well as the
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 27/91
27
deletion of the object. If the infrastructure master is unavailable, updates to object references are
delayed until it comes back online.
41. Explain Infrastructure of FSMO Role?
When an object in one domain is referenced by another object in another domain, it
represent the reference by the GUID, the SID (for reference to security principals), and the
DN of the object being referenced. The infrastructure FSMO role holder is the DomainController responsible for updating an objects SID and distinguished name in a cross
domain object reference.
Note: - The infrastructure master role should be held by domain controller that is not a
Global Catalogue Server (GC).
42. How will you replace FSMO Role?
Place the RID and PDC emulator role on the same domain controller. Good communication
from the PDC to RID master is desirable a down level clients and application target the PDC,making it a long consumer of RID’s.
As a general rule, the infrastructure master should be located on non global catalogue
server that has direct connection object to some global catalogue in the forest, preferably inthe same Active Directory site.
At the forest level the schema master and domain naming master roles should be placed on
the same domain controller as they are rarely used and should be tightly controlled.
Additionally, the domain naming master FSMO should also be a global catalogue server.
43. How to manually configure FSMO role to separate Domain Controller?
We can configure it manually by two ways-
Through MMC-We can configure domain naming master role through active directory domains and trusts.
We can configure schema master role through Active Directory schema.
Other three roles we can configure by Active Directory users and computers.
Through command prompt-By using command NTDSUTIL type ROLES type CONNECTIONS CONNECT TO
SERVER SERVER NAME , where server name is the name of the domain controller that you
want to assign role- then type Transfer role, where role is the role which you want totransfer. For list of roles you can transfer type ? at the FSMO Maintenance prompt, and
then press enter or see the list of roles at the start of this article.
44. Where are the FSMO Roles found? The first domain controller that is installed in windows 2000 domain, by default holds all
five of the FSMO server role. Then as more domain controllers are added to the domain, the
FSMO roles can be moved to other domain controller.
45. Can you move FSMO Roles?Yes, moving a FSMO server role is a manual process, it does not happen automatically. But
what if you only have one domain controller in your domain? That is fine, if you have only
one domain controller in your organization then you have one forest, one domain and of course the one domain controller. All 5 FSMO server roles will exist on that domain
controller. There is no rule that says you have to have one server for each FSMO server role.
46. FSMO Tools AD --> DNS --> FSMO. Copy ----Paste
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 28/91
28
47. What will happen if Domain Naming Master fails?
Domain Naming Master must be available when adding or removing a domain from theforest (i.e. running DCPROMO). If it is not, then the domain cannot be added or removed. It
is also needed when promoting or demoting a server to/from a Domain Controller. Like the
Schema Master, this functionality is only used on occasion and is not critical unless you are
modifying your domain or forest structure.
48. What will happen if RID Master fails?
RID Master provides RIDs for security principles (users, groups, computer accounts). The
failure of this FSMO server would have little impact unless you are adding a very largenumber of users or groups.
Each DC in the domain has a pool of RIDs already, and a problem would occur only if the DC
you adding the users/groups on ran out of RIDs.
49. What will happen if PDC Emulator fails?
The server holding the PDC emulator role will cause the most problems if it is unavailable.
This would be most noticeable in a mixed mode domain where you are still running NT 4BDCs and if you are using down-level clients (NT and Win9x). Since the PDC emulator acts
as a NT 4 PDC, then any actions that depend on the PDC would be affected (User Manager
for Domains, Server Manager, changing passwords, browsing and BDC replication).
In a native mode domain the failure of the PDC emulator isn't as critical because otherdomain controllers can assume most of the responsibilities of the PDC emulator.
50. What will happen if Infrastructure Master fails?
This FSMO server is only relevant in a multi-domain environment. If you only have onedomain, then the Infrastructure Master is irrelevant. Failure of this server in a multi-domain
environment would be a problem if you are trying to add objects from one domain to
another.
51. What are the different types of profile?Local profile
Roaming profile
Mandatory profile
Local profile: It is a profile loaded for the user and saved in the local hard drivewhere the user works.And profile will be saved when a user logs off.
Local profiles are limited only to the machine where they are saved.
A user with a local profile will not be loaded with a network profile when he logs
on from another machine.
Roaming Profile: It is a profile, which is saved in the shared folder on the server.
Hence available in the entire network.
Roaming profile is a n/w profile which is available in the entire network. As aresult when a user logs in from any machine in the n/e he will be loaded with a
roaming.
Mandatory Profile: Mandatory Profile is a profile used for controlling desktop
Environment setting especially used for restricting user from saving user data,
Setting and configuration on the desktop.It is a type of roaming profile but settings are not saved when a user logs off.
Changes will be available only for the session where user is active. (Active
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 29/91
29
Session)
52. What types of naming convention active directory uses?
Active Directory supports several types of names for the different formats that can
access Active Directory.
These names include:
Relative Distinguished Names
The relative distinguished name (RDN) of an object identifies an object uniquely, but
only within its parent container. Thus the name uniquely identifies the object relative to the other objects within the same container. In the example
CN=wjglenn,CN=Users,DC=contoso,DC=com,
the relative distinguished name of the object is CN=wjglenn. The relativedistinguished name of the parent organizational unit is Users. For most objects, the
relative distinguished name of an object is the same as that object’s Common Nameattribute. Active Directory creates the relative distinguished name automatically,
based on information provided when the object is created. Active Directory does not
allow two objects with the same relative distinguished name to exist in the same
parent container.
The notations used in the relative distinguished name (and in the distinguished
name discussed in the next section) use special notations called LDAP attribute tags
to identify each part of the name.
The three attribute tags used include:
DC The Domain Component (DC) tag identifies part of the DNS name of the
domain, suchas COM or ORG.
OU The Organizational Unit (OU) tag identifies an organizational unit
container. CN The Common Name (CN) tag identifies the common name configured for
an ActiveDirectory object.
Distinguished Names
Each object in the directory has a distinguished name (DN) that is globally unique
and identifies not only the object itself, but also where the object resides in the
overall object hierarchy. You can think of the distinguished name as the relativedistinguished name of an object concatenated with the relative distinguished names
of all parent containers that makeup the path to the object.
An example of a typical distinguished name would be:
CN=wjglenn,CN=Users,DC=contoso,DC=com.
This distinguished name would indicate that the user object wjglenn is in the Users
container, which in turn is located in the contoso.com domain. If the wjglenn object
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 30/91
30
is moved to another container, its DN will change to reflect its new position in the
hierarchy. Distinguished names are guaranteed to be unique in the forest, similar to
the way that a fully qualified domain name uniquely identifies an object’s placement
in a DNS hierarchy. You cannot have two objects with the same distinguished name.
User Principal NamesThe user principal name that is generated for each object is in the form username@
domain name. Users can log on with their user principal name, and an administrator
can define suffixes for user principal names if desired. User principal names should
be unique, but Active Directory does not enforce this requirement. It’s best,however, to formulate a naming Convention that avoids duplicate user principal
names.
Canonical Names
An object’s canonical name is used in much the same way as the distinguishedname— it just uses a different syntax. The same distinguished name presented in
the preceding section would have the canonical name: contoso.com/Users/wjglenn.As you can see, there are two primary differences in the syntax of distinguished
names and canonical names. The first difference is that the canonical name presents
the root of the path first and works downward toward the object name. The second
difference is that the canonical name does not use the LDAP attribute tags (e.g., CN
and DC).
53. What are different types of groups?
Security groups: Security groups are used to group domain users into a
single administrative unit. Security groups can be assigned permissions and
can also be used as email distribution lists. Users placed into a group inherit
the permissions assigned to the group for as long as they remain members of that group. Windows itself uses only security groups.
Distribution groups: These are used for no security purposes byapplications other than Windows. One of the primary uses is within an e-
mail.
As with user accounts, there are both local and domain-level groups. Local groups
are stored in a local computer’s security database and are intended to controlresource access on that computer. Domain groups are stored in Active Directory and
let you gather users and control resource access in a domain and on domain
controllers.
54. What is a group scope and what are the different types of group scopes?
Group scopes determine where in the Active Directory forest a group is accessible
and what objects can be placed into the group. Windows Server 2003 includes three
group scopes: global, domain local, and universal.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 31/91
31
Global groups are used to gather users that have similar permissions
requirements. Global groups have the following characteristics:
1. Global groups can contain user and computer accounts only from the domain in
which the global group is created.
2. When the domain functional level is set to Windows 2000 native or Windows
Server 2003 (i.e., the domain contains only Windows 2000 or 2003 servers), globalgroups can also contain other global groups from the local domain.
3. Global groups can be assigned permissions or be added to local groups in any
domain in a forest.
Domain local groups exist on domain controllers and are used to control
access to resources located on domain controllers in the local domain (for
member servers and workstations, you use local groups on those systems
instead). Domain local groups share the following characteristics:
1. Domain local groups can contain users and global groups from any domain in aforest no matter what functional level is enabled.
2. When the domain functional level is set to Windows 2000 native or WindowsServer 2003, domain local groups can also contain other domain local groups and
universal groups.
Universal groups are normally used to assign permissions to related
resources in multiple domains. Universal groups share the following
characteristics:
1. Universal groups are available only when the forest functional level is set to
Windows 2000 native or Windows Server 2003.
2. Universal groups exist outside the boundaries of any particular domain and are
managed by Global Catalog servers.3. Universal groups are used to assign permissions to related resources in multiple
domains.
4. Universal groups can contain users, global groups, and other universal groupsfrom any domain in a forest.
5. You can grant permissions for a universal group to any resource in any domain.
55. How many characters does a group name contain?
64
56. What’s the difference between local, global and universal groups?
Domain local groups assign access permissions to global domain groups for local
domain resources. Global groups provide access to resources in other trusted
domains. Universal groups grant access to resources in all trusted domains.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 32/91
32
57. What is trust relationship and how many types of trust relationship is there in
exchange 2003?
Since domains represent security boundaries, special mechanisms called trust
relationships allow objects in one domain (called the trusted domain) to access
resources in another domain (called the trusting domain).
Windows Server 2003 supports six types of trust relationships:
Parent and child trusts
Tree-root trusts
External trusts Shortcut trusts
Realm trusts
Forest trusts
58. What are the different types of trust relationships
Implicit Trusts ----- Establish trust relationship automatically.
Explicit Trusts ----- We have to build manually trust relationship .NT to Win2k orForest to Forest
Transitive ----- If A B C then A C
Non-Transitive ----- If A B C then A is not trusting C
One way ----- One side
Two way ----- two sides
59. Can we establish trust relationship between two forests
In Windows 2000 it is not possible. In Windows 2003 it is possible
60. What is group policy?
The Collection of policies known as group policies and its use for control on ournetwork.
61. What are Group Policies?
Group Policies are settings that can be applied to Windows computers, users or
both. In Windows 2000 there are hundreds of Group Policy settings. Group Policiesare usually used to lock down some aspect of a PC. Whether you don't want users to
run Windows Update or change their Display Settings, or you want to insure certain
applications are installed on computers - all this can be done with Group Policies.
Group Policies can be configured either locally or by Domain Polices. Local policies
can be accessed by clicking Start, Run and typing gpedit.msc. They can also beaccessed by opening the Microsoft Management Console (Start, Run type mmc), and
adding the Group Policy snap-in. You must be an Administrator to configure/modify
Group Policies. Windows 2000 Group Policies can only be used on Windows 2000
computers or Windows XP computers. They cannot be used on Win9x or WinNT
computers.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 33/91
33
62. Domain policy gets applied to whom?
Domain Policies are applied to computers and users who are members of a Domain,
and these policies are configured on Domain Controllers. You can access Domain
Group Polices by opening Active Directory Sites and Services (these policies apply to
the Site level only) or Active Directory Users and Computers (these policies apply to
the Domain and/or Organizational Units).
63. From Where to create a Group Policy?
To create a Domain Group Policy Object open Active Directory Sites and Services
and right click Default-First-Site-Name or another Site name, choose properties,then the Group Policy tab, then click the New button. Give the the GPO a name, then
click the Edit button to configure the policies.
For Active Directory Users and Computers, it the same process except you right click
the Domain or an OU and choose properties.
64. Who can Create/Modify Group Policies?
You have to have Administrative privileges to create/modify group policies. Thefollowing table shows who can create/modify group policies:
Policy Type Allowable Groups/Users
Site Level Group Policies: - Enterprise Administrators and/or Domain
Administrators in the root domain. The root domain is the first domain created in a
tree or forest. The Enterprise Administrators group is found only in the root
domain.
Domain Level Group Policies:-Enterprise Administrators, Domain Administrators
or members of the built-in group - Group Policy Creator Owners. By default only the
Administrator user account is a member of this group.
OU Level Group Policies: - Enterprise Administrators, Domain Administrators or
members of the Group Policy Creator Owners. By default only the Administratoruser account is a member of this group.
Additionally, at the OU level, users can be delegated control for the OU GroupPolicies by starting the Delegate Control Wizard (right click the OU and choose
Delegate Control).However, the wizard only allows the delegated user to Link
already created group policies to the OU. If you want to give the OU administratorscontrol over creating/modifying group policies, add them to the Group Policy
Creator Owners group for the domain.
Local Group Policies:-The local Administrator user account or members of thelocal Administrators group.
65. How are Group Policies Applied?
Group Polices can be configured locally, at the Site level, the Domain level or at the
Organizational Unit (OU) level. Group Policies are applied in a Specific Order, LSDO –
Local policies first, then Site based policies, then Domain level policies, then OU
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 34/91
34
polices, then nested OU polices (OUs within OUs). Group polices cannot be linked to
a specific user or group, only container objects.
In order to apply Group Polices to specific users or computers, you add users (or
groups) and computers to container objects. Anything in the container object will
then get the policies linked to that container. Sites, Domains and OUs are considered
container objects.Computer and User Active Directory objects do not have to put in the same
container object. For example, Sally the user is an object in Active Directory. Sally's
Windows 2000 Pro PC is also an object in Active Directory. Sally the user object can
be in one OU, while her computer object can be another OU. It all depends on howyou organize your Active Directory structure and what Group Policies you want
applied to what objects.
User and Computer Policies
There are two nodes in each Group Policy Object that is created. A Computer nodeand a User Node. They are called Computer Configuration and User Configuration
(see image above). The polices configured in the Computer node apply to thecomputer as a whole. Whoever logs onto that computer will see those policies.
Note: Computer policies are also referred to as machine policies.User policies are user specific. They only apply to the user that is logged on. When
creating Domain Group Polices you can disable either the Computer node or User
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 35/91
35
node of the Group Policy Object you are creating. By disabling a node that no
policies are defined for, you are decreasing the time it takes to apply the polices.
To disable the node polices: After creating a Group Policy Object, click that Group
Policy Object on the Group Policy tab, then click the Properties button. You will see
two check boxes at the bottom of the General tab.
It's important to understand that when Group Policies are being applied, all the
policies for a node are evaluated first, and then applied. They are not applied one
after the other. For example, say Sally the user is a member of the Development OU,and the Security OU. When Sally logs onto her PC the policies set in the User node of
the both the Development OU and the Security OU Group Policy Objects are
evaluated, as a whole, and then applied to Sally the user. They are not applied
Development OU first, and then Security OU (or visa- versa). The same goes for
Computer policies. When a computer boots up, all the Computer node polices forthat computer are evaluated, then applied.
When computers boot up, the Computer policies are applied. When users login, the
User policies are applied. When user and computer group policies overlap, the
computer policy wins.Note: IPSec and EFS policies are not additive. The last policy applied is the policy
the User/computer will have.
When applying multiple Group Policies Objects from any container, Group Policies
are applied from bottom to top in the Group Policy Object list. The top Group Policy
in the list is the last to be applied. In the above image you can see three Group Policy
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 36/91
36
Objects associated with the Human Resources OU. These polices would be applied
No Windows Update first, then No Display Settings, then No Screensaver. If there
were any conflicts in the policy settings, the one above it would take precedence.
66. How to disable Group Policy Objects
When you are creating a Group Policy Object, the changes happen immediately.There is no "saving" of GPOs. To prevent a partial GPO from being applied, disable
the GPO while you are configuring it. To do this, click the Group Policy Object on the
Group Policy tab and under the Disable column, double click - a little check will
appear. Click the Edit button, make your changes, then double click under theDisable column to re-enable the GPO. Also, if you want to temporarily disable a GPO
for troubleshooting reasons, this is the place to do it. You can also click the Options
button on the Group Policy tab and select the Disabled check box.
67. When does the group policy Scripts run?
Startup scripts are processed at computer boot up and before the user logs in.
Shutdown scripts are processed after a user logs off, but before the computer shutsdown.Login scripts are processed when the user logs in.
Logoff scripts are processed when the user logs off, but before the shutdown script
runs.
68. When the group policy gets refreshed/applied?
Group Policies can be applied when a computer boots up, and/or when a user logs
in.
However, policies are also refreshed automatically according to a predefined
schedule. This is called Background Refresh.
Background refresh for non DCs (PCs and Member Servers) is every 90 mins, with a+/- 30 min.Interval. So the refresh could be 60, 90 or 120 mins. For DCs (Domain
Controllers), background refresh is every 5 mins.
Also, every 16 hours every PC will request all group policies to be reapplied (userand machine) These settings can be changed under Computer and User Nodes,
Administrative Templates, System, Group Policy.
69. Which are the policy which does not get affected by background refresh?
Policies not affected by background refresh. These policies are only applied at logontime:
Folder Redirection
Software InstallationLogon, Logoff, Startup, Shutdown Scripts
70. Which are the two types of default policies?
There are two default group policy objects that are created when a domain is
created. The Default Domain policy and the Default Domain Controllers policy.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 37/91
37
Default Domain Policy - this GPO can be found under the group policy tab for that
domain. It is the first policy listed. The default domain policy is unique in that
certain policies can only be applied at the domain level.
If you double click this GPO and drill down to Computer Configuration, Windows
Settings, Security Settings, Account Policies, you will see three policies listed:
Password Policy
Account Lockout Policy
Kerberos Policy
These 3 policies can only be set at the domain level. If you set these policies
anywhere else-Site or OU, they are ignored. However, setting these 3 policies at the
OU level will have the effect of setting these policies for users who log on locally to
their PCs. Login to the domain you get the domain policy, login locally you get the
OU policy.
If you drill down to Computer Configuration, Windows Settings, Security Settings,Local Policies, Security Options, there are 3 policies that are affected by Default
Domain Policy: Automatically log off users when logon time expires.
Rename Administrator Account - When set at the domain level, it affects the
Domain Administrator account only.
Rename Guest Account - When set at the domain level, it affects the Domain Guest
account only.
The Default Domain Policy should be used only for the policies listed above. If you
want to create additional domain level policies, you should create additional domain
level GPOs.Do not delete the Default Domain Policy. You can disable it, but it is not
recommended.
Defaults Domain Controllers Policy - This policy can be found by right clicking theDomain Controllers OU, choosing Properties, then the Group Policy tab. This policy
affects all Domain Controllers in the domain regardless of where you put the domain
controllers. That is, no matter where you put your domain controllers in ActiveDirectory (whatever OU you put them in), they will still process this policy.
Use the Default Domain Controllers Policy to set local policies for your domain
controllers, e.g. Audit Policies, Event Log settings, who can logon locally and so on.
71. How to refresh Group Policies suing the command line?
Secedit.exe is a command line tool that can be used to refresh group policies on a
Windows 2000 computer. To use secedit, open a command prompt and type:secedit /refreshpolicy user_policy to refresh the user policies
secedit /refreshpolicy machine_policy to refresh the machine (or computer)
policies
These parameters will only refresh any user or computer policies that have changed
since the last refresh. To force a reload of all group policies regardless of the last
change, use:
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 38/91
38
secedit /refreshpolicy user_policy /enforce
secedit /refreshpolicy machine_policy /enforce
Gpupdate.exe is a command line tool that can be used to refresh group policies on a
Windows XP computer. It has replaced the secedit command. To use gpupdate, open
a command prompt and type:
gpupdate /target:user to refresh the user policies
gpupdate /target:machine to refresh the machine (or computer) policies
gpupdate /force
Notice the /force switch applies to both user and computer policies. There is no
separation of the two like there is with secedit.
72. What is Domain Policy, Domain controller policy, Local policy and Group
policy?Domain Policy will apply to all computers in the domain, because by default it will
be associated with domain GPO, Where as Domain controller policy will be applied
only on domain controller. By default domain controller security policy will be
associated with domain controller GPO. Local policy will be applied to that
particular machine only and effects to that computer only.
73. Who can create site level Group Policy?
Enterprise Admin
74. Who can create Domain lever Group Policy?
Domain Admin
75. Who can create Organization Unit lever Group Policy?
Domain Admin
76. Who can create Local Group Policy?
Local Administrator or Domain Administrator
77. What is the hierarchy of Group Policy?
Local policy
|
Site Policy|
Domain Policy
|
OU Policy
|
Sub OU Policy (If any are there)
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 39/91
39
78. GPMC & RSOP in windows 2003?
GPMC is tool which will be used for managing group policies and will display
information like how many policies applied, on which OU’s the policies applied,
What are the settings enabled in each policy, Who are the users effecting by these
polices, who is managing these policies. GPMC will display all the above information.
RSoP provides details about all policy settings that are configured by an
Administrator, including Administrative Templates, Folder Redirection, Internet
Explorer Maintenance, Security Settings, Scripts, and Group Policy Software
Installation.When policies are applied on multiple levels (for example, site, domain, domain
controller, and organizational unit), the results can conflict. RSoP can help you
determine a set of applied policies and their precedence (the order in which policies
are applied).
79. What is GPMC tool?
The Group Policy Management Console (GPMC) is a tool for managing group policiesin Windows Server 2003. It provides administrators a single consolidated
environment for working on group policy-related tasks. GPMC provides a single
interface with drag-and-drop functionality to allow an administrator to manage
group policy settings across multiple sites, domains, or even forests. GPMC is used to
back up, restore, import, and copy group policy objects. It also provides a reporting
interface on how group policy Objects (GPOs) have been deployed.
80. What are the functional levels we have in Windows 2003?
There are 2 types of functional levels in Windows 2003.
Forest Functional Level
Domain Functional Level
81. What is forest functional level in Windows 2003?
The functional level of Active Directory forest that has one or more domaincontrollers running Windows server 2003. The functional level of a forest can be
raised to enable new Active Directory features that will apply to every domaincontroller in the forest.
There are 3 forest functional level.
Windows 2000 (Supports NT, 2000, 2003 domain controllers)
Windows server 2003 interim (supports only NT, 2003 domain controllers)
Windows server 2003 (Supports only 2003 family domain controllers)
Note: When you raise the functional level to windows server 2003 interim or
windows server 2003 you will get advanced forest wide Active Directory features.
82. What is domain functional level in Windows 2003?
The functional level of Active Directory domain that has one or more domain
controllers running Windows server 2003. The functional level of a domain can be
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 40/91
40
raised to enable new Active Directory features that will apply to that domain only.
There are 4 domain functional level.
Windows 2000 mixed (supports NT, 2000, 2003 domain controllers) Windows 2000 native (supports 2000, 2003 domain controllers only)
Windows server 2003 interim (supports NT, 2003 domain controllers only) Windows server 2003 (Supports only 2003 domain controllers)
Note: When you raise the domain functional level you will get additional features.
Note: By default domain operates at the Windows 2000 mixed mode functionallevel.
83. How to raise forest functional level in Windows 2003?
Start Programs Administrative toolsActive Directory Domains and Trusts
Right click on the Active Directory Domains and Trusts Select Raise Forest functional level Select the required forest functional level click OK
Note: To perform this you must be member of Domain Admin group (in the forest root domain) or the Enterprise admin group.
84. How to raise domain functional level in Windows 2003?
Start Programs Administrative tools Active Directory Users and computes
Right click on the domain name Select Raise domain functional level Select
the appropriate domain level click OK
Note: If the functional level is windows server 2003 then you will get all the features
that are available with 2003. When Windows NT or Windows 2000 domain
controllers are included in your domain or forest with domain controller running
Windows server 2003, Active Directory features are limited.Note: Once if you raise the domain or forest functional level you cannot revert back.
85. Advantages of different functional levels?
Whenever you are in Windows 2000 mixed mode the advantage is you can use
Windows NT, 2000, 2003 domain controllers. The limitations are you cannot create universal groups
You cannot nest groups
You cannot convert groups (i.e., conversion between security groups anddistribution groups)
some additional dial in features will be disabled
You cannot rename the domain controller. SID history disabled.
86. What is replication?
Replication is a process through which the changes made to a replica on one domain
controller are synchronized to replicas on all the other domain controllers in the
network. Each domain controller stores three types of replicas:
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 41/91
41
Schema partition: This partition stores definitions and attributes of objects
that can be created in the forest. The changes made in this partition are
replicated to all the domain controllers in all the domains in the forest.
Configuration partition: This partition stores the logical structure of the
forest deployment. It includes the domain structure and the replication
topology. The changes made in this partition are replicated to all the domaincontrollers in all the domains in the forest.
Domain partition: This partition stores all the objects in a domain. Changes
made in this partition are replicated to all the domain controllers within the
domain.
Note: Windows Server 2003 supports a new type of directory partition named
Application directory partition. This partition is available only to Windows 2003
domain controllers. The applications and services use this partition to store
application-specific data.
87. How to monitor replicationWe can user Replmon tool from support tools
88. What is multimaster replication?
Active Directory follows the multimaster replication which every replica of the
Active Directory partition held on every domain is considered an equal master.
Updates can be made to objects on any domain controller, and those updates are
then replicated to other domain controllers.
89. What is clustering?
A cluster is a group of two or more computers (servers) connected to provide fault
tolerance and load balancing. It is dedicated to run a specific application. Eachserver in a cluster is known as a node. The failover and failback capabilities of a
cluster bring the application downtime to zero.
Note: Server clustering is intended to provide high availability for applications andnot for data.
90. What is Clustering? Briefly define & explain it?
Clustering is a technology, which is used to provide High Availability for mission
critical applications. We can configure cluster by installing MCS (Microsoft clusterservice) component from Add remove programs, which can only available in
Enterprise Edition and Data center edition.
In Windows we can configure two types of clustersNLB (network load balancing) cluster for balancing load between servers. This
cluster will not provide any high availability. Usually preferable at edge servers like
web or proxy.
Server Cluster: This provides High availability by configuring active-active or
active-passive cluster. In 2 node active-passive cluster one node will be active and
one node will be stand by. When active server fails the application will FAILOVER to
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 42/91
42
stand by server automatically. When the original server backs we need to FAILBACK
the applicationQuorum: A shared storage need to provide for all servers which keeps information
about clustered application and session state and is useful in FAILOVER situation.
This is very important if Quorum disk fails entire cluster will fails
Heartbeat: Heartbeat is a private connectivity between the servers in the cluster,which is used to identify the status of other servers in cluster.
91. What is the difference between Authoritative and Non-Authoritative
restoration?
Although you might have several domain controllers (DCs) providing fault tolerance
for your domain, you still need to perform regular backups. Windows backs up AD
as part of the System State and restores the directory by booting a DC into the
Directory Services restore mode.
The default Directory Services restore mode is a non-authoritative restoration. In
this mode, Windows restores a DC's directory from the backup. Then, the DCreceives from its replication partner’s new information that's been processed since
the backup. For example, let's say we restore a DC using a 2-day-old backup. After
the DC starts, its replication partners send all updates that have occurred in the past
2 days. This type of restore is typically used if a DC fails for hardware or software
reasons.
An authoritative restoration restores the DC's directory to the state it was in when
the backup was made, then overwrites all other DCs to match the restored DC,
thereby removing any changes made since the backup. You don't have to perform an
authoritative restoration of the entire directory--you can choose to make only
certain objects authoritative. When you restore only parts of the directory, Windowsupdates the rest of the restored database by using information from the other DCs
to bring the directory up-to-date, then replicates the objects that you mark as
authoritative to the other DCs. This type of restore is most useful if you deleted, forexample, an organizational unit (OU). In this case, you could restore an AD backup to
a DC, mark the OU as authoritative, and then start the DCs normally. Because youmarked the OU as authoritative, Windows will ignore the fact that the OU was
previously deleted, replicate the OU to the other DCs, and apply all other changes
made since the backup to the restored DC from its replication partners.
92. What is DFS & its usage
DFS is a distributed file system used to provide common environment for users toaccess files and folders even when they are shared in different servers physically.
There are two types of DFS domain DFS and Stand alone DFS. We cannot provide
redundancy for standalone DFS in case of failure. Domain DFS is used in a domain
environment which can be accessed by /domain name/root1 (root 1 is DFS root
name). Stand alone DFS can be used in workgroup environment which can be
accessed through /server name/root1 (root 1 is DFS root name). Both the cases we
need to create DFS root (Which appears like a shared folder for end users) and DFS
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 43/91
43
links ( A logical link which is pointing to the server where the folder is physically
shared)
The maximum number of Dfs roots per server is 1.
The maximum numbers of Dfs root replicas are 31.
The maximum number of Dfs roots per domain is unlimited.
The maximum number of Dfs links or shared folders in a Dfs root is 1,000
93. What is REPLMON?
Replmon displays information about Active Directory Replication.
94. What is ADSIEDIT?
ADSIEdit is a Microsoft Management Console (MMC) snap-in that acts as a low-level
editor for Active Directory. It is a Graphical User Interface (GUI) tool. Network
administrators can use it for common administrative tasks such as adding, deleting,and moving objects with a directory service. The attributes for each object can be
edited or deleted by using this tool. ADSIEdit uses the ADSI applicationprogramming interfaces (APIs) to access Active Directory. The following are the
required files for using this tool: ADSIEDIT.DLL ADSIEDIT.MSCNETDOM.
95. What is NETDOM?
NETDOM is a command-line tool that allows management of Windows domains and
trust relationships. It is used for batch management of trusts, joining computers to
domains, verifying trusts, and secure channels.
96. What is REPADMIN?
This command-line tool assists administrators in diagnosing replication problems
Between Windows domain controllers. Administrators can use Repadmin to viewthe replication topology (sometimes referred to as RepsFrom and RepsTo) as seen
from the perspective of each domain controller. In addition, Repadmin can be used
to manually create the replication topology (although in normal practice this shouldnot be necessary), to force replication events between domain controllers, and to
view both the replication metadata and up-to-dateness vectors.
97. What is nesting?
The creation of an OU inside another OU.IMP: - once you go beyond about 12 OUs deep in a nesting structure, you start
running into significant performance issues.
98. What is volume shadow copy?
The Windows Backup provides a feature of taking a backup of files that are opened
by a user or system. This feature is known as volume shadow copy. Volume shadow
copy makes a duplicate copy of all files at the start of the backup process. In this
way, files that have changed during the backup process are copied correctly. Volume
shadow copy ensures the following:
Applications continue to write data to the volume during a backup
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 44/91
44
Backups are scheduled at any time without locking out users.
99. What is Performance Monitor?
Performance Monitor is used to get statistical information about the hardware and
software components of a server. Performance Monitor is used for the following:
Monitor objects on multiple computers.
Log data pertaining to objects on multiple computers, over time.
Analyze the effects of changes made to a computer.
Launch programs and send notifications when thresholds are reached. Export data for analysis in spreadsheet or database applications.
Save counter and object settings for repeated use.
Create reports for use in analyzing performance, over time.
100. What is System Monitor?
System Monitor is a Windows graphical tool for measuring the performance of a
host or remote computer. It is used to view reports on CPU load, memory usage, andinterrupt rate, and the overall throughput of the traffic on a network. Using System
Monitor, administrators can perform the following functions:
Create charts and reports to measure a computer's efficiency.
Identify and troubleshoot possible issues, such as unbalanced resource use,
insufficient hardware, or poor program design.
Plan for additional hardware needs.
System Monitor can also be used to monitor the resource use of specific components
and program processes.
101. What is Active Directory Migration Tool (ADMT) ?
The Active Directory Migration Tool (ADMT) is used to migrate from an earlier
implementation of Windows NT to Windows Server 2003 or Windows 2000 Server.ADMT supports not only migration from Windows NT 4.0 to Active Directory but
also interforest and intraforest migrations. ADMT is designed to migrate an ActiveDirectory Schema from one forest to another, regardless of whether a change in
operating systems is involved.
ADMT 2.0 has many new features such as a command-line interface and a better
interface to work with Microsoft Exchange Server. ADMT also supports a user-
account password migration.
102. What is DSMOD?
DSMOD is a command-line utility that is used to modify existing objects, such as
users, computers, groups, servers, OUs etc., in Active Directory.
103. What is NTDSUTIL utility?
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 45/91
45
NTDSUTIL.EXE is a command-line tool that is used to manage Active Directory. This
utility is used to perform the following tasks:
Performing database maintenance of Active Directory. Managing and controlling operations master roles.
Removing metadata left behind by domain controllers.
Note: The NTDSUTIL utility is supposed to be used by experienced administrators.
104. What is DCDIAG tool? AD Troubleshooting tool.
Domain Controller Diagnostic (DCDIAG) is a diagnostic tool that is used to analyze
the domain controllers in a forest to report problems or issues. The scope of this
tool covers the functions of the domain controllers and interactions across an entire
enterprise. The DCDIAG tool is used to diagnose the domain controller status for the
following issues:
Connectivity Replication Integrity of topology
Permissions on directory partition heads Permissions of users
Functionality of the domain controller locator
Consistency among domain controllers in the site
Verification of trusts
Diagnosis of replication latencies
Replication of trust objects
Verification of File Replication service
Verification of critical services
Note: DCDIAG is an analyzing tool, which is mostly used for the reporting purposes.
Although this tool allows specific tests to berun individually, it is not intended as a general toolbox of commands for performing
specific tasks.
105. Integration of DNS and Active Directory
The integration of DNS and Active Directory is essential because a client computerin a Windows 2000 network must be able to locate a domain controller so that users
can log on to a domain or use the services that Active Directory provides. Clients
locate domain controllers and services by using A resource records and SRVrecords. The A resource record contains the FQDN and IP address for the domain
controller. The SRV record contains the FQDN of the domain controller and the
name of the service that the domain controller provides.
106. How will take backup of Active Directory?
Take the system state data backup. This will back up the active directory
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 46/91
46
Database. Microsoft recommend only Full backup of system state database
What are the content of System State backup?
The contents are Boot files, system files
Active directory (if it’s done on DC) Sysvol folder (if it done on DC)
Cerficate service (on a CA server)
Cluster database (on a clsture server)
Registry Performance couter configuration information
Coponet services class registration database
107. What is WSUS?
It is Microsoft Software Update Server, and it is designed to automate the process of distributing Windows operating system patches.
It works by controlling the Automatic Updates applet already present on allWindows machines. Instead of many machines at UVA all going to Microsoft's
website to download updates, the SUS server downloads all updates to an ITC-
owned server and workstations then look there for updates.
108. What is the Minimum Free Disk Space required?
Minimum of 6 GB free disk space is recommended to store the WSUS content.
109. How WSUS Works?
WSUS is an update component of Windows Server and offers an effective and quick
way to help keep systems up-to-date. WSUS provides a management infrastructure
consisting of the following:Microsoft Update: The Microsoft Web site to which WSUS components connect for
updates of Microsoft products.
Windows Server Update Services server: The server component that is installed
on a computer running a Microsoft Windows 2000 Server with Service Pack 4 (SP4)or Windows Server 2003 operating system inside the corporate firewall. WSUS
server provides the features that administrators need to manage and distribute
updates through a Web-based tool, which can be accessed from Internet Explorer onany Windows computer in the corporate network. In addition, a WSUS server can be
the update source for other WSUS servers.
Automatic Updates: The client computer component built into Microsoft Windows
Server 2003, Windows XP, and Windows 2000 with SP3 operating systems.
Automatic Updates enables both server and client computers to receive updates
from Microsoft Update or from a server running WSUS.
110. Difference between NT & 2000
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 47/91
47
Windows NT SAM database is a flat database. And windows 2000 active
directory database is a hierarchical database. In Windows NT only PDC is having writable copy of SAM database but the
BDC is only having read only database. In case of Windows 2000 both DC and
ADC is having write copy of the database.
Windows NT will not support FAT32 file system. Windows 2000 supportsFAT32.
Default authentication protocol in NT is NTLM (NT LAN manager). In
windows 2000 default authentication protocol is Kerberos V5.
Features introduced in windows 2000, those are not in Windows NT.
NTFS v5 supports Disk quotas.
Remote Installation Service
Built in VPN & NAT support
IPv6 supports. USB support.
Distributed File System. Clustering support. ICS (Internet Connection Sharing)
111. Difference between PDC & BDC
PDC contains a write copy of SAM database where as BDC contains read only copy of
SAM database. It is not possible to reset a password without PDC in Windows NT.
But both can participate in the user authentication. If PDC fails, we have to manually
promote BDC to PDC from server manger.
112. Difference between DC & ADC.
There is no difference between in DC and ADC both contains write copy of AD. Bothcan also handles FSMO roles (If transfers from DC to ADC). Functionality wise there
is no difference. ADC just require for load balancing & redundancy. If two physical
sites are segregated with WAN link come under same domain, better to keep oneADC in other site, and act as a main domain controller for that site. This will reduce
the WAN traffic and also user authentication performance will increase.
113. What is the difference between Win2k Server and Win2k3?
1. We can’t rename domain in Win2k,u can rename in Win2k32. IIS 5.0 in Win2k and IIS 6.0 in Win2k3
3. No Volume Shadow Copying in Win2k, its available in Win2k3
4. Active Directory Federation Systems in Win2k3Like that some other security features added in Win2k3, main features are above.
114. Difference between 98 and XP-
In XP high resolution, support NTFS file system, secure OS, plug and play facility for
USB, Fax support, inbuilt graphics drivers, faster than 98, XP can support 2
processors, new version of Internet explorer.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 48/91
48
115. Advantages of 2003
Domain rename, domain controller rename, multiuser property select, admin
account deletetion, default APIPA, shadow copy, IIS version 6, security purpose,
password complexity
116. How to load Admin Pack?
In windows 2000 CD (Only server family),Click on i386 folder Click on adminpak.msi
OrGo to command prompt (in server operating system only) Go to winnt/system32
directory type adminpak.msi or type Msiexec /i adminpak.msi
Note: Adminpak.msi is not included in the professional CD.
If you want to load the administrative tools in the local computer you can load. But
youmust have administrative permissions for the local computer to install and run
Windows 2000 Administration Tools.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 49/91
49
DNS Interview Questions:-
1. What are the basic requirements (Hardware/Software) to implement the
Windows DNS server?
Server Hardware Requirements:Microsoft's suggested minimum hardware requirements (and some Microsoft
recommendations) forWindows Server 2003 (Standard) is listed here:
· CPU speed: 133MHz (550MHz recommended)
· RAM: 128MB (256MB recommended; 4GB maximum on Standard Server)
· Disk space for setup: 1.5GB
· CD-ROM drive: 12X
· Monitor: Super VGA capable of providing 800 x 600 resolution
2. DNS requirements:
First and foremost has to support SRV records (SRV record identifies a particular
service in a particular computer) (in windows 2000 we use SRV records to identify
Domain controllers, identifying Global Catalogue, etc.
Second and third are not requirements but recommended.
Second is Dynamic Updates
Third one is IXFR (Incremental Zone Transfer)
Note: Most DNS servers support AXFR (i.e., Entire zone transfer)
In incremental we transfer only changes, but in AXFR we transfer whole.
3. How to Install the DNS Service on an Existing Server
1.Click Start, point to Control Panel, and then click Add or Remove Programs.
2.Click Add or Remove Windows Components.
3. In the Components list, click Networking Services (but do not select or clear the
check box), and then click Details.
4. Click to select the Domain Name System (DNS) check box, and then click OK.5. Click Next.
6. When you are prompted, insert the Windows Server 2003 CD-ROM into the
computer's CD-ROM drive or DVD-ROM drive.
7. On the Completing the Windows Components Wizard page, click Finish whenSetup is complete.8. Click Close to close the Add or Remove Programs window.
4. What is DNS?
DNS used for the name resolution its mainly used to resolve from name to IP
address and IP address to name, mainly used in internet. DNS divide in form of hierarchical.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 50/91
50
Two categories Zone-
Forward lookup zone- Resolved query name to IP address.
Reverse lookup zone- Resolved query IP address to name.
5. What is DNS Zone? Types of DNS zones & Explain?
A zone is simply a contiguous section of the DNS namespace. Records for a zone are
stored and managed together. Often, sub-domains are split into several zones to
make manageability easier. For example, support.microsoft.com and
msdn.microsoft.com are separate zones, where support and msdn are sub-domains
within the Microsoft.com domain.
Primary Zone:
Primary zones are created on the primary DNS servers. It is aread /write copy.
Secondary Zone:
There are created on the second DNS server where it holds a read only copy of the
zone. Secondary zones provide fall tolerance and load balancing to the primary
zone. Secondary zone is a back up for primary zone
AD integrated zones:
These are useful when we want to maintain zone information in the AD . zone is
saved in the AD as a result when we back up AD we are also backing up zone
information.
If it is a primary zone, zone is saved as a normal text file as a result we have to back
p the zone separately, AD integrated zone is created when we install AD with adomain name.
Stub zone:
Stub zone is a newly added feature in WIN 2003 stub zone contains name server
information or name server records and SOA records (Start of Authority) Stub zonesprovide fault tolerance & load balancing besides providing the name server & SOA
record information. Stub zones are useful for resolving the query faster.
6. Why Use Stub Zones?
The idea behind stub zones is to speed up name resolution and reduce network
traffic. This is a benefit for every network where you are able to use them.
7. DNS resource records, explain?
DNS zone database is made up of a collection of resource records. Each resource
record specifies information about a particular object. For example, address
mapping (A) records maps a host name to an IP address, and reverse-lookup pointer(PTR) records map an IP address to a host name. The server uses these records to
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 51/91
51
answer queries for hosts in its zone. For more information, use the table to view
DNS resource records.NS (NS Record): Name server resource record specifies the authoritative DNS server
for the particular zone.
SOA (Start of Authority): This resource record specifies the DNS server providingauthoritative information about the zone.
A ( Allias): Standard hostname resource record contains hostname to IP Address
mapping.
CNAME: This resource record allows you to use more than one name to point a
single host.
MX (Mail Exchanger): This resource record is used by e-mail applications to locate amail server within a zone.
PTR (Pointer): Used to map IP address to their associated hostnames. These records
are only used in reverse lookup zones.
SRV: This resource records is used to specify the location of specific services in a
domain.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 52/91
52
8. What is FQDN (Fully Qualified Domain Name)?
Hostname.Domain.com
Give an Example for FQDN?
For example, the fully qualified domain name (FQDN)
barney.northwind.microsoft.com can be broken down as follows:
Host name: barney
Third-level domain: north wind (stands for North wind Traders Ltd., a
fictitious Microsoft subsidiary) Second-level domain: Microsoft (Microsoft Corporation)
Top-level domain: com (commercial domain)
The root domain has a null label and is not expressed in the FQDN
9. What is a Host name?
An alias given to a computer on TCP/IP network to identify it on the network. Host
names are friendlier way to TCP/IP hosts than IP address.A host name can contain A-Z, 0-9,“.”,“-“, characters.
10. What is name Resolution?
The process of translating the name into some object or information that the name
represents is called name resolution. A telephone book forms a namespace in which
the names of telephone subscribers can be resolved to the phone numbers.
11. Where to create the primary, secondary, Active Directory Integrated zones?
If you want to create an Active Directory integrated zone, the server must be
Domain Controller.If you want to create the Primary DNS, you can create on Domain Controller or
Member server. But if create on member you could not get 4 options under the
domain which are meant for Active directory.You can create Secondary zone on a Member Server or on a Domain Controller.
There is no difference between them.
12. What are the features of Widows 2000 DNS?
Supports SRV (service) records
Supports Dynamic Updates
Supports IXFR (Incremental Zone Transfer)
Supports security
Explain each one of the above?
In windows 2000 Domain you need to have a DNS server to find different
services. The SRV records identify these services.
When you enable the Dynamic updates, all the records in the zone are
automatically created. As we add a computer to the domain, as we add a Domain
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 53/91
53
controller to the domain the corresponding records are automatically created. I.e.,
you need to create a record in the DNS zone manually to identify those computers or
services.
When an update is made in the Master it has to be replicated to the Secondary.
Previous we used to transfer the entire zone (which is called AXFR (entire zone
transfer)). But with Windows 2000 domain we transfer on the records that havebeen modified. This is called IXFR (Incremental Zone Transfer).
We get the security with Active Directory Integrated zone. We can set permission
on Active Directory like who can use and who can't use the DNS. And also we have
Secure Dynamic updates with Active Directory Integrated zone. By this onlyspecified computers only can dynamically update the records in the zone.
13. What are the commands do we use for DNS?
Nslookup (and all interactive mode commands)
Ipconfig /fulshdns
Ipconfig /registerdns
Note: A best strategy of using DNS in corporate network is use two DNS servers.
One is on internal network and another one is between two firewalls. For more
security keep the zone as secondary in the DNS server which is between firewalls.
14. What is the difference between Primary zone and Secondary zone?
Primary zone has read and write permissions, where as Secondary zone has read
only permission.Note: Secondary zone is used for Backup and Load balancing.
15. How to check whether DNS is working or not?
Type the command“nslookup” at command prompt
Then it gives the DNS server name and its IP address
16. What is Dynamic Updates in DNS?
Generally we need to create a host record for newly joined computer (either client or Member server or Domain controller). If you enable dynamic Update option, then
DNS it self creates associated host record for newly joined computers.
17. How to get Dynamic Update option?
Right Click on any zone propertieson General tab u will get Allow Dynamic
Updates? [_Yes/No/Secure Updates]Note: Put always Dynamic Updates“YES”
Note: If it is Active Directory Integrated zone you will get above three options.
But if it is Primary or Secondary zone you will get only“YES/NO” (You won’t
get secure updates)
18. What is an iterative query?The query that has been sent to the DNS server from aClient is called iterative query.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 54/91
54
(i. e., iterative query is nothing but give the answer for my question, don’t ask to
contact that person or this person or don’t say some thing else. Simply just answer
to my question. That’s all)
19. What is Recursive query?
Now your DNS server requests the root level DNS server for specific IP address.Now DNS server says that I don’t know but I can give the address other person who
can help you in finding IP address.
20. How to configure the DNS?
Open the DNS ConsoleThen you will find there
DNS Server nameForward Lookup Zone
Reverse Lookup Zone
Note: If you have selected create automatically zones during the setup, then it
creates the root zone and domain zone under forward lookup zone.If no zones are there under forward lookup zone first create root zone then create
domain zone.
21. How to create a zone?
Right click on forward lookup zonenew zone Active Directory Integrated
Primary Secondary
Select any one of above.
Note: The option Active Directory Integrated Zone is available on when you have
installed the Active Directory; if you have not installed Active Directory the option isdisabled.Note: If you want to select a Secondary zone u should have already a primary zone
or Active Directory Integrated zone.
DNS Name [____________________]
Give the DNS name
Note: If you r creating a root zone then just type in the name box “.” (only dot)
Then click Next
Finish.
After creating the root zone then create another zone with Domain NameRight click on Forward Lookup zone New zoneActive Directory Integrated
(you can choose any one)DNS Name [___]Next Finish.
Creation of zone in Reverse lookup zone
Right Click on Reverse lookup zonNew zoneType Network IdNext
NameFinish.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 55/91
55
After this
Right Click on zoneselect Create associate Ptr (pointer) recordNext finish.
22. What tabs are there on properties of Domain?
General
Start of Authority (SOA)Named servers
WINS
Zone transfers
23. What tabs are there on properties of sever?
Interface
ForwardersAdvanced
Root hints
Logging
Monitoring
24. Is there any possibility to have two Primary DNS zones?
No, you should not have two primary DNS zones. Why because if u have two primary
DNS zones some clients contacts first one, some clients contacts second one
according to their configuration in TCP/IP properties. Then you will get problems.
Actually Primary DNS zone means Single master. i.e., master is only one that is only
one primary DNS zone. But you can have as many as Secondary zones.
To overcome from above problem (i.e., single master problem) in Windows 2000 we
have Active Directory Integrated zones, which are multi masters.
25. How to create a Secondary DNS zone?
To create a secondary zone you should have Primary DNS zone or Active Directory
Integrated DNS zone.
You have to follow the same procedure as same as primary DNS configuration.
But at the time selection, select Secondary zone instead of primary zone. After that it
asks the primary DNS zone address provide that address.
Create forward lookup zone and reverse lookup zone as usual.Then,
Right click on forward lookup zoneNew zone Active Directory Integrated
Primary
Secondary
Select Secondary zone
(Note:-The option Active Directory Integrated Zone is available on when you have
installed the Active Directory; if you have not installed Active Directory the option is
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 56/91
56
disabled.)
Then it asks for Primary DNS zone details, provide those details then click on
finish.
Now go to Primary or Active Directory integrated zone then right click on zone
name propertiesclick on zone transfer Tab
Select allow zone Transfers
Here you can see three options.
To any server
Only to servers listed on the Name servers tabOnly to the following servers
Select anyone and give the details of secondary zone (only in case of second and
third option).
Click on apply, then OK.
Note: In zone transfers tab you can find another option Notify, this is toautomatically notify secondary severs when the zone changes. Here also you can
select appropriate options.
Note: In secondary zone you cannot modify any information. Every one has read
only permission.
Whenever Primary DNS is in down click on “change” tab on general tab of
properties, to change as primary, then it acts as primary, there you can writepermission also.
26. What is the default time setting in primary zone to refresh, Retry, Expire
intervals for secondary zone?
The default settings are
To Refresh interval 10 minutesTo Retry interval, 15 minutes
To Expire after 1 day
27. Suppose the Secondary zone is Expired then, how to solve the problem?
First go to primary zone check primary zone is working or not.
IF primary zone is working then go to secondary zone, Right click on zone name
select the“Transfer from Master” then it automatically contacts the primary DNS,
if any updates are there then it takes the updates from the Primary.
28. How to know whether the recent changes in Primary are updated to
secondary zone or not?
Compare the Serial Number on Start of Authority tab in both secondary on primary
DNS zone properties.
If both are same then recent updates are made to secondary zone.
If not (i.e., secondary is less then primary) click on “Transfer from Master”
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 57/91
57
How to change form Primary to Secondary or Secondary to primary or Active
directory integrated to secondary or primary like that (simply one type of zone to
another type of zone)?
Go to the properties of the zone click on general tab, there you can find the option
called“Change” click on it then select appropriate option.Then click on OK.
29. How to pause the zone?
Go to properties of a zone click on General tabclick on Pause button.
30. How does DNS server know the root domain server addresses?
Every DNS server that has installed on Internet has pre configured with root DNS
server addresses.
Every single server can get to the root. So that only every DNS server on the Internet
first contacts root DNS servers for name resolution.
31. Where can you find the address of root servers in the DNS server?
Open the DNS console Right click on the domain name drag down to
properties click on Root hints. Here you can find different root server addresses.
Note: When you install DNS service in a 2000 server operating system (still you
have not configured anything on DNS server), then it starts its functionality as
caching only DNS server.
32. What is a forwarder?
(Open DNS consoleRight click on Domain name Click on forwarder tab)
A forwarder is server, which has more access than the present DNS server. May beour present DNS server is located in internal network and it cannot resolve the
Internet names. May be it is behind a firewall or may it is using a proxy server or
NAT server to get to the Internet. Then this server forwards the query to another
DNS server that can resolve the Internet names.
33. What is DNS & WINS ?DNS is a Domain Naming System/Server, use for resolve the Host names to IP
addresses and also do the IP address to host name. It uses fully qualified domain
names. DNS is a Internet standard used to resolve host names. Support up to 256
characters.
WINS is a Windows Internet Name Service, which resolves Netbios names to IP
Address and also resolve the IP address to Netbios names. This is proprietary of Microsoft and meant for windows only. Support up to 15 characters.
34. What is TTL & how to set TTL time in DNS?
TTL is Time to live setting used for the amount of time that the record should
remain in cache when name resolution happened.
We can set TTL in SOA (start of authority record) of DNS.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 58/91
58
35. What is DNS namespace?
DNS namespace is the hierarchical structure of the domain name tree. It is defined
such that the names of all similar components must be similarly structured, but
similarly identifiable. The full DNS name must point to a particular address.
Consider the following image of DNS namespace of the Internet:
The salessrv1 and salessrv2 are host names of the hosts configured in the
sales.ucertify.com domain. The fully qualified domain name (FQDN) of the host salessrv1 is salessrv1.sales.ucertify.com. No two hosts can have the same FQDN.
36. NSLOOKUP:
NSLOOKUP is a utility for diagnosing and troubleshooting Domain Name System
(DNS) problems. It performs its function by sending queries to the DNS server andobtaining detailed responses at the command prompt. This information can be
useful for diagnosing and resolving name resolution issues, verifying whether or not
the resource records are added or updated correctly in a zone, and debugging other
server-related problems. This utility is installed along with the TCP/IP protocol
through the Control Panel.
37. How do I clear the DNS cache on the DNS server?
To clear DNS Cache do the following:1. Start
2. Run
3. Type "cmd" and press enter4. In the command window type "ipconfig /flushdns"
5. If done correctly it should say "Successfully flushed the DNS Resolver Cache."
38. How DNS Works?
DNS uses a client/server model in which the DNS server maintains a static database
of domain names mapped to IP addresses. The DNS client, known as the resolver,
performs queries against the DNS servers. The bottom line? DNS resolves domain
names to IP address using these steps
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 59/91
59
Step 1: A client (or “resolver”) passes its request to its local name server. For
example, the URL term www.idgbooks.com typed into Internet Explorer is passed to
the DNS server identified in the client TCP/IP configuration. This DNS server is
known as the local name server.
Step 2: If, as often happens, the local name server is unable to resolve the request,
other name servers are queried so that the resolver may be satisfied.
Step 3: If all else fails, the request is passed to more and more, higher-level nameservers until the query resolution process starts with far-right term (for instance,
com) or at the top of the DNS tree with root name serversBelow is the Steps explained with the help of a chart.
How DNS works
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 60/91
60
39. DNS with Active Directory?
Active Directory uses the same hierarchal naming convention as DNS. Because of
this, the client computer uses DNS servers to locate Active Directory domain
controllers and other Active Directory resources on the network.
Without DNS, Active Directory couldn’t function, because client computers wouldn’t be able to locate these domain controllers and resources.
Bottom line is, Active Directory is dependent on DNS. Active Directory can’t be
implemented until the DNS server service is installed.
40. What is Host File?
The "Hosts" file in Windows and other operating systems is used to associate host
names with IP addresses. Host names are the www.yahoo.com addresses that you
see every day. IP addresses are numbers that mean the same thing as the wwwwords - the computers use the numbers to actually find the sites, but we have words
like www.yahoo.com so humans do not need to remember the long strings of numbers when they want to visit a site.
We can put names and addresses into the Hosts file so your computer does not have
to ask a DNS server to translate the domain name into an IP number. This speeds up
access to the host site you want to see because your computer no longer has to
query other systems on the Internet for the address translation.
41. What is LM Host File?
A text file in a windows network that provides name resolution of NetBIOS host
names to IP addresses. The LMHOSTS files were the Windows counterpart to the
HOSTS files in UNIX, but have long since given way to the WINS naming system. LM
stands for "LAN Manager," the name of Microsoft's earlier network operatingsystem (NOS).
42. How many SOA record does each zone contain?
Each zone will have one SOA record. This records contains many miscellaneous
settings for the zone, such as who is responsible for the zone, refresh intervalsettings, TTL (Time To Live) settings, and a serial number (incremented with every
update).
43. Short summary of the records in DNS.
The NS records are used to point to additional DNS servers. The PTR record is used
for reverse lookups (IP to name). CNAME records are used to give a host multiplenames. MX records are used when configuring a domain for email.
44. Can I use an A record instead of an MX record?
> I have a single machine running DNS mail and web for a domain
> and I'm not sure that I have DNS setup properly. If the machine
> that is running the mail is the name of the domain does there need
> to be an MX record for mail?
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 61/91
61
Technically, no. Nearly all mailers will look up A records for a domain name in a mail
destination if no MX records exist.
> If an MX record is not needed, how would you put in an MX
> record for a backup mailserver.
You can't. If you want to use a backup mailer, you need to use MX records.
> www cname 192.168.0.1> mail cname 192.168.0.1
> pop cname 192.168.0.1
> smtp cname 192.168.0.128
These CNAME records are all incorrect. CNAME records create an alias from onedomain name to another, so the field after "CNAME" must contain a domain name,
not an IP address. For example: www CNAME foo.example.
45. What are a zone's NS records used for?
> Could you elaborate a little bit on why do we need to put NS records for
> the zone we are authoritative for ?
> The parent name server handles these already. Is there any problem if our
> own NS records have lower TTLs than the records from parent name server ?
That's a good question. The NS records from your zone data file are used for several
things:
- Your name servers returns them in responses to queries, in the authority section of
the DNS message. Moreover, the set of NS records that comes directly from yourname server supersedes the set that a querier gets from your parent zone's name
servers, so if the two sets are different, yours "wins."
- Your name servers use the NS records to determine where to send NOTIFY
messages.
- Dynamic updaters determine where to send updates using the NS records, which
they often get from the authoritative name servers.
46. What's the largest number I can use in an MX record?
> Could you tell us the highest possible number we can use for the MX
> preference ?
Preference is an unsigned, 16-bit number, so the largest number you can use is
65535.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 62/91
62
47. Trouble Shooting Of DNS
(1) C:\> NS Lookup
(2) IP Config / Flush DNS
(3) IP Config / Registeredes
(4) IP Config / Display DNS(5) IP Config / Clear Cache
48. DNS Suffix
For DNS, a character string that represents a domin name. The DNS Suffix showswhere a host is located relative to the dns root, specifying a host location in the DNS
hierarchy.Usually,the DNS Suffix describes the latter portion of a DNS name,
following one or more of the first labels of a DNS name.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 63/91
63
DHCP Interview Questions:-
1. What is DHCP?
DHCP provide IP address dynamically to client machine, when client machine not foundDHCP server then it get APIPA (automatic private IP address).
2. Advantages of DHCP ?
DHCP capability it build with windows server 2003 so it don’t cost extra
Once we entered IP address configuration in one place on DHCP server it
automatically assigned to DHCP client.
Configuration problem automatically minimum.
3. IP leasing process:1.DHCP discover:
The client machine when turned ON broad casts the network id, broad castes id, MAC
address on Network for discovering DHCP server.
2.Offer:
The DHCP server listening to the request made by the client offers a
pool of IP addresses to the client machine.
3.Selection:
The client machine on receiving the pool of IP address selects
an IP and requests the DHCP server to offer that IP.
4.Acknowledgement:
The DHCP sends a conformation about the allotment of the IP assigned to the client as an
acknowledgement.
5. IP lease:
If the client machine is not restarted for 8 days, exactly after 4days the client machine
requests the DHCP server to extend the IP lease duration, on listening to this the DHCP
server adds 8 more days for existing 4 days =12 days
If the client machine is restarted again the DHCP lease process takes place and again the
client gets an IP for 8 days.
4. DHCP requirements:
Domain Controller or member server
Static IP
Active Directory
DNS (if it is win 2003)
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 64/91
64
5. DHCP Installation steps:
Installing DHCP server (insert 2003 server CD)
On DC
Start settingcontrol paneladd\remove programs add \remove windows
Components Select n/w servicesclick on details
Select DHCP server ok next
Authorization: When we have multiple DHCP servers we can designate one of
the DHCP servers as an authorized DHCP server.
Authorizing DHCP server:
On DC
Start Programsadmin tools
DHCP right click on the server
Click authorize
Refresh
6. How to open DHCP?
Start ProgramsAdministrative ToolsDHCP
Or
Start Rundhcpmgmt.msc
7. Scope:Scope is a range of IP addresses from which the DHCP server assigns
IPs to the clients.
8. Difference between Scope and Super Scope-
Scope in DHCP where you can specify range of IP address which will lease to DHCP client
Super Scope is the combination of multiple scope.
9. Creating a Scope:
Open DHCP ServerRight click on server
New scope scope name
Specify the range next
Specify if we want any exclusion
Lease durationNext DHCP options
Router next specify the domain name
Server name client on resolve add next WINS server next yes I
want next finish
Configuring a client machine to obtain IP from DHCP server
By default all the clients configured as obtain IP automatically
On client machine
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 65/91
65
Right click on my n/w places
Properties LAN properties
TCP/IP double click
Ensure that “obtain an IP address automatically” is selected.
Releasing an existing IP: (give up an IP)Start runcmdipconfig /release
Obtaining a new IP
Start runcmdipconfig /renew
Super Scopes:
Group of scopes is called as super scope.
Note: when we have multiple scopes only one scope can be active in order to
enable all the scopes we have to merge all the scopes with super scope.
Creating super scope:Requires multiple scopes
Create 2 scopes.
Right click on server
Say new super scope
Specify the super scope name
Select 2 scopes by holding ctrl key
Next finish
Address Pool:
gives the range of IP addresses we have specified.
Address leases:
Specifies the client (names) and the IP addresses assigned
Reservations: useful when we want to dedicate a particular IP to a particularsystem. Ex: managerial systems, important clients.
10. Backing up DHCP:
Open DHCP - right click on DHCP – select backup
Select location where we want to save – ok.
11. Restoring DHCP server:
Uninstall DHCP serverInstall DHCP server
Open DHCP
Right click on it Click on restorespecify the backed up path
We should notice our previous scopes.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 66/91
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 67/91
67
17. What is the process of assigning IP address by DHCP service?
There are four stages in assigning IP address to a host by DHCP server.
1) DHCP discover
2) DHCP offer
3) DHCP request
4) DHCP Acknowledge
DHCP Discover:
Whenever client has to obtain an IP address from a DHCP server it will broadcast
a message called “DHCP discover” , which contains destination address255.255.255.255
and source IP address as 0.0.0.0 and its MAC address.
DHCP offer:
The DHCP server on the network will respond to DHCP discover by sending a
DHCP offer message to the client requesting an IP address.DHCP request:
The client after receiving offer message will send a “DHCP request” messageasking the DHCP server to confirm the IP address it has offered to it through DHCP
offer message.
DHCP Acknowledge:
DHCP server will respond to the “DHCP request” message by sending
acknowledge message through which it confirms the IP address to other machine.
Note: You can also enable DHCP in work group for dynamic allocation of IP
addresses.
Configure the server operating system in work group as a DHCP then go for client inTCP/IP properties select obtain IP address automatically. Then the client gets IP
address from the DHCP server.Note: You need not to configure DNS or anything.
18. What is APIPA ?
On occasion, a network PC boots up and finds that the DHCP server is not available.When this happens, the PC continues to poll for a DHCP server using different wait
periods.
The Automatic Private IP Addressing (APIPA) service allows the DHCP client to
automatically configure itself until the DHCP server is available and the client can be
configured to the network. APIPA allows the DHCP client to assign itself an IPaddress in the range of 169.254.0.1 to 169.254.254.254 and a Class B subnet mask
of 255.255.0.0. The address range that is used by APIPA is a Class B address that Microsoft has set aside for this purpose.
19. If DHCP is not available what happens to the client?
Client will not get IP and it cannot be participated in network. If client already got
the IP and having lease duration it use the IP till the lease duration expires.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 68/91
68
20. What is subnetting and supernetting
Subnetting is the process of borrowing bits from the host portion of an address to
provide bits for identifying additional sub-networks.
Supernetting merges several smaller blocks of IP addresses (networks) that are
continuous into one larger block of addresses. Borrowing network bits to combineseveral smaller networks into one larger network does supernetting.
21. what is the difference between Authorized DHCP and Non Authorized DHCP
To avoid problems in the network causing by mis-configured DHCP servers, serverin windows 2000 must be validate by AD before starting service to clients. If an
authorized DHCP finds any DHCP server in the network it stop serving the clients.
22. what are the problems that are generally come across DHCP
Scope is full with IP addresses no IP’s available for new machines
If scope options are not configured properly eg default gateway
Incorrect creation of scopes etc.
23. DHCP User Class and Vendor Class Options?
DHCP provides support for a host of new features. The user-specified and vendor-
specified DHCP options—features that let administrators assign separate options toclients with similar configuration requirements. For example, if DHCP-aware clients
in your human resources (HR) department require a different default gateway or
DNS server than the rest of your clients, you can configure DHCP Class IDs to
distribute these options to HR clients. The options that Class IDs provide override
any scope or global default options that the DHCP server typically assigns.
24. DHCP relay agent where to place it?DHCP Relay agent u need to place in Software Router.
25. DHCP database path folder
C:\WINDOWS\system32\dhcp
26. Can DHCP support statically defined addresses?
Yes. At least there is nothing in the protocol to preclude this and one expects it to be a feature of any DHCP server. This is really a server matter and the client should work either way. The RFC refers to this as manual allocation.
27. Can a DHCP server back up another DHCP server?
You can have two or more servers handing out leases for different addresses. If each has a dynamic pool accessible to the same clients, then even if one server
is down, one of those clients can lease an address from the other server.
However, without communication between the two servers to share theirinformation on current leases, when one server is down, any client with a lease
from it will not be able to renew their lease with the other server. Such
communication is the purpose of the "server to server protocol" (see next
question). It is possible that some server vendors have addressed this issue with their own
proprietary server-to-server communication.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 69/91
69
28. Where is DHCP defined?
In Internet RFCs.
29. Can DHCP support remote access?
PPP has its own non-DHCP way in which communications servers can handclients an IP address called IPCP (IP Control Protocol) but doesn't have the same flexibility
as DHCP or BOOTP in handing out other parameters. Such a
communications server may support the use of DHCP to acquire the IP addresses it gives
out. This is sometimes called doing DHCP by proxy for the client. I know that Windows NT'sremote access support does this.
A feature of DHCP under development (DHCPinform) is a method by which a
DHCP server can supply parameters to a client that already has an IP number.With this, a PPP client could get its IP number using IPCP, then get the rest of its parameters
using this feature of DHCP.
SLIP has no standard way in which a server can hand a client an IP address, but many
communications servers support non-standard ways of doing this that can be utilized byscripts, etc. Thus, like communications servers supporting PPP, such communications
servers could also support the use of DHCP to acquire the IP addresses to give out.
The DHCP protocol is capable of allocating an IP address to a device without an
IEEE-style MAC address, such as a computer attached through SLIP or PPP, but to do so, it
makes use of a feature which may or may not be supported by the DHCP server: the ability
of the server to use something other than the MACaddress to identify the client. Communications servers that acquire IP numbers
for their clients via DHCP run into the same roadblock in that they have just one MAC
address, but need to acquire more than one IP address. One way such a communications
server can get around this problem is through the use of a set of unique pseudo-MAC
addresses for the purposes of its communications with the DHCP server. Another way (usedby Shiva) is to use a different "client ID type" for your hardware address. Client ID type 1
means you're using MAC addresses. However, client ID type 0 means an ASCII string.
30. What is DHCP Spoofing?
Ascend Pipeline ISDN routers (which attach Ethernets to ISDN lines) incorporate a feature
that Ascend calls "DHCP spoofing" which is essentially a tiny server implementation that hands an IP address to a connecting Windows 95 computer, with the intention of giving it
an IP number during its connection process.
31. How can I control which clients get leases from my server?
There is no ideal answer: you have to give something up or do some extra work.
You can put all your clients on a subnet of your own along with your ownDHCP server.
You can use manual allocation.Perhaps you can find DHCP server software that allows you to list which
MAC addresses the server will accept. DHCP servers that support roaming
machines may be adapted to such use.
You can use the user class option assuming your clients and serversupport it: it will require you to configure each of your clients with a user
class name. You still depend upon the other clients to respect your wishes.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 70/91
70
Windows Important Questions:-
1. Proxy server:-
In computer networks, a proxy server is a server (a computer system or an application
program) which services the requests of its clients by forwarding requests to other servers.
A client connects to the proxy server, requesting some service, such as a file, connection,web page, or other resource, available from a different server. The proxy server provides
the resource by connecting to the specified server and requesting the service on behalf of
the client. A proxy server may optionally alter the client's request or the server's response,and sometimes it may serve the request without contacting the specified server. In this case,
it would 'cache' the first request to the remote server, so it could save the information for
later, and make everything as fast as possible.A proxy server that passes all requests and replies unmodified is usually called a gateway or
sometimes tunneling proxy.
A proxy server can be placed in the user's local computer or at specific key points between
the user and the destination servers or the Internet.
2. The different types of Proxy Servers:-There are many different types of Proxy Servers out there. Depending on the purpose youcan get Proxy Servers to route any of these common protocols, and many more:
FTP, HTTP, Gopher, IRC, MSN, AIM, ICQ, VOIP, SSL
So out of the common types of Proxy Servers, you end up with the following:
FTP Proxy Server:
Relays and caches FTP Traffic.
HTTP Proxy Server:
A one way request to retrieve Web Pages.
Socks Proxy Server:
A newer protocol to allow relaying of far more different types of data, whether TCP or UDP.
NAT Proxy Server:
This one works a little different, it allows the redirection of all packets without a Program
having to support a Proxy Server.
SSL Proxy Server:
An extension was created to the HTTP Proxy Server which allows relaying of TCP data
similar to a Socks Proxy Server. This one done mainly to allow encryption of Web Page
requests.
Furthermore, a Proxy Server can be split into another two Categories:
Anonymous:
An Anonymous Proxy Server blocks the remote Computer from knowing the identity of the
Computer using the Proxy Server to make requests.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 71/91
71
Transparent:
A Transparent Proxy Server tells the remote Computer the IP Address of your Computer.This provides no privacy.
3. What proxy can:-
While using GET/POST method (regular surfing the web):
* disable access to certain sites, like www.porno.com or www.icq.com;* disable access to sites, containing banned keywords, like "porno" or even "proxy";
* cut off certain parts on pages (banners);
* disable receiving of files with predefined extensions (*.mp3, *.zip, *.exe, *.rar etc.) and/or
predefined sizes (both in Kbs and/or in pixels, for example - 468x60);* log web surfing activity and send report to system administrator with all web pages
visited;* disable use of any protocols (for example, disable access to "https://..." and/or "ftp://..."sites);
* disable access from any computers to this proxy. In other words it is quite possible that of two near by computers one may work with proxy and another may not;
While using CONNECT method (visiting "https://..." sites, building proxy chains, port
mapping through proxy etc.) or using SOCKS proxy:
* completely disable CONNECT method (or turn off SOCKS proxy). Then ICQ will not work and there will be no access to "https://..." sites;
* disable connection through proxy to certain servers, for example, login.icq.com;
* disable connection through proxy to certain ports, for example, port 25 (SMTP), port 6667
(IRC), port 5190 (ICQ);* disable connection through proxy to all ports except specified, for example, port 443. In
this case proxy names "HTTPS proxy";
4. What proxy cannot:-
* use heuristic analyzer, i.e. make semantic analysis of page contents and disable all sites
with certain materials, despite the keywords;* filter information, for example, block some pages using keywords while using CONNECT
method (or in SOCKS proxy);
* let pass back connections from internet (SOCKS 5 can do it but this is also non-trivial
task);
Resume: proxy server is a computer program, so as any program it has its own merits and
demerits. If administrator tuned a proxy and forgot about it then proxy server always can
be bypassed. Otherwise, your attempts to bypass proxy server are always a battle with sysadmin and all your solutions are temporary - until administrator find and close just another
"hole".
5. What is Backup and types of backup?
Backup: Backup allows to make a secure copy of any object on different location. Backup
extension file name is .bkf.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 72/91
72
Normal: A normal backup copies all the files which we select and marks each file as having
been backed up (in other words, the archive attribute is cleared). If we take the backupagain it will consider from normal backup.
Incremental: An incremental backup backs up only those files that have been created or
changed since the last normal or incremental backup. It marks files as having been backed
up (in other words, the archive attribute is cleared). If you use a combination of normal andincremental backups, you will need to have the last normal backup set as well as all
incremental backup sets to restore your data.
Differential: A differential backup copies files that have been created or changed since the
last normal or incremental backup. It does not mark files as having been backed up (in other
words, the archive attribute is not cleared). If you are performing a combination of normal
and differential backups, restoring files and folders requires that you have the last normalas well as the last differential backup.
Copy: A copy backup copies all the files you select, but does not mark each file as havingbeen backed up (in other words, the archive attribute is not cleared). Copying is useful if
you want to back up files between normal and incremental backups because copying does
not affect these other backup operations.
Daily: A daily backup copies all the files that you select that have been modified on the day
the daily backup is performed. The backed-up files are not marked as having been backed
up (in other words, the archive attribute is not cleared).
System State backup: In Backup, a collection of system specific data maintained by the OS
that must be backed up as a unit. It is not a backup of the entire system. The System State
data includes the registry, COM+ Class Registration Database, system files, boot files, and
files under Windows File Protection.
For servers, the System State data also includes the Certificate Services database (If theserver is a certificate server).
If the server is Domain Controller, the System State data also includes the AD database andthe SYSVOL directory.
If the server is a node in a cluster, it includes the Cluster database information. The IIS
Metabase is included if IIS is installed.
ASR Backup: ASR is a recovery option that has two parts: ASR backup and ASR restore. You
can access the backup portion through the Automated System Recovery Preparation Wizard
located in Backup. The Automated System Recovery Preparation Wizard backs up the
System State data, system services, and all disks associated with the operating system
components. It also creates a floppy disk, which contains information about the backup, thedisk configurations (including basic and dynamic volumes), and how to accomplish a
restore.
6. Working of ping, telnet, and gopher?
ping is a computer network tool used to test whether a particular host isreachable across an IP network. It works by sending ICMP “echo request” packets to the
target host and listening for ICMP “echo response” replies. ping estimates the round-trip
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 73/91
73
time, generally in milliseconds, and records any packet loss, and prints a statistical
summary when finished.
TELNET (TELecommunication NETwork) is a network protocol used on the Internet or
local area network (LAN) connections. It was developed in 1969 beginning with RFC 15
and standardized as IETF STD 8, one of the first Internet standards.
The term telnet also refers to software which implements the client part of the protocol.
TELNET clients have been available on most Unix systems for many years and are
available for virtually all platforms. Most network equipment and OSs with a TCP/IPstack support some kind of TELNET service server for their remote configuration
(including ones based on Windows NT). Because of security issues with TELNET, its use
has waned as it is replaced by the use of SSH for remote access.
"To telnet" is also used as a verb meaning to establish or use a TELNET or other
interactive TCP connection, as in, "To change your password, telnet to the server and run
the passwd command".
Most often, a user will be telneting to a Unix-like server system or a simple network
device such as a switch. For example, a user might "telnet in from home to check his mail
at school". In doing so, he would be using a telnet client to connect from his computer toone of his servers. Once the connection is established, he would then log in with his
account information and execute operating system commands remotely on that computer,
such as ls or cd.
On many systems, the client may also be used to make interactive raw-TCP sessions,
even when that option is not available, telnet sessions are equivalent to raw TCP as long
as byte 255 never appears in the data.
packet internet gopher (PING)
DefinitionMethod used in determining the response time of an internet connection. PING software
sends a request to an website, and times the receipt of reply (echo) called pong. A part of the Internet Protocol, PING is not directly accessible to the user.
packet internet gopher (PING) is in the Data Management, Communications, & Networks
and Internet & World Wide Web subjects.
7. What is RAID? Types of RAID?
Lets start with the basics. RAID Redundant Array of Independent Discs. In the old days it also used to mean Redundant Array of Inexpensive Discs. A RAID system is a collection
of hard drives joined together using a RAID level definition ( see level below). There are
many uses for RAID. First it can be used to stripe drives together to give more overallaccess speed (level 0). Second it can be used mirror drives (level 1). Third it can be usedto increase uptime of your overall storage by striping drives together and then keeping
parity data, if a drive should fail the system keeps operating (level 5). Most people use
RAID level 5 for the uptime purposes and its ability to join together 16 drives, giving alarge storage block. Read about RAID levels below and see which one suits you best.
RAID Levels
Configure and price a RAID system
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 74/91
74
RAID 0
This is the simplest level of RAID, and it just involves striping. Data redundancy is not even present in this level, so it is not recommended for applications where data is critical.
This level offers the highest level of performance out of any single RAID level. It also
offers the lowest cost since no extra storage is involved. At least 2 hard drives are
required, preferably identical, and the maximum depends on the RAID controller. None
of the space is wasted as long as the hard drives used are identical. This level has becomepopular with the mainstream market for it's relatively low cost and high performance
gain. This level is good for most people that don't need any data redundancy. There are
many SCSI and IDE/ATA implementations available. Finally, it's important to note that if any of the hard drives in the array fails, you lose everything.
Configure and price a RAID system
RAID 1
This level is usually implemented as mirroring. Two identical copies of data are stored ontwo drives. When one drive fails, the other drive still has the data to keep the system
going. Rebuilding a lost drive is very simple since you still have the second copy. This
adds data redundancy to the system and provides some safety from failures. Someimplementations add an extra RAID controller to increase the fault tolerance even more.
It is ideal for applications that use critical data. Even though the performance benefits are
not great, some might just be concerned with preserving their data. The relative simplicity
and low cost of implementing this level has increased its popularity in mainstream RAIDcontrollers. Most RAID controllers nowadays implement some form of RAID 1.
Configure and price a RAID system
RAID 2
This level uses bit level striping with Hamming code ECC. The technique used here issomewhat similar to striping with parity but not really. The data is split at the bit level
and spread over a number of data and ECC disks. When data is written to the array, the
Hamming codes are calculated and written to the ECC disks. When the data is read from
the array, Hamming codes are used to check whether errors have occurred since the data
was written to the array. Single bit errors can be detected and corrected immediately. Thisis the only level that really deviates from the RAID concepts talked about earlier. The
complicated and expensive RAID controller hardware needed and the minimum numberof hard drives required, is the reason this level is not used today.
Configure and price a RAID system
RAID 3
This level uses byte level striping with dedicated parity. In other words, data is stripedacross the array at the byte level with one dedicated parity drive holding the redundancy
information. The idea behind this level is that striping the data increasing performance
and using dedicated parity takes care of redundancy. 3 hard drives are required. 2 for
striping, and 1 as the dedicated parity drive. Although the performance is good, the addedparity does slow down writes. The parity information has to be written to the parity drive
whenever a write occurs. This increased computation calls for a hardware controller, sosoftware implementations are not practical. RAID 3 is good for applications that deal
with large files since the stripe size is small.Configure and price a RAID system
RAID 4
This level is very similar to RAID 3. The only difference is that it uses block levelstriping instead of byte level striping. The advantage in that is that you can change the
stripe size to suit application needs. This level is often seen as a mix between RAID 3 and
RAID 5, having the dedicated parity of RAID 3 and the block level striping of RAID 5.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 75/91
75
Again, you'll probably need a hardware RAID controller for this level. Also, the
dedicated parity drive continues to slow down performance in this level as well.Configure and price a RAID system
RAID 5
RAID 5 uses block level striping and distributed parity. This level tries to remove the
bottleneck of the dedicated parity drive. With the use of a distributed parity algorithm,
this level writes the data and parity data across all the drives. Basically, the blocks of dataare used to create the parity blocks which are then stored across the array. This removes
the bottleneck of writing to just one parity drive. However, the parity information still has
to be calculated and written whenever a write occurs, so the slowdown involved with that still applies. The fault tolerance is maintained by separating the parity information for a
block from the actual data block. This way when one drive goes, all the data on that drive
can be rebuilt from the data on the other drives. Recovery is more complicated than usual
because of the distributed nature of the parity. Just as in RAID 4, the stripe size can bechanged to suit the needs of the application. Also, using a hardware controller is probably
the more practical solution. RAID 5 is one of the most popular RAID levels being used
today. Many see it as the best combination of performance, redundancy, and storageefficiency.
8. What are the perquisite for installation of Exchange Server ?
The pre requisite are
IIS
SMTP
WWW serviceNNTP
.NET Framework
ASP.NET
Then run Forest prepThe run domain prep
9. Does Windows Server 2003 support IPv6?
Yes, run ipv6.exe from command line to disable it.
10. What’s new in Terminal Services for Windows 2003 Server?
Supports audio transmissions as well, although prepare for heavy network load.
11. How do you double-boot a Win 2003 server box?
The Boot.ini file is set as read-only, system, and hidden to prevent unwanted editing. To
change the Boot.ini timeout and default settings, use the System option in Control Panelfrom the Advanced tab and select Startup.
12. what is the use of terminal servicesTerminal services can be used as Remote Administration mode to administer remotelyas well as Application Server Mode to run the application in one server and users can
login to that server to user that application.
13. How to take DNS and WINS,DHCP backup
%System root%/system32/dns
%System root%/system32/WINS
%System root%/system32/DHCP
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 76/91
76
14. What is recovery console
Recovery console is a utility used to recover the system when it is not bootingproperly or not at all booting. We can perform fallowing operations from recovery
console.
We can copy, rename, or replace operating system files and folders.
Enable or disable service or device startup the next time that start computer
Repair the file system boot sector or the Master Boot Record
Create and format partitions on drives
15. what is RIS and what are its requirements
RIS is a remote installation service, which is used to install operation system remotely.
Client requirements
PXE DHCP-based boot ROM version 1.00 or later NIC, or a network adapter that issupported by the RIS boot disk.
Should meet minimum operating system requirements
Software Requirements
Below network services must be active on RIS server or any server in the network
Domain Name System (DNS Service)
Dynamic Host Configuration Protocol (DHCP)
Active directory “Directory” service
16. How to deploy the patches and what are the softwares used for this process
Using SUS (Software update services) server we can deploy patches to all clients in
the network. We need to configure an option called “Synchronize with Microsoft
software update server” option and schedule time to synchronize in server. We need toapprove new update based on the requirement. Then approved update will be deployed
to clients.
We can configure clients by changing the registry manually or through Group policy
by adding WSUS administrative template in group policy.
17. What is WINS?
WINS (Windows Internet Naming Service) resolves’ Windows network computer names
(also known as NetBIOS names) to Internet IP addresses, allowing Windows computers on a
network to easily find and communicate with each other.
18. How WINS Works?By default, when a computer running Microsoft® Windows® 2000, Windows XP, or a
Windows Server 2003 operating system is configured with WINS server addresses (eithermanually or through DHCP) for its name resolution, it uses hybrid node (h-node) as its node
type for NetBIOS name registration unless another NetBIOS node type is configured. For
NetBIOS name query and resolution, it also uses h-node behavior, but with a fewdifferences.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 77/91
77
For NetBIOS name resolution, a WINS client typically performs the following general
sequence of steps to resolve a name:
1. Client checks to see if the name queried is its local NetBIOS computer name, which it
owns.
2. Client checks its local NetBIOS name cache of remote names. Any name resolved for a
remote client is placed in this cache where it remains for 10 minutes.3. Client forwards the NetBIOS query to its configured primary WINS server. If the primary
WINS server fails to answer the query--either because it is not available or because it does
not have an entry for the name--the client will try to contact other configured WINS serversin the order they are listed and configured for its use.
4. Client broadcasts the NetBIOS query to the local subnet.
5. Client checks the Lmhosts file for a match to the query, if it is configured to use the
Lmhosts file.6. Client tries the Hosts file and then a DNS server, if it is configured for one
19. Network Configuration and Management Utilities
Administrators use various utilities to configure and manage networks. Following are some
commonly used utilities:
IPCONFIG: IPCONFIG is a command-line utility used to display current TCP/IP network configuration values, and to update or release the Dynamic Host Configuration Protocol
(DHCP) allocated leases. It is also used to display, register, or flush Domain Name System
(DNS) names.
NSLOOKUP: NSLOOKUP is a utility for diagnosing and troubleshooting Domain Name
System (DNS) problems. It performs its function by sending queries to the DNS server and
obtaining detailed responses at the command prompt. This information can be useful for
diagnosing and resolving name resolution issues, verifying whether or not the resource
records are added or updated correctly in a zone, and debugging other server-relatedproblems. This utility is installed along with the TCP/IP protocol through the Control Panel.
PING: PING is a command-line utility used to test connectivity with a host on a TCP/IP-
based network. This is achieved by sending out a series of packets to a specified destination
host. On receiving the packets, the destination host responds with a series of replies. These
replies can be used to determine if the network is working properly.
TRACERT: TRACERT is a route-tracing Windows utility that displays the path an IP packet
takes to reach its destination. It shows the Fully Qualified Domain Name (FQDN) and the IP
address of each gateway along the route to the remote host.
PATHPING: PATHPING is a command-line utility that pings each hop along the route for aset period of time and shows the delay and packet loss along with the tracing functionality
of TRACERT, which helps determine a weak link in the path.
NBTSTAT: NBTSTAT is a Windows utility used to check the state of current NetBIOS over
TCP/IP connections, update the NetBIOS name cache, and determine the registered namesand scope IDs.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 78/91
78
NETSTAT: NETSTAT is a command-line utility that displays protocol related statistics and
the state of current TCP/IP connections. It is used to obtain information about the openconnections on a computer, incoming and outgoing data, and also the ports of remote
computers to which the computer is connected. The NETSTAT command gets all this
networking information by reading the kernel routing tables in the
memory.
TELNET: TELNET is a command-line connectivity utility that starts terminal emulation with
a remote host running the Telnet Server service. TELNET allows users to communicate with
a remote computer, offers the ability to run programs remotely, and facilitates remoteadministration. The TELNET utility uses the Telnet protocol for connecting to a remote
computer running the Telnet server software, to access files. It
uses TCP port 23 by default.
Windows 7 System Requirements
If you want to run Windows 7 on your PC, here's what it takes: 1 gigahertz (GHz) or faster 32-bit (x86) or 64-bit (x64) processor.
1 gigabyte (GB) RAM (32-bit) or 2 GB RAM (64-bit).
16 GB available hard disk space (32-bit) or 20 GB (64-bit).
DirectX 9 graphics device with WDDM 1.0 or higher driver.
Additional requirements to use certain features:
Internet access (fees may apply).
Depending on resolution, video playback may require additional memory
and advanced graphics hardware. Some games and programs might require a graphics card compatible with
DirectX 10 or higher for optimal performance.
For some Windows Media Center functionality a TV tuner and additional
hardware may be required.
Windows Touch and Tablet PCs require specific hardware.
HomeGroup requires a network and PCs running Windows 7.
DVD/CD authoring requires a compatible optical drive.
BitLocker requires Trusted Platform Module (TPM) 1.2.
BitLocker To Go requires a USB flash drive.
Windows XP Mode requires an additional 1 GB of RAM and an additional
15 GB of available hard disk space.
Music and sound require audio output.
Product functionality and graphics may vary based on your system
configuration. Some features may require advanced or additional hardware.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 79/91
79
PCs with multi-core processors:
Windows 7 was designed to work with today's multi-core processors. All 32-
bit versions of Windows 7 can support up to 32 processor cores, while 64-bit
versions can support up to 256 processor cores.
PCs with multiple processors (CPUs):
Commercial servers, workstations, and other high-end PCs may have more
than one physical processor. Windows 7 Professional, Enterprise, and
Ultimate allow for two physical processors, providing the best performance
on these computers. Windows 7 Starter, Home Basic, and Home Premium will
recognize only one physical processor.
See why Windows 7 is better
Makes everyday tasks simpler and easier Windows
XP
Windows
Vista
Windows
7
Multi-task more easily Windows Taskbar
oo
Communicate and share with free photo, e-
mail, and IM programs
Windows Live
Essentials oo
Browse the web easily and more safely Internet Explorer 8
oo
Find files and programs instantly Windows Search
oo
Open the programs and files you use most in
just a click or two
Pin oo
Jump Lists oo
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 80/91
80
Navigate lots of open windows more quickly Snap oo
Peek oo
Shake oo
Easily share files, photos, and music among
multiple PCs at home
HomeGroup oo
Print to a single printer from any PC in the
house
HomeGroup oo
Simplify managing printers, cameras, music
players, and other devices
Device
Management oo
Organize lots of files, documents, and photos
effortlessly
Libraries oo
Connect to any available wireless network in
just three clicks
View Available
Networks oo
Works the way you want it to Windows
XP
Windows
Vista
Windows
7
Personalize your desktop with themes, photos,
and gadgets
Performance
Improvements
oo
Connect to company networks securely Domain Join oo
Run lots of programs at once with better 64-bit Support
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 81/91
81
performance on 64-bit PCs oo
Built-in protection against spyware and other
malicious software
Windows
Defender oo
Help keep your data private and secure BitLocker oo
Manage and monitor your children’s PC use Parental Controls
oo
Run many Windows XP productivity programs Windows XP
Mode oo
Designed for faster sleep and resume Sleep and Resume
oo
Improved power management for longer
battery life
Power
Management oo
Makes new and exciting things possible Windows
XP
Windows
Vista
Windows
7
Watch and record TV on your PC Windows Media
Center oo
Create and share movies and slideshows in
minutes
Windows Live
Movie Maker oo
Get the most realistic game graphics and vivid
multi-media
DirectX 11 oo
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 82/91
82
Stream music, photos, and videos around your
house
Play To oo
Connect to music and photos on your home PC
while away from home
Remote Media
Streaming oo
Touch and tap instead of point and click Windows Touch
oo
= Included in this version of Windows
= Improved in Windows 7
Top 10 Differences between Windows XP and Windows 7
If you skipped over Windows Vista like so many others have, you may be in
for a shock when you upgrade from Windows XP to Windows 7. Microsoft’s
newest operating system is a major shift in usability, convenience, and overall
computing from previous versions of Windows.
Although not all are earth-shattering changes, listed below are the Top 10
differences between Windows XP and Windows 7. Many of these changes mayseem like a big deal because you’ve gotten so used to how things work in XP. If
you are considering upgrading from XP to Windows 7, be prepared for these
changes.
1. No e-mail Client
Outlook Express (OE) has been a trusted friend since Windows 95, so much so
that many people have never used another e-mail client. OE was removed
from Windows Vista but was replaced with Windows Mail. Strangely,Windows does not ship with any e-mail client at all. Users must either
purchase an e-mail client such as Outlook, use a free service such as Windows
Live Mail, or download an open source e-mail client such as Thunderbird.
2. 32-bit vs. 64-bit
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 83/91
83
Although Windows XP did have a 64-bit version (Windows XP x64), many
people are unaware that it even existed. When upgrading from XP to Windows
7, you will have to decide whether you want the 32-bit version (x86) or the
64-bit version (x64). Which you choose largely depends on your computer’s
hardware and the availability of drivers and other software to makeeverything work in your PC.
3. Aero Desktop
The Aero Desktop is really nothing more than a collection of window and
desktop behaviors that make Windows 7 the prettiest version of the operating
system to date. Features such as Aero Snap let you quickly organize open
windows and transparency makes it easy to see what’s underneath other
windows. With Windows XP think opaque, with Windows 7, think translucent.
4. Documents and Settings
The Documents and Settings folder, the location for all protected personal filesand folders, has been replaced with a simple Users folders. Not a big deal, but
many tech support personnel have spent hundreds of hours answering the
simple question of where the Documents and Settings folder went in Windows
5. Start Menu
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 84/91
84
The Start menu in Windows 7 has been completely reworked and has been
met with several criticisms. No longer does the Start menu use fly-outs and
scroll-outs to show you what shortcuts to programs and folders you have on
your computer.
Now you must use a more conservative folder system that forces you to use a
scroll bar to access shortcuts that can’t be displayed because you’ve reached
the maximum number that can be shown at one time. Luckily, if you really like
the Windows XP Start menu, there is a way to make the Windows 7 Start
menu behave like XP.
6. Ribbon
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 85/91
85
Introduced in Office 2007, it is clear that Microsoft will continue to push the
Ribbon interface over the more familiar drop-down menu and toolbar
approach to using programs. If you want to get a taste of the Ribbon, start up
Microsoft Paint or WordPad on a computer running Windows 7 and you can
see for yourself whether the Ribbon is going to be useful or just anothertechnology forced upon you.
7. Libraries
Windows 7 Libraries are nothing more than collections of files that are
similar. Similar content that is located in multiple areas of your computer are
brought together into the Library system to make finding files easier.
Of course, you can choose to use or not use Libraries depending on whether
you find them useful. However, if you store a lot of media on your computer
such as music or video and you want access to them without having to
physically move them the same location or folder, Libraries may be for you.
8. DirectX 11
If you are a gamer, you know that you must keep up with advances in both
hardware and software technology to get the most from your games.
Windows XP will not support DirectX versions beyond 9.0c so if your games
require a higher version such as 10 or 11, you have no choice but to move a
more recent version of Windows.
As more and more people make the switch to Windows 7, the game
developers and publishers are likely to take full advantage of more recent
DirectX versions. Stick with XP too long, and you may be shut out of the
newest games.
9. HomeGroup
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 86/91
86
Whether you have a simple or complicated home network, you know that any
help you can get to make administration easier is always welcomed.
HomeGroup is a major shift in home networking simplicity that makes older
paradigms seem archaic.
Not much has changed in setting up a home network since Windows NT 4, an
operating system from before Windows 95 that you may never have heard of.
Marrying simplicity, easy setup, and stable connections, HomeGroup takes the
guesswork and troubleshooting out of home networking on any scale.
10. Touch Support
Although touch interfaces have been around for a better part of a decade,
touch has not yet replaced the familiar keyboard/mouse combination of
navigating personal computers. Still, Windows 7 is the first operating systemfrom the software giant to natively support touch as a computer interface.
If you think that you would like to be on the frontier of this emerging interface
paradigm, Windows 7 is your only real choice if you want to run a Microsoft
operating system.
Conclusion
Some people have become so comfortable working with Windows XP that
they have avoided upgrading to Microsoft’s newest operating system. TheWindows Vista fiasco didn’t help matters, forcing some diehard fans of XP to
downgrade to make their PCs functional again.
If you are considering upgrading from Windows XP to Windows 7, be
prepared for some new things, some missing things, and a few things in
between. Still, the stability and usability of Windows 7 has been more or less
established so you can rest assured that you are taking a step in the right
direction by leaving XP behind.
Difference between win2k3 and win2k8 server
1: 2008 is a combination of vista and windows 2003 R2
Some new services are introduce in it
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 87/91
87
2: RODC new domain controller in it (Read Only Domain Controller), we cannot rename domain
controller name in 2008.
In 2003 we can rename domain controller name but you must be member of domain admin
groups for rename domain controller.
3: Shadow copy for each and every folder to help prevent inadvertent loss of data in win
2008.
In windows 2003 shadow copy is available only for shared folders.
4: Boot sequence is changed in 2008.
5: installation is 32 bit where as 2003 it is 16 as well as 32 bit, that’s why installation of 2008 is
faster.
6. Services are known as role in it in 2008.
7: Group policy editor is separate option in ADS (2008).
8: WDS (windows deployment services) instead of RIS in 2003 server.
9: The main difference between 2003 and 2008 is Virtualization, management.
2008 has more inbuilt components and updated third party drivers Microsoft introduces new
feature with 2k8 that is Hyper-V Windows Server 2008 introduces Hyper-V (V for
Virtualization) but only on 64bit versions.
10: In Windows Server 2008, Microsoft is introducing new features and technologies, some of
which were not available in Windows Server 2003 with Service Pack 1 (SP1), that will help to
reduce the power consumption of server and client operating systems, minimize
environmental byproducts, and increase server efficiency.
11: windows server 2003 Supports 32&64 bit version and 2008 supports only 64 bit.
The offline domain join capability in Windows Server 2008.
Windows Server 2008 Hardware Requirements
Before investing time and resources into downloading and installing Windows Server 2008, the first step is to gain an appreciation of the hardware requirementsnecessary to effectively run the operating system. The following table provides anoverview of Microsoft's recommended minimum hardware:
Category Minimum / Recommended Requirements
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 88/91
88
Processor • Minimum: 1GHz (x86 processor) or 1.4GHz (x64 processor)
• Recommended: 2GHz or faster
Note: For Itanium based systems an Intel Itanium 2 processor is required.
Memory • Minimum: 512MB RAM
• Recommended: 2GB RAM or greater • Maximum (32-bit systems): 4GB (Standard) or 64GB (Enterprise and Datacenter)
• Maximum (64-bit systems): 32GB (Standard) or 2TB (Enterprise, Datacenter and
Itanium-Based Systems)
Available Disk
Space
• Minimum: 10GB
• Recommended: 40GB or greater
Note: Systems with RAM in excess of 16GB will require greater amounts of disk
space to accommodate paging, hibernation, and dump files
Drive DVD-ROM drive
Display and
Peripherals
• Super VGA or greater-resolution monitor (800x600)
• Keyboard
• Microsoft Mouse or compatible pointing device
Windows Server 2008 Editions and System Requirements
Standard Edition
Windows Server 2008 Standard is one of Microsoft's entry level server offerings(alongside Windows Web Server 2008) and is one of the least expensive of thevarious editions available. Both 32-bit and 64-bit versions are available, and in termsof hardware Standard Edition supports up to 4GB of RAM and 4 processors.
Windows Server 2008 is primarily targeted and small and mid-sized businesses(SMBs) and is ideal for providing domain, web, DNS, remote access, print, file andapplication services. Support for clustering, however, is notably absent from thisedition.
An upgrade path to Windows Server 2008 Standard is available from Windows 2000
Server and Windows Server 2003 Standard Edition.
Windows Server 2008 Enterprise Edition
Windows Server 2008 Enterprise Edition provides greater functionality andscalability than the Standard Edition. As with Standard Edition both 32-bit and 64-bitversions are available. Enhancements include support for as many as 8 processorsand up to 64GB of RAM on 32-bit systems and 2TB of RAM on 64-bit systems.
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 89/91
89
Additional features of the Enterprise edition include support for clusters of up to 8nodes and Active Directory Federated Services (AD FS).
Windows Server 2000, Windows 2000 Advanced Server, Windows Server 2003Standard Edition and Windows Server 2003 Enterprise Edition may all be upgraded
to Windows Server 2008 Enterprise Edition.
Windows Server 2008 Datacenter Edition
The Datacenter edition represents the top end of the Windows Server 2008 productrange and is targeted at mission critical enterprises requiring stability and highuptime levels. Windows Server 2008 Datacenter edition is tied closely to theunderlying hardware through the implementation of custom Hardware AbstractionLayers (HAL). As such, it is currently only possible to obtain Datacenter edition aspart of a hardware purchase.
As with other versions, the Datacenter edition is available in 32-bit and 64-bitversions and supports 64GB of RAM on 32-bit systems and up to 2TB of RAM on64-bit systems. In addition, this edition supports a minimum of 8 processors up to amaximum of 64.
Upgrade paths to Windows Server 2008 Datacenter Edition are available from theDatacenter editions of Windows 2000 and 2003.
Windows Web Server 2008
Windows Web Server 2008 is essentially a version of Windows Server 2008designed primarily for the purpose of providing web services. It includes InternetInformation Services (IIS) 7.0 along with associated services such as Simple MailTransfer Protocol (SMTP) and Telnet. It is available in 32-bit and 64-bit versions andsupports up to 4 processors. RAM is limited to 4GB and 32GB on 32-bit and 64-bitsystems respectively.
Windows Web Server 2008 lacks many of the features present in other editions suchas clustering, BitLocker drive encryption, multipath I/O, Windows Internet NamingService (WINS), Removable Storage Management and SAN Management.
Windows Server 2008 Features Matrix
Now that we have covered in general terms the various different editions of Windows Server 2008 we can now look in a little more detail at a feature by featurecomparison of the four different editions. This is outlined in the following featurematrix:
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 90/91
90
Feature Enterprise Datacenter Standard Web Itanium
ADFS Web Agent Yes Yes Yes No No
Directory uIDM Yes Yes Yes No No
Desktop Experience Yes Yes Yes Yes No
Windows Clustering Yes Yes No No Yes
Windows Server Backup Yes Yes Yes Yes Yes
Windows Network Load Balancing (WNLB) Yes Yes Yes Yes Yes
Simple TCP/IP Services Yes Yes Yes No Yes
SMTP Yes Yes Yes Yes No
Subsystem for Unix-Based Applications (SUA) Yes Yes Yes No Yes
Telnet Client Yes Yes Yes Yes Yes
Telnet Server Yes Yes Yes Yes Yes
Microsoft Message Queuing (MSMQ) Yes Yes Yes No Yes
RPC Over HTTP Proxy Yes Yes Yes No Yes
Windows Internet Naming Service (WINS) Yes Yes Yes No No
Wireless Client Yes Yes Yes No No
Windows System Resource Manager (WSRM) Yes Yes Yes Yes Yes
Simple SAN Management Yes Yes Yes No No
LPR Port Monitor Yes Yes Yes No No
The Windows Foundation Components for WinFX Yes Yes Yes Yes Yes
BITS Server Extensions Yes Yes Yes No Yes
iSNS Server Service Yes Yes Yes Yes No
BitLocker Drive Encryption Yes Yes Yes No Yes
Multipath IO Yes Yes Yes No Yes
Removable Storage Management Yes Yes Yes No Yes
TFTP Yes Yes Yes No Yes
SNMP Yes Yes Yes Yes Yes
Server Admin Pack Yes Yes Yes Yes No
RDC Yes Yes Yes No Yes
Peer-to-Peer Name Resolution Protocol Yes Yes Yes Yes Yes
Recovery Disk Yes Yes Yes Yes Yes
Windows PowerShell Yes Yes Yes Yes Yes
8/2/2019 All in One Interview Questions
http://slidepdf.com/reader/full/all-in-one-interview-questions 91/91
91