complete ad interview quetions

8/12/2019 complete AD interview quetions.

1/39

Windows Sever 2008/R2 Interview questions Part 1

JUNE 22, 201110 COEN!S

Difference between 2003 and 2008

1) 2008 is "o#$ination o% vista and windows 200&r2' So#e new servi"es are introdu"ed in it

1' RO(C one new do#ain "ontro))er introdu"ed in it *Read+on) (o#ain "ontro))ers'-

2' W(S .windows de)o#ent servi"es instead o% RIS in 200& server

&' sadow "o %or ea" and ever %o)ders

'$oot sequen"e is "an3ed

4'insta))ation is &2 $it were as 200& it is 15 as we)) as &2 $it, tat6s w insta))ation o% 2008 is %aster

5'servi"es are 7nown as ro)e in it

' 9rou o)i" editor is a searate otion in ads

2)!e #ain di%%eren"e $etween 200& and 2008 is :irtua)i;ation, #ana3e#ent

2008 as #ore in$ui)t "o#onents and udated tird art drivers i"roso%t introdu"es new %eature wit 278 tat is tras, ou si#) se"i% te ro)e te server is to )a, and Windows wi)) insta)) wat6s ne"essar A notin3 #ore'

%. $ead &nly Do'ain "ontrollers ($&D"

It6s ard) news tat $ran" o%%i"es o%ten )a"7 s7i))ed I! sta%% to ad#inister teir servers, $ut te a)so %a"e anoter, )ess ta)7ed a$out ro$)e#' Wi)e

"ororate data "enters are o%ten si"a)) se"ured, servers at $ran" o%%i"es rare) ave te sa#e si"a) se"urit rote"tin3 te#' !is #a7es te#

a "onvenient )aun" ad %or atta"7s $a"7 to te #ain "ororate servers' RO(C rovides a wa to #a7e an B"tive (ire"tor data$ase read+on)' !us

an #is"ie% "arried out at te $ran" o%%i"e "annot roa3ate its wa $a"7 to oison te B"tive (ire"tor sste# as a wo)e' It a)so redu"es tra%%i" on

WBN )in7s'

. *nhanced ter'inal services

!er#ina) servi"es as $een $ee%ed u in Server 2008 in a nu#$er o% was' !S Re#oteB ena$)es re#ote users to a""ess a "entra)i;ed a)i"ation

.rater tan an entire des7to tat aears to $e runnin3 on te )o"a) "o#uter6s ard drive' !ese as "an $e a""essed via a We$ orta) or dire"t)

$ dou$)e+")i"7in3 on a "orre"t) "on%i3ured i"on on te )o"a) #a"ine' !S 9atewa se"ures sessions, wi" are ten tunne))ed over tts, so users

don6t need to use a :PN to use Re#oteBs se"ure) over te Internet' o"a) rintin3 as a)so $een #ade si3ni%i"ant) easier'

+. ,etwor- ccess /rotection

i"roso%t6s sste# %or ensurin3 tat ")ients "onne"tin3 to Server 2008 are at"ed, runnin3 a %irewa)) and in "o#)ian"e wit "ororate se"urit o)i"ies

A and tat tose tat are not "an $e re#ediated A is use%u)'


2/39

auto#ate #an o% te tas7s .su" as #aintenan"e and )in7in3 o% 9POs tat ou wou)d oterwise er%or# in te 9UI' In addition, R2 adds new o)i"

settin3s tat enan"e te #ana3e#ent o% Windows "o#uters'

Windows !erver 2008 $2 new features

B"tive (ire"tor Re"")e Gin

Windows PowerSe)) 2'0

B"tive (ire"tor Bd#inistrative Center .B(BC

O%%)ine do#ain Doin

B"tive (ire"tor ea)t "e"7

B"tive (ire"tor We$ Servi"es

B"tive (ire"tor ana3e#ent Pa"7

Windows Server i3ration !oo)s

ana3ed Servi"e B""ounts

What is server core How do you confiure and 'anae a windows server 2008 core installation

!e Server Core insta))ation otion is an otion tat ou "an use %or insta))in3 Windows Server 2008 or Windows Server 2008 R2' B Server Core

insta))ation rovides a #ini#a) environ#ent %or runnin3 se"i%i" server ro)es, wi" redu"es te #aintenan"e and #ana3e#ent require#ents and te

atta"7 sur%a"e %or tose server ro)es' B server runnin3 a Server Core insta))ation o% Windows Server 2008 suorts te %o))owin3 server ro)esH

B"tive (ire"tor (o#ain Servi"es .B( (S

B"tive (ire"tor i3twei3t (ire"tor Servi"es .B( (S

(


3/39

1' Con%i3ure an unattend te>t %i)e, "ontainin3 te instru"tions %or te (CPROO ro"ess' In tis e>a#)e ou wi)) "reate an additiona) (C %or a do#ain

"a))ed etri)a$')o"a)H

2' Con%i3ure te ri3t server "ore settin3s

B%ter tat ou need to #a7e sure te "ore #a"ine is roer) "on%i3ured'

1' Per%or# an "on%i3uration settin3 tat ou require .tas7s su" as "an3in3 "o#uter na#e, "an3in3 and "on%i3ure IP address, su$net #as7

de%au)t 3atewa, (NS address, %irewa)) settin3s, "on%i3urin3 re#ote des7to and so on'

2' B%ter "an3in3 te required server "on%i3uration, #a7e sure tat %or te tas7 o% "reatin3 it as a (C @ ou ave te %o))owin3 require#ents in

)a"eH

B artition %or#atted wit N!?S .ou sou)d, it6s a server

B networ7 inter%a"e "ard, "on%i3ure roer) wit te ri3t driver

B networ7 "a$)e )u33ed in

!e ri3t IP address, su$net #as7, de%au)t 3atewa

Bnd #ost i#ortant), do not %or3etH

!e ri3t (NS settin3, in #ost "ases, ointin3 to an e>istin3 interna) (NS in our "ororate networ7

&' Co te unattend %i)e to te server "ore #a"ine

Now ou need to "o te unattend %i)e %ro# werever ou6ve stored it' Fou "an run it %ro# a networ7 )o"ation $ut I re%er to ave it )o"a)) on te "ore

#a"ine' Fou "an use te NE! USE "o##and on server "ore to #a to a networ7 at and "o te %i)e to te )o"a) drive' Fou "an a)so use a re3u)ar

server/wor7station to 3rai"a)) a""ess te "ore6s C drive .%or e>a#)e and "o te %i)e to tat )o"ation'' Run te (CPROO ro"ess

Ne>t ou need to #anua)) run (CPROO' !o run te B"tive (ire"tor (o#ain Servi"es Insta))ation Wi;ard in unattended #ode, use te %o))owin3

"o##and at a "o##and ro#tH

("ro#o /unattend

Re$oot te #a"ine

In order to re$oot te server "ore #a"ine te te %o))owin3 te>t in te "o##and ro#t and ress Enter'

sutdown /r /t 0

What are $&D"s What are advantaes

B read+on) do#ain "ontro))er .RO(C is a new te o% do#ain "ontro))er in te Windows ServerK 2008 oeratin3 sste#' Wit an RO(C, or3ani;ations

"an easi) de)o a do#ain "ontro))er in )o"ations were si"a) se"urit "annot $e 3uaranteed' Bn RO(C osts read+on) artitions o% te

B"tive (ire"tor (o#ain Servi"es .B( (S data$ase'

Ge%ore te re)ease o% Windows Server 2008, i% users ad to autenti"ate wit a do#ain "ontro))er over a wide area networ7 .WBN, tere was no rea

a)ternative' In #an "ases, tis was not an e%%i"ient so)ution' Gran" o%%i"es o%ten "annot rovide te adequate si"a) se"urit tat is required %or a

writa$)e do#ain "ontro))er' ?urter#ore, $ran" o%%i"es o%ten ave oor networ7 $andwidt wen te are "onne"ted to a u$ site' !is "an in"rease te

a#ount o% ti#e tat is required to )o3 on' It "an a)so a#er a""ess to networ7 resour"es'

Ge3innin3 wit Windows Server 2008, an or3ani;ation "an de)o an RO(C to address tese ro$)e#s' Bs a resu)t, users in tis situation "an re"eive

te %o))owin3 $ene%itsH

I#roved se"urit

?aster )o3on ti#es

ore e%%i"ient a""ess to resour"es on te networ7

What does an $&D" do
http://winadmins.files.wordpress.com/2011/06/te.jpg


4/39

Inadequate si"a) se"urit is te #ost "o##on reason to "onsider de)oin3 an RO(C' Bn RO(C rovides a wa to de)o a do#ain "ontro))er #ore

se"ure) in )o"ations tat require %ast and re)ia$)e autenti"ation servi"es $ut "annot ensure si"a) se"urit %or a writa$)e do#ain "ontro))er'

t

Se)e"t te $ead7only do'ain controller"e"7 $o>, as sown in te %o))owin3 i))ustration' G de%au)t, te D,! server"e"7 $o> is a)so

se)e"ted' !o run te (NS server on te RO(C, anoter do#ain "ontro))er runnin3 Windows Server 2008 #ust $e runnin3 in te do#ain and ostin3

te (NS do#ain ;one' Bn B"tive (ire"tor@inte3rated ;one on an RO(C is a)was a read+on) "o o% te ;one %i)e' Udates are sent to a (NS

server in a u$ site instead o% $ein3 #ade )o"a)) on te RO(C'

!o use te de%au)t %o)ders tat are se"i%ied %or te B"tive (ire"tor data$ase, te )o3 %i)es, and SFS:O, ")i"7,e6t'

!e and ten "on%ir# a (ire"tor Servi"es Restore ode assword, and ten ")i"7 ,e6t'

Con%ir# te in%or#ation tat aears on te Su##ar a3e, and ten ")i"7 ,e6tto start te B( (S insta))ation' Fou "an se)e"t te $eboot on

co'letion"e"7 $o> to #a7e te rest o% te insta))ation "o#)ete auto#ati"a))'

What is the 'ini'u' re5uire'ent to install Windows 2008 server

al- about all the D7related roles in Windows !erver 20089$2.

B"tive (ire"tor (o#ain Servi"es
http://winadmins.files.wordpress.com/2011/06/te2.jpg


5/39

B"tive (ire"tor (o#ain Servi"es .B( (S, %or#er) 7nown as B"tive (ire"tor (ire"tor Servi"es, is te "entra) )o"ation %or "on%i3uration in%or#ation

autenti"ation requests, and in%or#ation a$out a)) o% te o$De"ts tat are stored witin our %orest' Usin3 B"tive (ire"tor, ou "an e%%i"ient) #ana3e

users, "o#uters, 3rous, rinters, a)i"ations, and oter dire"tor+ena$)ed o$De"ts %ro# one se"ure, "entra)i;ed )o"ation'

Gene%its

4ower costso% #ana3in3 Windows networ7s'

!i'lify identity 'anae'ent$ rovidin3 a sin3)e view o% a)) user in%or#ation'

:oost securitywit te a$i)it to ena$)e #u)ti)e tes o% se"urit #e"anis#s witin a sin3)e networ7'

;'rove co'liance$ usin3 B"tive (ire"tor as a ri#ar sour"e %or audit data'

B"tive (ire"tor Ri3ts ana3e#ent Servi"es

Four or3ani;ation6s inte))e"tua) roert needs to $e sa%e and i3) se"ure' B"tive (ire"tor Ri3ts ana3e#ent Servi"es, a "o#onent o% Windows

Server 2008, is avai)a$)e to e) #a7e sure tat on) tose individua)s wo need to view a %i)e "an do so' B( RS "an rote"t a %i)e $ identi%in3 te

ri3ts tat a user as to te %i)e' Ri3ts "an $e "on%i3ured to a))ow a user to oen, #odi%, rint, %orward, or ta7e oter a"tions wit te ri3ts+#ana3ed

in%or#ation' Wit B( RS, ou "an now sa%e3uard data wen it is distri$uted outside o% our networ7'

B"tive (ire"tor ?ederation Servi"es

B"tive (ire"tor ?ederation Servi"es is a i3) se"ure, i3) e>tensi$)e, and Internet+s"a)a$)e identit a""ess so)ution tat a))ows or3ani;ations to

autenti"ate users %ro# artner or3ani;ations' Usin3 B( ?S in Windows Server 2008, ou "an si#) and ver se"ure) 3rant e>terna) users a""ess to

our or3ani;ation6s do#ain resour"es' B( ?S "an a)so si#)i% inte3ration $etween untrusted resour"es and do#ain resour"es witin our own

or3ani;ation'

B"tive (ire"tor Certi%i"ate Servi"esost or3ani;ations use "erti%i"ates to rove te identit o% users or "o#uters, as we)) as to en"rt data durin3 trans#ission a"ross unse"ured networ7

"onne"tions' B"tive (ire"tor Certi%i"ate Servi"es .B( CS enan"es se"urit $ $indin3 te identit o% a erson, devi"e, or servi"e to teir own rivate

7e' Storin3 te "erti%i"ate and rivate 7e witin B"tive (ire"tor e)s se"ure) rote"t te identit, and B"tive (ire"tor $e"o#es te "entra)i;ed

)o"ation %or retrievin3 te aroriate in%or#ation wen an a)i"ation )a"es a request'

B"tive (ire"tor i3twei3t (ire"tor Servi"es

B"tive (ire"tor i3twei3t (ire"tor Servi"e .B( (S, %or#er) 7nown as B"tive (ire"tor B)i"ation ode, "an $e used to rovide dire"tor servi"es

%or dire"tor+ena$)ed a)i"ations' Instead o% usin3 our or3ani;ation6s B( (S data$ase to store te dire"tor+ena$)ed a)i"ation data, B( (S "an $e

used to store te data' B( (S "an $e used in "onDun"tion wit B( (S so tat ou "an ave a "entra) )o"ation %or se"urit a""ounts .B( (S and

anoter )o"ation to suort te a)i"ation "on%i3uration and dire"tor data .B( (S' Usin3 B( (S, ou "an redu"e te overead asso"iated wit

B"tive (ire"tor re)i"ation, ou do not ave to e>tend te B"tive (ire"tor s"e#a to suort te a)i"ation, and ou "an artition te dire"tor

stru"ture so tat te B( (S servi"e is on) de)oed to te servers tat need to suort te dire"tor+ena$)ed a)i"ation'

What are the new Do'ain and


6/39

!o a"tivate new %orest+wide %eatures, a)) do#ain "ontro))ers in te %orest #ust $e runnin3 Windows Server 200&'

!uorted Do'ain controllers in all do'ains in the forest@ Windows Server 200&, Windows Server 2008'

Windows !erver 2008 forest function level

!o a"tivate new %orest+wide %eatures, a)) do#ain "ontro))ers in te %orest #ust $e runnin3 Windows Server 2008'

!uorted Do'ain controllers in all do'ains in the forest@ Windows Server 2008'

!o a"tivate te new do#ain %eatures, a)) do#ain "ontro))ers in te do#ain #ust $e runnin3 Windows Server 2008' B%ter tis require#ent is #et, te

ad#inistrator "an raise te do#ain %un"tiona) )eve) to Windows Server 2008'

When a child do'ain is created in the do'ain tree> what tye of trust relationshi e6ists between the new child do'ain and the trees root

do'ain

ransitive and two way.

ttH//te"net'#i"roso%t'"o#/en+us/)i$rar/""4&5L28WS'10L2M'as>

Which Windows !erver 2008 tools 'a-e it easy to 'anae and confiure a servers roles and features

!e Server ana3er window ena$)es ou to view te ro)es and %eatures insta))ed on a server and a)so to qui"7) a""ess te too)s used to #ana3e tese

various ro)es and %eatures' !e Server ana3er "an $e used to add and re#ove ro)es and %eatures as needed

What is WD! How is WD! confiured and 'anaed on a server runnin Windows !erver 2008

!e Windows (e)o#ent Servi"es is te udated and redesi3ned version o% Re#ote Insta))ation Servi"es .RIS' Windows (e)o#ent Servi"es

ena$)es ou to de)o Windows oeratin3 sste#s, arti"u)ar) Windows :ista' Fou "an use it to set u new "o#uters $ usin3 a networ7+$ased

insta))ation' !is #eans tat ou do not ave to insta)) ea" oeratin3 sste# dire"t) %ro# a C( or (:('

Gene%its o% Windows (e)o#ent Servi"es

Windows (e)o#ent Servi"es rovides or3ani;ations wit te %o))owin3 $ene%itsH

B))ows networ7+$ased insta))ation o% Windows oeratin3 sste#s, wi" redu"es te "o#)e>it and "ost wen "o#ared to #anua

insta))ations'

(e)os Windows i#a3es to "o#uters witout oeratin3 sste#s'

Suorts #i>ed environ#ents tat in")ude Windows :ista, i"roso%t Windows P and i"roso%t Windows Server 200&'

Gui)t on standard Windows :ista setu te"no)o3ies in")udin3 Windows PE, 'wi# %i)es, and i#a3e+$ased setu'

Prerequisites %or insta))in3 Windows (e)o#ent Servi"es

Four "o#utin3 environ#ent #ust #eet te %o))owin3 te"ni"a) require#ents to insta)) Windows (e)o#ent Servi"esH

ctive Directory.B Windows (e)o#ent Servi"es server #ust $e eiter a #e#$er o% an B"tive (ire"tor do#ain or a do#ain "ontro))er %o

an B"tive (ire"tor do#ain' !e B"tive (ire"tor do#ain and %orest versions are irre)evant a)) do#ain and %orest "on%i3urations suort Windows

(e)o#ent Servi"es'

DH"/.Fou #ust ave a wor7in3 (na#i"

Windows !erver 2003 !/1 or !/2 with $;! installed.RIS does not ave to $e "on%i3ured, $ut #ust $e insta))ed'

ttH//te"net'#i"roso%t'"o#/en+us/)i$rar/""55&20L28WS'10L2M'as>GQ1

,a'e so'e of the 'a?or chanes in /& in Windows !erver 2008.

Cost savin3s trou3 ower otions

In Windows Server 2008, a)) ower otions ave $een 9rou Po)i" ena$)ed, rovidin3 a otentia)) si3ni%i"ant "ost savin3s' Contro))in3 ower otions

trou3 9rou Po)i" "ou)d save or3ani;ations a si3ni%i"ant a#ount o% #one' Fou "an #odi% se"i%i" ower otions trou3 individua) 9rou Po)i"

settin3s or $ui)d a "usto# ower )an tat is de)oa$)e $ usin3 9rou Po)i"'

B$i)it to $)o"7 devi"e insta))ation

In Windows Server 2008, ou "an "entra)) restri"t devi"es %ro# $ein3 insta))ed on "o#uters in our or3ani;ation' Fou wi)) now $e a$)e to "reate o)i"

settin3s to "ontro) a""ess to devi"es su" as USG drives, C(+RW drives, (:(+RW drives, and oter re#ova$)e #edia'

I#roved se"urit settin3s

In Windows Server 2008, te %irewa)) and IPse" 9rou Po)i" settin3s are "o#$ined to a))ow ou to )evera3e te advanta3es o% $ot te"no)o3ies, wi)e

e)i#inatin3 te need to "reate and #aintain du)i"ate %un"tiona)it' So#e s"enarios suorted $ tese "o#$ined %irewa)) and IPse" o)i" settin3s are

se"ure server+to+server "o##uni"ations over te Internet, )i#itin3 a""ess to do#ain resour"es $ased on trust re)ationsis or ea)t o% a "o#uter, and

rote"tin3 data "o##uni"ation to a se"i%i" server to #eet re3u)ator require#ents %or data riva" and se"urit'
http://technet.microsoft.com/en-us/library/cc775736(WS.10).aspxhttp://technet.microsoft.com/en-us/library/cc766320(WS.10).aspx#BKMK_1http://technet.microsoft.com/en-us/library/cc775736(WS.10).aspxhttp://technet.microsoft.com/en-us/library/cc766320(WS.10).aspx#BKMK_1


7/39

E>anded Internet E>)orer settin3s #ana3e#ent

In Windows Server 2008, ou "an oen and edit Internet E>)orer 9rou Po)i" settin3s witout te ris7 o% inadvertent) a)terin3 te state o% te o)i"

settin3 $ased on te "on%i3uration o% te ad#inistrative wor7station' !is "an3e re)a"es ear)ier $eavior in wi" so#e Internet E>)orer o)i"

settin3s wou)d "an3e $ased on te o)i" settin3s ena$)ed on te ad#inistrative wor7station used to view te settin3s

Printer assi3n#ent $ased on )o"ation

!e a$i)it to assi3n rinters $ased on )o"ation in te or3ani;ation or a 3eo3rai" )o"ation is a new %eature in Windows Server 2008' In Windows

Server 2008, ou "an assi3n rinters $ased on site )o"ation' Wen #o$i)e users #ove to a di%%erent )o"ation, 9rou Po)i" "an udate teir rinters %o

te new )o"ation' o$i)e users returnin3 to teir ri#ar )o"ations see teir usua) de%au)t rinters'

Printer driver insta))ation de)e3ated to users

In Windows Server 2008, ad#inistrators "an now de)e3ate to users te a$i)it to insta)) rinter drivers $ usin3 9rou Po)i"' !is %eature e)s to

#aintain se"urit $ )i#itin3 distri$ution o% ad#inistrative "redentia)s'

What is the D $ecycle :in How do you use it

B"tive (ire"tor Re"")e Gin e)s #ini#i;e dire"tor servi"e downti#e $ enan"in3 our a$i)it to reserve and restore a""identa)) de)eted

B"tive (ire"tor o$De"ts witout restorin3 B"tive (ire"tor data %ro# $a"7us, restartin3 B"tive (ire"tor (o#ain Servi"es .B( (S, or re$ootin3 do#ain

"ontro))ers'

Wen ou ena$)e B"tive (ire"tor Re"")e Gin, a)) )in7+va)ued and non+)in7+va)ued attri$utes o% te de)eted B"tive (ire"tor o$De"ts are reserved and

te o$De"ts are restored in teir entiret to te sa#e "onsistent )o3i"a) state tat te were in i##ediate) $e%ore de)etion' ?or e>a#)e, restored user

a""ounts auto#ati"a)) re3ain a)) 3rou #e#$ersis and "orresondin3 a""ess ri3ts tat te ad i##ediate) $e%ore de)etion, witin and a"ross

do#ains'

B"tive (ire"tor Re"")e Gin is %un"tiona) %or $ot B( (S and B"tive (ire"tor i3twei3t (ire"tor Servi"es .B( (S environ#ents'

G de%au)t, B"tive (ire"tor Re"")e Gin in Windows Server 2008 R2 is disa$)ed' !o ena$)e it, ou #ust %irst raise te %orest %un"tiona) )eve) o% ou

B( (S or B( (S environ#ent to Windows Server 2008 R2, wi" in turn requires a)) %orest do#ain "ontro))ers or a)) servers tat ost instan"es o

B( (S "on%i3uration sets to $e runnin3 Windows Server 2008 R2'

!o ena$)e B"tive (ire"tor Re"")e Gin usin3 te Ena$)e+B(Otiona)?eature "#d)et

1' C)i"7 !tart, ")i"7 d'inistrative ools, ri3t+")i"7 ctive Directory =odule for Windows /ower!hell, and ten ")i"7 $un as ad'inistrator'

1' Bt te B"tive (ire"tor #odu)e %or Windows PowerSe)) "o##and ro#t, te te %o))owin3 "o##and, and ten ress EN!ERH

Ena$)e+B(Otiona)?eature +Identit B(Otiona)?eature +S"oe B(Otiona)?eatureS"oe +!ar3et B(Entit

?or e>a#)e, to ena$)e B"tive (ire"tor Re"")e Gin %or "ontoso'"o#, te te %o))owin3 "o##and, and ten ress EN!ERH

Ena$)e+B(Otiona)?eature @Identit =CNTRe"")e Gin ?eature,CNTOtiona) ?eatures,CNT(ire"tor Servi"e,CNTWindows

N!,CNTServi"es,CNTCon%i3uration,(CT"ontoso,(CT"o#6 @S"oe ?orestOrCon%i3urationSet @!ar3et ="ontoso'"o#6

What are D !nashots How do you use the'

B snasot is a sadow "oA"reated $ te :o)u#e Sadow Co Servi"e .:SSAo% te vo)u#es tat "ontain te B"tive (ire"tor data$ase and )o3

%i)es' Wit B"tive (ire"tor snasots, ou "an view te data inside su" a snasot on a do#ain "ontro))er witout te need to start te server in

(ire"tor Servi"es Restore ode'

Windows Server 2008 as a new %eature a))owin3 ad#inistrators to "reate snasots o% te B"tive (ire"tor data$ase %or o%%)ine use' Wit B( snasots

ou "an #ount a $a"7u o% B( (S under a di%%erent set o% orts and ave read+on) a""ess to our $a"7us trou3 (BP'

!ere are quite a %ew s"enarios %or usin3 B( snasots' ?or e>a#)e, i% so#eone as "an3ed roerties o% B( o$De"ts and ou need to revert to tei

revious va)ues, ou "an #ount a "o o% a revious snasot to an a)ternate ort and easi) e>ort te required attri$utes %or ever o$De"t tat was

"an3ed' !ese va)ues "an ten $e i#orted into te runnin3 instan"e o% B( (S' Fou "an a)so restore de)eted o$De"ts or si#) view o$De"ts %o

dia3nosti" uroses'

It does not a))ow ou to #ove or "o ite#s or in%or#ation %ro# te snasot to te )ive data$ase' In order to do tat ou wi)) need to #anua)) e>ort te

re)evant o$De"ts or attri$utes %ro# te snasot, and #anua)) i#ort te# $a"7 to te )ive B( data$ase'

!tes for usin !nashot

1. Create a snapshot:

oen C('e>e, Ntdsuti), a"tivate instan"e ntds, snasot, "reate, )ist a))'


8/39

2. =ountin an ctive Directory snashot

Ge%ore "onne"tin3 to te snasot we need to #ount it' G )oo7in3 at te resu)ts o% te ist B)) "o##and in a$ove ste, identi% te snasot tat ou

wis to #ount, and note te nu#$er ne>t to it'

!e Ntdsuti), Snasot, ist a)), ount 2' !e snasot 3ets #ounted to "HSNBPQ200M012400&0Q:OUEC' Now ou "an re%er tis at to see

te o$De"ts in tese snasots'

3. "onnectin an ctive Directory snashot

In order to "onne"t to te B( snasot ou6ve #ounted ou wi)) need to use te (SBBIN "o##and' (SBBIN is a "o##and+)ine too) tat is $ui)t into

Windows Server 2008' It is avai)a$)e i% ou ave te B"tive (ire"tor (o#ain Servi"es .B( (S or B"tive (ire"tor i3twei3t (ire"tor Servi"es .B(

(S server ro)e insta))ed'

B%ter usin3 (SBBIN to e>ose te in%or#ation inside te B( snasot, ou "an use an 9UI too) tat "an "onne"t to te se"i%ied ort, too)s su" as

B"tive (ire"tor Users and Co#uters .(SB'#s", B(SIE(I!'#s", (P'e>e or oters' Fou "an a)so "onne"t to it $ usin3 "o##and )ine too)s su" as

(I?(E or CS:(E, too)s tat a))ow ou to e>ort in%or#ation %ro# tat data$ase'

dsa#ain +d$at V "HSNBPQ200M012400&0Q:OUECWindowsN!(Sntds'ditV +)daort 1028M
http://winadmins.files.wordpress.com/2011/06/ef1.jpghttp://winadmins.files.wordpress.com/2011/06/ef.jpg


9/39

!e a$ove "o##and wi)) a))ow ou to a""ess te data$ase usin3 ort 1028M'

Now ou "an use (P'e>e too) to "onne"t to tis #ounted instan"e'

@. Disconnectin fro' the ctive Directory snashot

In order to dis"onne"t %ro# te B( snasot a)) ou need to do is to te C!RC at te (SBBIN "o##and ro#t window' Fou6)) 3et a #essa3e

indi"atin3 tat te (S sut down su""ess%u))'
http://winadmins.files.wordpress.com/2011/06/ef3.jpghttp://winadmins.files.wordpress.com/2011/06/ef2.jpg


10/39

%. An'ountin the snashot

Run "o##and, Ntdsuti), Snasot, ist a)), Un#ount 2'

What is &ffline Do'ain Boin How do you use it

Fou "an use o%%)ine do#ain Doin to Doin "o#uters to a do#ain witout "onta"tin3 a do#ain "ontro))er over te networ7' Fou "an Doin "o#uters to te

do#ain wen te %irst start u a%ter an oeratin3 sste# insta))ation' No additiona) restart is ne"essar to "o#)ete te do#ain Doin' !is e)s redu"e

te ti#e and e%%ort required to "o#)ete a )ar3e+s"a)e "o#uter de)o#ent in )a"es su" as data"enters'

?or e>a#)e, an or3ani;ation #i3t need to de)o #an virtua) #a"ines witin a data"enter' O%%ine do#ain Doin #a7es it ossi$)e %or te virtua

#a"ines to $e Doined to te do#ain wen te initia)) start %o))owin3 te oeratin3 sste# insta))ation' No additiona) restart is required to "o#)ete te

do#ain Doin' !is "an si3ni%i"ant) redu"e te overa)) ti#e required %or wide+s"a)e virtua) #a"ine de)o#ents'

B do#ain Doin esta$)ises a trust re)ationsi $etween a "o#uter runnin3 a Windows oeratin3 sste# and an B"tive (ire"tor do#ain' !is oeration

requires state "an3es to B( (S and state "an3es on te "o#uter tat is Doinin3 te do#ain' !o "o#)ete a do#ain Doin in te ast usin3 revious

Windows oeratin3 sste#s, te "o#uter tat Doined te do#ain ad to $e runnin3 and it ad to ave networ7 "onne"tivit to "onta"t a do#ain

"ontro))er' O%%)ine do#ain Doin rovides te %o))owin3 advanta3es over te revious require#entsH !e B"tive (ire"tor state "an3es are "o#)eted witout an networ7 tra%%i" to te "o#uter'

!e "o#uter state "an3es are "o#)eted witout an networ7 tra%%i" to a do#ain "ontro))er'

Ea" set o% "an3es "an $e "o#)eted at a di%%erent ti#e'

ttH//te"net'#i"roso%t'"o#/en+us/)i$rar/o%%)ine+do#ain+Doin+dDoin+ste+$+steL28WS'10L2M'as>

What are


11/39

Restarta$)e B( (S is a %eature in Windows Server 2008 tat ou "an use to er%or# routine #aintenan"e tas7s on a do#ain "ontro))er, su" as a)in3

udates or er%or#in3 o%%)ine de%ra3#entation, witout restartin3 te server'

Wi)e B( (S is runnin3, a do#ain "ontro))er runnin3 Windows Server 2008 $eaves te sa#e wa as a do#ain "ontro))er runnin3 i"roso%tK

WindowsK 2000 Server or Windows Server 200&'

Wi)e B( (S is stoed, ou "an "ontinue to )o3 on to te do#ain $ usin3 a do#ain a""ount i% oter do#ain "ontro))ers are avai)a$)e to servi"e te

)o3on request' Fou "an a)so )o3 on to te do#ain wit a do#ain a""ount wi)e te do#ain "ontro))er is started in (ire"tor Servi"es Restore ode

.(SR i% oter do#ain "ontro))ers are avai)a$)e to servi"e te )o3on request'

I% no oter do#ain "ontro))er is avai)a$)e, ou "an )o3 on to te do#ain "ontro))er were B( (S is stoed in (ire"tor Servi"es Restore ode .(SR

on) $ usin3 te (SR Bd#inistrator a""ount and assword $ de%au)t, as in Windows 2000 Server B"tive (ire"tor or Windows Server 200&

B"tive (ire"tor'

Gene%its o% restarta$)e B( (S

Restarta$)e B( (S redu"es te ti#e tat is required to er%or# o%%)ine oerations su" as o%%)ine de%ra3#entation' It a)so i#roves te avai)a$i)it o%

oter servi"es tat run on a do#ain "ontro))er $ 7eein3 te# runnin3 wen B( (S is stoed' In "o#$ination wit te Server Core insta))ation otion

o% Windows Server 2008, restarta$)e B( (S redu"es te overa)) servi"in3 require#ents o% a do#ain "ontro))er'

In Windows 2000 Server B"tive (ire"tor and Windows Server 200& B"tive (ire"tor, ou #ust restart te do#ain "ontro))er in (SR wen ou er%or#

o%%)ine de%ra3#entation o% te data$ase or a) se"urit udates' In "ontrast, ou "an sto Windows Server 2008 B( (S as ou sto oter servi"es ta

are runnin3 )o"a)) on te server' !is #a7es it ossi$)e to er%or# o%%)ine B( (S oerations #ore qui"7) tan ou "ou)d wit Windows 2000 Server and

Windows Server 200&'

Fou "an use i"roso%t ana3e#ent Conso)e .C sna+ins, or te Net'e>e "o##and+)ine too), to sto or restart B"tive (ire"torK (o#ain Servi"es

.B( (S in te Windows ServerK 2008 oeratin3 sste#' Fou "an sto B( (S to er%or# tas7s, su" as o%%)ine de%ra3#entation o% te B( (S

data$ase, witout restartin3 te do#ain "ontro))er' Oter servi"es tat run on te server, $ut tat do not deend on B( (S to %un"tion, are avai)a$)e to

servi"e ")ient requests wi)e B( (S is stoed' Bn e>a#)e o% su" a servi"e is (na#i" NN!P @ 11M @ . Networ7 News !rans%er Proto"o) Port nu#$er

N!P @ 12& @ .nt ort nu#$er and networ7 !i#e Proto"o) and SN!P ort nu#$er

IBP @ 1& @ .Internet essa3e B""ess Proto"o) ort nu#$er

SS!P @ 54 @ . S!P Over SS)

SIBP @ MM& @ . IBP Over SS

SPOP& @ MM4 @ . POP Over SS

!i#e @ 12& @ . nt ort nu#$er and networ7 !i#e Proto"o) and SN!P ort nu#$er

NetGios @ 1& @ . Na#e Servi"e

NetGios @ 1&M @ . (ata3ra# Servi"e

(


12/39

200& R2 SP2 and windows server 2008 it6s 180 das

I% ou #i3ratin3 windows 200& environ#ent to windows 2008 ten its 50 da6s

ou "an use te $e)ow "o##and to "e"7/view te "urrent to#$stone )i%eti#e va)ue %or our (o#ain/?orest

dsquer Y Z"nTdire"tor servi"e,"nTwindows nt,"nTservi"es,"nT"on%i3uration,d"TV @s"oe $ase @attr to#$stone)i%eti#e

Re)a"e %orest(N wit our do#ain artition (N, %or do#ainna#e'"o# te (N wou)d $e d"Tdo#ainna#e, d"T"o#

Sour"eH ttH//te"net'#i"roso%t'"o#/en+us/)i$rar/""8M&2.WS'10'as>

3. How to find the do'ain controller that contains the linerin ob?ect

;f we enable !trict $elication "onsistency

in3erin3 o$De"ts are not resent on do#ain "ontro))ers tat )o3 Event I( 1M88' !e sour"e do#ain "ontro))er "ontains te )in3erin3 o$De"t

;f we doesnCt enable !trict $elication "onsistency

in3erin3 o$De"ts are not resent on do#ain "ontro))ers tat )o3 Event I( 1&88' (o#ain "ontro))er tat doesn6t )o3 Event I( 1&88 and tat do#ain

"ontro))er "ontain te )in3erin3 o$De"t

Fou ave a 100 (o#ain "ontro))ers wi" doesn6t ena$)e Stri"t Re)i"ation Consisten", ten ou wi)) 3et te Event I( 1&88 on a)) te MM (o#ain

"ontro))ers e>"et te one tat "ontain te )in3erin3 o$De"t

Need to Re#ove in3erin3 O$De"ts %ro# te a%%e"ted do#ain "ontro))er or de"o##ission te do#ain "ontro))er

Fou "an use Event Co#$ too) .Event"o#$#t'e>e is a #u)ti+treaded too) tat "an $e used to 3ater se"i%i" events %ro# te Event :iewer )o3s o%

di%%erent "o#uters at te sa#e ti#e'

Fou "an down)oad tese too)s %ro# te %o))owin3 )o"ationH

ttH//www'#i"roso%t'"o#/down)oads/detai)s'as>[?a#i)I(TMd5a5M+4%%+ae+M5ee+$18"M0"%%d\(is)aan3Ten@. What are ctive Directory orts

ist o% B"tive (ire"tor Ports %or B"tive (ire"tor re)i"ation and B"tive (ire"tor autenti"ation, tis orts "an $e used to "on%i3ure te ?irewa))

ctive Directory relication7!ere is no de%ined ort %or B"tive (ire"tor re)i"ation, B"tive (ire"tor re)i"ation re#ote ro"edure "a))s .RPC o""ur

dna#i"a)) over an avai)a$)e ort trou3 RPCSS .RPC Endoint aer $ usin3 ort 1&4


13/39

ou can also save the co''and outut to te6t file> by usin the below co''and

Read#in /re)su# /$sr" /$dest /sortHde)ta "Hre)i"ationQreort't>t

tis wi)) )ist te do#ain "ontro))ers tat are %ai)in3 to re)i"ate wit te de)ta va)ue

Fou "an dai) run tis to "e"7 our a"tive dire"tor ea)t

. /$*!A4 falied with access denied error

Una$)e to 3et te resu)t %ro# 3resu)t on windows 200& server, 3resu)t return wit te a""ess denied errors, ou "an a$)e to udate te 3rou o)i"

witout issue

Run te %o))owin3 "o##ands to re3ister te userenv'd)) and re"o#i)e te rso #o% %i)e

!o reso)ve te a""ess denied error wi)e doin3 te 3resu)t'

1' Oen a "#d

1' re+re3ister te userenv'd))

Re3svr&2 /n /I "Hwinntsste#&2userenv'd))

2' C( "Hwindowssste#&2w$e#

&' o%"o# s"erso'#o%

' 9udate /%or"e

4' 9resu)t

Now ou a$)e to run te 3resu)t witout error and even server re$oot not required %or tis ro"edure

+. What is the co''and to find out site na'e for iven D"

ds5uery server ,D"01 7site

do#ain "ontro))er na#e T NF(C018. "o''and to find all D"s in the iven site

Co##and to %ind a)) te (o#ain Contro))ers in te Z(e%au)t+?irst+Site+Na#eV site

ds5uery server 7o rdn 7site Default7ist

C)ient #a"ine a)was send re"ursive quer to te (NS server, i% te (NS server does not ave te requested in%or#ation, (NS server send te

iterative quer to te oter na#e server .trou3 %orwarders or se"ondar (NS server unti) it 3ets te in%or#ation, or unti) te na#e quer %ai)s'

Windows Server 2008 B"tive (ire"tor Interview Xuestions Part 1

OC!OGER 20, 201114 COEN!S

C)i"7


14/39

o$De"ts, in")udin3 rinters, sared %o)ders, user a""ounts, 3rous, and "o#uters' Windows 2000 Server "o#uters tat ave a "o o% te B"tive

(ire"tor data store, and tat run B"tive (ire"tor are "a))ed domain controllers' In a Windows 2008 do#ain, a read/write "o o% te B"tive (ire"tor

data store is si"a)) )o"ated on ea" do#ain "ontro))er in te do#ain'

F. What are the hysical co'onents of active directory

4oical "o'onents of ctive Directory

In "reatin3 te ierar"i"a) data$ase stru"ture o% B"tive (ire"tor, i"roso%t %a"i)itated )o"atin3 resour"es su" as %o)ders and rinters $ na#e rater

tan $ si"a) )o"ation' !ese loical buildin bloc-s include do'ains> trees> forests> and &As. !e si"a) )o"ation o% o$De"ts witin B"tive

(ire"tor is reresented $ in")udin3 a)) o$De"ts in a 3iven )o"ation in its own site' Ge"ause a do#ain is te $asi" unit on wi" B"tive (ire"tor is $ui)t,

te do#ain is introdu"ed %irst %o))owed $ trees and %orests .in wi" do#ains are )o"ated and ten OUs, wi" are "ontainers )o"ated witin a do#ain

Do'ain

B domain is a )o3i"a) 3rouin3 o% networ7ed "o#uters in wi" one or #ore o% te "o#uters as one or #ore sared resour"es, su" as a sared

%o)der or a sared rinter, and in wi" a)) o% te "o#uters sare a "o##on "entra) do#ain dire"tor data$ase tat "ontains user a""ount se"urit

in%or#ation' One distin"t advanta3e o% usin3 a do#ain, arti"u)ar) on a )ar3e networ7, is tat ad#inistration o% user a""ount se"urit %or te entire

networ7 "an $e #ana3ed %ro# a "entra)i;ed )o"ation' In a do#ain, a user as on) one user a""ount, wi" is stored in te do#ain dire"tor data$ase'

!is user a""ount ena$)es te user to a""ess sared resour"es .tat te user as er#issions to a""ess )o"ated on an "o#uter in te do#ain

B"tive (ire"tor do#ains "an o)d #i))ions o% o$De"ts, as oosed to te Windows N! do#ain stru"ture, wi" was )i#ited to aro>i#ate) 0,000

o$De"ts' Bs in revious versions o% B"tive (ire"tor, te B"tive (ire"tor data$ase %i)e .ntds'dit de%ines te do#ain' Ea" do#ain as its own ntds'dit %i)e

wi" is stored on .and re)i"ated a#on3 a)) do#ain "ontro))ers $ a ro"ess "a))ed multimaster replication' !e do#ain "ontro))ers #ana3e te

"on%i3uration o% do#ain se"urit and store te dire"tor servi"es data$ase' !is arran3e#ent er#its "entra) ad#inistration o% do#ain a""ount

rivi)e3es, se"urit, and networ7 resour"es' Networ7ed devi"es and users $e)on3in3 to a do#ain va)idate wit a do#ain "ontro))er at startu' B))"o#uters tat re%er to a se"i%i" set o% do#ain "ontro))ers #a7e u te do#ain' In addition, 3rou a""ounts su" as 3)o$a) 3rous and do#ain )o"a)

3rous are de%ined on a do#ain+wide $asis'

rees

B tree is a 3rou o% do#ains tat sares a "onti3uous na#esa"e' In oter words, a tree "onsists o% a arent do#ain )us one or #ore sets o% "i)d

do#ains wose na#e re%)e"ts tat o% a arent' ?or e>a#)e, a arent do#ain na#ed e>a#"ra#'"o# "an in")ude "i)d do#ains wit na#es su" as

rodu"ts'e>a#"ra#'"o#, sa)es'e>a#"ra#'"o#, and #anu%a"turin3'e>a#"ra#'"o#' ?urter#ore, te tree stru"ture "an "ontain 3rand"i)d do#ains

su" as a#eri"a'sa)es'e>a#"ra#'"o# or euroe'sa)es'e>a#"ra#'"o#, and so on, as sown in ?i3ure 1+2' B do#ain "a))ed que'"o# wou)d not $e)on3

to te sa#e tree' ?o))owin3 te inverted tree "on"et ori3inated $ '400, te tree is stru"tured wit te arent do#ain at te to and "i)d do#ains

$eneat it' B)) do#ains in a tree are )in7ed wit two+wa, transitive trust re)ationsis in oter words, a""ounts in an one do#ain "an a""ess resour"es

in anoter do#ain and vi"e versa'


15/39

&ranizational Anit

Bn or3ani;ationa) unit .OU is a "ontainer used to or3ani;e o$De"ts witin one do#ain into )o3i"a) ad#inistrative 3rous' Bn OU "an "ontain o$De"ts su"

as user a""ounts, 3rous, "o#uters, rinters, a)i"ations, sared %o)ders, and oter OUs %ro# te sa#e do#ain' OUs are reresented $ a %o)der i"on

wit a $oo7 inside' !e (o#ain Contro))ers OU is "reated $ de%au)t wen B"tive (ire"tor is insta))ed to o)d new i"roso%t Windows Server 200&

do#ain "ontro))ers' OUs "an $e added to oter OUs to %or# a ierar"i"a) stru"ture tis ro"ess is 7nown as nestin3 OUs' Ea" do#ain as its own OU

stru"tureAte OU stru"ture witin a do#ain is indeendent o% te OU stru"tures o% oter do#ains'

!ere are tree reasons %or de%inin3 an OUH

!o de)e3ate ad#inistration @ In te Windows Server 200& oeratin3 sste#, ou "an de)e3ate ad#inistration %or te "ontents o% an OU .a))

users, "o#uters, or resour"e o$De"ts in te OU $ 3rantin3 ad#inistrators se"i%i" er#issions %or an OU on te OU6s a""ess "ontro) )ist'

!o ad#inister 9rou Po)i"

!o ide o$De"t

/hysical "o'onents of ctive Directory

!ere are two si"a) "o#onents o% B"tive (ire"torH

(o#ain Contro))ers

Sites

Do'ain "ontrollers

Bn server on wi" ou ave insta))ed B"tive (ire"tor is a domain controller' !ese servers autenti"ate a)) users )o33in3 on to te do#ain in wi"

te are )o"ated, and te a)so serve as "enters %ro# wi" ou "an ad#inister B"tive (ire"tor in Windows Server 2008' B do#ain "ontro))er stores a

"o#)ete "o o% a)) o$De"ts "ontained witin te do#ain, )us te s"e#a and "on%i3uration in%or#ation re)evant to te %orest in wi" te do#ain is

)o"ated' Un)i7e Windows N!, tere are no ri#ar or $a"7u do#ain "ontro))ers' Si#i)ar to Windows 2000 and Windows Server 200&, a)) do#ain

"ontro))ers o)d a #aster, edita$)e "o o% te B"tive (ire"tor data$ase'

Ever do#ain #ust ave at )east one (C' B do#ain #a ave #ore tan one (C avin3 #ore tan one (C rovides te %o))owin3 $ene%itsH


16/39

&b?ect

Bn object is an se"i%i" ite# tat "an $e "ata)o3ed in B"tive (ire"tor' E>a#)eso% o$De"ts in")ude users, "o#uters, rinters, %o)ders, and %i)es' !ese

ite#s are")assi%ied $ a distin"t set o% "ara"teristi"s, 7nown asattributes' ?or e>a#)e, auser "an $e "ara"teri;ed $ te userna#e, %u)) na#e,

te)eone nu#$er, e#ai)address, and so on' Note tat, in 3enera), o$De"ts in te sa#e "ontainer ave tesa#e tes o% attri$utes $ut are

"ara"teri;ed $ di%%erent va)ues o% tese attri$utes'!e B"tive (ire"tor s"e#a de%ines te e>tent o% attri$utes tat "an $ese"i%ied %or an o$De"t'

"lasses

!e B"tive (ire"tor servi"e, in turn, ")assi%ies o$De"ts into classes' !ese ")assesare )o3i"a) 3rouin3s o% si#i)ar o$De"ts, su" as users' Ea" ")ass is a

series o%attri$utes tat de%ine te "ara"teristi"s o% te o$De"t'

!che'as

!e schema is a set o% ru)es tat de%ine te ")asses o% o$De"ts and teir attri$utes tat "an $e "reated in B"tive (ire"tor' It de%ines wat attri$utes "an

$e e)d $ o$De"ts o% various tes, wi" o% te various ")asses "an e>ist, and wat o$De"t ")ass "an $e a arent o% te "urrent o$De"t ")ass' ?or

e>a#)e, te User ")ass "an "ontain user a""ount o$De"ts and ossess attri$utes su" as assword, 3rou #e#$ersi, o#e %o)der, and so on'

Wen ou %irst insta)) B"tive (ire"tor on a server, a de%au)t s"e#a is "reated, "ontainin3 de%initions o% "o##on) used o$De"ts and roerties su" as

users, "o#uters, and 3rous' !is de%au)t s"e#a a)so "ontains de%initions o% o$De"ts and roerties needed %or te %un"tionin3 o% B"tive (ire"tor'

lobal catalo

B global catalog server is a do#ain "ontro))er tat as an additiona) dutAit #aintains a 3)o$a) "ata)o3' B 3)o$a) "ata)o3 is a #aster, sear"a$)e

data$ase tat "ontains in%or#ation a$out ever o$De"t in ever do#ain in a %orest' !e 3)o$a) "ata)o3 "ontains a "o#)ete re)i"a o% a)) o$De"ts in B"tive

(ire"tor %or its ost do#ain, and "ontains a artia) re)i"a o% a)) o$De"ts in B"tive (ire"tor %or ever oter do#ain in te %orest'

B 3)o$a) "ata)o3 server er%or#s two i#ortant %un"tionsH

Provides 3rou #e#$ersi in%or#ation durin3 )o3on and autenti"ation

"an3e '0 and 4'x")ients, is suorted $ B"tive (ire"tor to rovide "o#ati$i)it wit te E>"an3e

dire"tor'

F. =ini'u' re5uire'ent to install Win 2008 D

1' Bn N!?S artition wit enou3 %ree sa"e

2' Bn Bd#inistrator6s userna#e and assword

&' !e "orre"t oeratin3 sste# version

' B NIC

4' Proer) "on%i3ured !CP/IP .IP address, su$net #as7 and @ otiona) @ de%au)t 3atewa

5' B networ7 "onne"tion .to a u$ or to anoter "o#uter via a "rossover "a$)e

' Bn oerationa) (NS server .wi" "an $e insta))ed on te (C itse)%

8' B (o#ain na#e tat ou want to use

F. How do you verify whether the D installation is roer

1' (e%au)t "ontainersH !ese are "reated auto#ati"a)) wen te %irst do#ain is "reated' Oen ctive Directory Asers and "o'uters, and

ten veri% tat te %o))owin3 "ontainers are resentH "o'uters, Asers, andisten"e in te LSste#rootLNtds %o)der'

4' 9)o$a) "ata)o3 serverH !e %irst do#ain "ontro))er $e"o#es a 3)o$a) "ata)o3 server, $ de%au)t' !o veri% tis ite#H

a' C)i"7 !tart, oint to /rora's, ")i"7 d'inistrative ools, and ten ")i"7 ctive Directory !ites and !ervices'

$' (ou$)e+")i"7 !itesto e>and it, e>and !ervers, and ten se)e"t our do#ain "ontro))er'

"' (ou$)e+")i"7 te do#ain "ontro))er to e>and te server "ontents'

d' Ge)ow te server, an ,D! !ettinso$De"t is dis)aed' Ri3t+")i"7 te o$De"t, and ten ")i"7 /roerties'

e' On te eneralta$, ou "an o$serve a 3)o$a) "ata)o3 "e"7 $o>, wi" sou)d $e se)e"ted, $ de%au)t'

$oot do'ainH !e %orest root is "reated wen te %irst do#ain "ontro))er is insta))ed' :eri% our "o#uter networ7 identi%i"ation in =y "o'uter' !e

(o#ain Na#e Sste# .(NS su%%i> o% our "o#uter sou)d #at" te do#ain na#e tat te do#ain "ontro))er $e)on3s to' B)so, ensure tat our


17/39

"o#uter re3isters te roer "o#uter ro)e' !o veri% tis ro)e, use te net accounts"o##and' !e "o#uter ro)e sou)d sa Zri#arV or Z$a"7uV

deendin3 on weter it is te %irst do#ain "ontro))er in te do#ain'

!hared syste' volu'eH B Windows 2000 do#ain "ontro))er sou)d ave a sared sste# vo)u#e )o"ated in te LSste#rootLSsvo)Ssvo) %o)der'

!o veri% tis ite#, use te net share"o##and' !e B"tive (ire"tor a)so "reates two standard o)i"ies durin3 te insta))ation ro"essH !e (e%au)t

(o#ain o)i" and te (e%au)t (o#ain Contro))ers o)i" .)o"ated in te LSste#rootLSsvo)(o#ainPo)i"ies %o)der' !ese o)i"ies are dis)aed as

te %o))owin3 3)o$a)) unique identi%iers .9UI(sH

^&1G2?&0+015(+11(2+M4?+00C0?GM8?M_ reresentin3 te (e%au)t (o#ain o)i"

^5BC185C+015?+11(2+M4?+00C0%GM8?M_ reresentin3 te (e%au)t (o#ain Contro))ers o)i"

!$V resource recordsFou #ust ave a (NS server insta))ed and "on%i3ured %or B"tive (ire"tor and te asso"iated ")ient so%tware to %un"tion

"orre"t)' i"roso%t re"o##ends tat ou use i"roso%t (NS server, wi" is su)ied wit Windows 2000 Server as our (NS server'


18/39

!e SFS:O %o)der is "riti"a) $e"ause it "ontains te do#ain6s u$)i" %i)es' !is dire"tor is sared out .as SFS:O, and an %i)es 7et in te SFS:O

%o)der are re)i"ated to a)) oter do#ain "ontro))ers in te do#ain usin3 te ?i)e Re)i"ation Servi"e .?RSAand es, tat6s i#ortant to 7now on te

e>a#'

he !!V&4 folder also contains the followin ite's

!e NE!O9ON sare, wi" is te )o"ation were do#ain )o3on requests are su$#itted %or ro"essin3, and were )o3on s"rits

"an $e stored %or ")ient ro"essin3 at )o3on ti#e'

Windows 9rou Po)i"ies

?RS %o)ders and %i)es tat #ust $e avai)a$)e and sn"roni;ed $etween do#ain "ontro))ers i% te ?RS is in use' (istri$uted ?i)e

Sste# .(?S, %or e>a#)e, uses te ?RS to 7ee sared data "onsistent $etween re)i"as'

Fou "an 3o to SFS:O %o)der $ tin3 H Lsste#rootL/ssvo) on (C'

F. ,a'e the D ,"s and relication issues for each ,"

YS"e#a NC, YCon%i3uration NC, Y (o#ain NC

!che'a ," !is NC is re)i"ated to ever oter do#ain "ontro))er in te %orest' It "ontains in%or#ation a$out te B"tive (ire"tor s"e#a, wi" in turn

de%ines te di%%erent o$De"t ")asses and attri$utes witin B"tive (ire"tor'

"onfiuration ,"B)so re)i"ated to ever oter (C in te %orest, tis NC "ontains %orest+wide "on%i3uration in%or#ation ertainin3 to te si"a)

)aout o% B"tive (ire"tor, as we)) as in%or#ation a$out dis)a se"i%iers and %orest+wide B"tive (ire"tor quotas'

Do'ain ," !is NC is re)i"ated to ever oter (C witin a sin3)e B"tive (ire"tor do#ain' !is is te NC tat "ontains te #ost "o##on)+a""essed

B"tive (ire"tor dataH te a"tua) users, 3rous, "o#uters, and oter o$De"ts tat reside witin a arti"u)ar B"tive (ire"tor do#ain'

F. What are alication artitions When do ; use the'

B1 B)i"ation (ire"tor Partition is a artition sa"e in B"tive (ire"tor wi" an a)i"ation "an use to store tat a)i"ation se"i%i" data' !isartition is ten re)i"ated on) to so#e se"i%i" do#ain "ontro))ers'

!e a)i"ation dire"tor artition "an "ontain an te o% data e>"et se"urit rin"i)es .users, "o#uters, 3rous'

YYB2 !ese are se"i%i" to Windows Server 200& do#ains'

Bn a)i"ation dire"tor artition is a dire"tor artition tat is re)i"ated on) to se"i%i" do#ain "ontro))ers' B do#ain "ontro))er tat arti"iates in te

re)i"ation o% a arti"u)ar a)i"ation dire"tor artition osts a re)i"a o% tat artition' On) do#ain "ontro))ers runnin3 Windows Server 200& "an ost a

re)i"a o% an a)i"ation dire"tor artition'

F. How do you create a new alication artition

!e (nsC#d "o##and is used to "reate a new a)i"ation dire"tor artition' E>' to "reate a artition na#ed ZNewPartitionV on te do#ain "ontro))er

(C1'"ontoso'"o#, )o3 on to te do#ain "ontro))er and te %o))owin3 "o##and'

(nsC#d (C1/"reatedire"torartition NewPartition'"ontoso'"o#

F. How do you view relication roerties for D artitions and D"s

G usin3 re)i"ation #onitor

3o to start run te rel'on

F. What is the lobal "atalo

!e global catalog is te "entra) reositor o% in%or#ation a$out o$De"ts in a tree or %orest' G de%au)t, a 3)o$a) "ata)o3 is "reated auto#ati"a)) on te

initia) do#ain "ontro))er in te %irst do#ain in te %orest' B do#ain "ontro))er tat o)ds a "o o% te 3)o$a) "ata)o3 is "a))ed a global catalog server' Fou

"an desi3nate an do#ain "ontro))er in te %orest as a 3)o$a) "ata)o3 server' B"tive (ire"tor uses #u)ti#aster re)i"ation to re)i"ate te 3)o$a) "ata)o3

in%or#ation $etween 3)o$a) "ata)o3 servers in oter do#ains' It stores a %u)) re)i"a o% a)) o$De"t attri$utes in te dire"tor %or its ost do#ain and a artia)

re)i"a o% a)) o$De"t attri$utes "ontained in te dire"tor %or ever do#ain in te %orest' !e artia) re)i"a stores attri$utes #ost %requent) used in sear"

oerations .su" as a user6s %irst and )ast na#es, )o3on na#e, and so on' Bttri$utes are #ar7ed or un#ar7ed %or re)i"ation in te 3)o$a) "ata)o3 wen

te are de%ined in te B"tive (ire"tor s"e#a' O$De"t attri$utes re)i"ated to te 3)o$a) "ata)o3 inerit te sa#e er#issions as in sour"e do#ains,

ensurin3 tat data in te 3)o$a) "ata)o3 is se"ure'

Bnoter (e%inition o% 9)o$a) Cata)o3H

lobal "atalo !erver

B global catalog server is a do#ain "ontro))er tat as an additiona) dutAit #aintains a 3)o$a) "ata)o3' B 3)o$a) "ata)o3 is a #aster, sear"a$)e

data$ase tat "ontains in%or#ation a$out ever o$De"t in ever do#ain in a %orest' !e 3)o$a) "ata)o3 "ontains a "o#)ete re)i"a o% a)) o$De"ts in B"tive

(ire"tor %or its ost do#ain, and "ontains a artia) re)i"a o% a)) o$De"ts in B"tive (ire"tor %or ever oter do#ain in te %orest'

B 3)o$a) "ata)o3 server er%or#s two i#ortant %un"tionsH

Provides 3rou #e#$ersi in%or#ation durin3 )o3on and autenti"ation


19/39

!e B"tive (ire"tor s"e#a de%ines o$De"ts tat "an $e stored in B"tive (ire"tor' !e schema is a )ist o% de%initions tat deter#ines te 7inds o%

o$De"ts and te tes o% in%or#ation a$out tose o$De"ts tat "an $e stored in B"tive (ire"tor' Ge"ause te s"e#a de%initions te#se)ves are stored

as o$De"ts, te "an $e ad#inistered in te sa#e #anner as te rest o% te o$De"ts in B"tive (ire"tor' !e s"e#a is de%ined $ two tes o% o$De"tsH

s"e#a ")ass o$De"ts .a)so re%erred to as s"e#a ")asses and s"e#a attri$ute o$De"ts .a)so re%erred to as s"e#a attri$utes'

F. " and infrastructure 'aster should not be on sa'e server> why

Un)ess our do#ain "onsists o% on) one do#ain "ontro))er, the infrastructure 'aster should not be assined to a do'ain controller thatCs also a

lobal "atalo server' I% te in%rastru"ture #aster and 9)o$a) Cata)o3 are stored on te sa#e do#ain "ontro))er, te in%rastru"ture #aster wi)) not

%un"tion $e"ause it wi)) never %ind data tat is out o% date' I t tere%ore won6t ever re)i"ate "an3es to te oter do#ain "ontro))ers in te do#ain' !ere

are two e>"etionsH

I% a)) our do#ain "ontro))ers are 9)o$a) Cata)o3 servers, it won6t #atter $e"ause a)) servers wi)) ave te )atest "an3es to te

9)o$a) Cata)o3'

I% ou are i#)e#entin3 a sin3)e B"tive (ire"tor do#ain, no oter do#ains e>ist in te %orest to 7ee tra"7 o%, so in e%%e"t, te

in%rastru"ture #aster is out o% a Do$

F. Why not 'a-e all D"s in a lare forest as "s

Wen a)) te (C $e"o#e a 9C re)i"ation tra%% i" wi)) 3et in"reased and we "ou)d not 7ee te In%rastru"ture #aster and 9C on te sa#e do#ain ,so

at)ease one d" sou)d $e a"t witout o)din3 te 9C ro)e '

F. ryin to loo- at the !che'a> how can ; do that

Re3ister te s"##3#t'd)) wit te "o##and re3svr&2

F. What are the !uort ools Why do ; need the'

Suort !oo)s are te too)s tat are used %or er%or#in3 te "o#)i"ated tas7s easi)' !ese "an a)so $e te tird art too)s' So#e o% te Suort too)sin")ude (e$u3:iewer, (eenden":iewer, Re3istronitor, et"'

F. What is 4D/ What is $*/4=&, What is D!;*D; What is ,*D&= What is$*/D=;,

4D/@ a$e) (istri$ution Proto"o) .(P is o%ten used to esta$)is PS SPs wen tra%%i" en3ineerin3 is not required' It esta$)ises SPs tat %o))ow

te e>istin3 IP routin3, and is arti"u)ar) we)) suited %or esta$)isin3 a %u)) #es o% SPs $etween a)) o% te routers on te networ7'

$el'on@ Re)#on dis)as in%or#ation a$out B"tive (ire"tor Re)i"ation'

D!;*D;@ B(SIEdit is a i"roso%t ana3e#ent Conso)e .C sna+in tat a"ts as a )ow+)eve) editor %or B"tive (ire"tor' It is a 9rai"a) User

Inter%a"e .9UI too)' Networ7 ad#inistrators "an use it %or "o##on ad#inistrative tas7s su" as addin3, de)etin3, and #ovin3 o$De"ts wit a dire"tor

servi"e' !e attri$utes %or ea" o$De"t "an $e edited or de)eted $ usin3 tis too)' B(SIEdit uses te B(SI a)i"ation ro3ra##in3 inter%a"es .BPIs to

a""ess B"tive (ire"tor' !e %o))owin3 are te required %i)es %or usin3 tis too)H B(SIE(I!'( B(SIE(I!'SC

,*D&= + NE!(O is a "o##and+)ine too) tat a))ows #ana3e#ent o% Windows do#ains and trust re)ationsis' It is used %or $at" #ana3e#ent o%trusts, Doinin3 "o#uters to do#ains, veri%in3 trusts, and se"ure "anne)s'

$*/D=;,@ REPB(IN is a $ui)t+in Windows dia3nosti" "o##and+)ine uti)it tat wor7s at te B"tive (ire"tor )eve)' B)tou3 se"i%i" to Windows, it

is a)so use%u) %or dia3nosin3 so#e E>"an3e re)i"ation ro$)e#s, sin"e E>"an3e Server is B"tive (ire"tor $ased' REPB(IN doesn6t a"tua)) %i>

re)i"ation ro$)e#s %or ou' Gut, ou "an use it to e) deter#ine te sour"e o% a #a)%un"tion'

F. What are the ,a'in "onventions used in D

Witin B"tive (ire"tor, ea" o$De"t as a na#e' Wen ou "reate an o$De"t in B"tive (ire"tor, su" as a user or a "o#uter, ou assi3n te o$De"t a

na#e' !is na#e #ust $e unique witin te do#ainAou "an6t assi3n an o$De"t te sa#e na#e as an oter o$De"t .re3ard)ess o% its te in tat

do#ain'

Bt te sa#e ti#e tat ou "reate an o$De"t, not on) do ou assi3n a na#e to te o$De"t, $ut B"tive (ire"tor a)so assi3ns identi%iers to te o$De"t' B"tive

(ire"tor assi3ns ever o$De"t a 3)o$a)) unique identi%ier .9UI(, and assi3ns #an o$De"ts a se"urit identi%ier .SI(' B !"#D is ti"a)) a &2+di3it

e>ade"i#a) nu#$er tat unique) identi%ies an o$De"t witin B"tive (ire"tor' B $#D is a unique nu#$er "reated $ te Windows 2000 Se"urit

su$sste# tat is assi3ned on) to security principal objects .users, 3rous, and "o#uters wen te are "reated'Windows 2000 uses SI(s to 3rant or

den a se"urit rin"ia) o$De"t a""ess to oter o$De"ts and networ7 resour"es'

B"tive (ire"tor uses a ierar"i"a) na#in3 "onvention tat is $ased on i3twei3t (ire"tor B""ess Proto"o) .(BP and (NS standards'

&b?ects in ctive Directory can be referenced by usin one of three ctive Directory na'e tyes

Re)ative distin3uised na#e .R(N

(istin3uised na#e .(N

User rin"ia) na#e .UPN

relative distinguished name.R(N is te na#e tat is assi3ned to te o$De"t $ te ad#inistrator wen te o$De"t is "reated' ?or e>a#)e, wen

I "reate a user na#ed B)anC, te R(N o% tat user is B)anC' !e R(N on) identi%ies an o$De"tAit doesn6t identi% te o$De"t6s )o"ation witin B"tive

(ire"tor' !e R(N is te si#)est o% te tree B"tive (ire"tor na#e tes, and is so#eti#es "a))ed te "o##on na#e o% te o$De"t'


20/39

distinguished name (D,) "onsists o% an o$De"t6s R(N, )us te o$De"t6s )o"ation in B"tive (ire"tor' !e (N su)ies te "o#)ete at to te o$De"t'

Bn o$De"t6s (N in")udes its R(N, te na#e o% te or3ani;ationa) unit.s tat "ontains te o$De"t .i% an, and te ?X(N o% te do#ain' ?or e>a#)e,

suose tat I "reate a user na#ed B)anC in an or3ani;ationa) unit "a))ed US in a do#ain na#ed E>ortsin"'"o#' !e (N o% tis user wou)d

$eHB)anC`US'E>ortsin"'"o#

user principal name (A/,)is a sortened version o% te (N tat is ti"a)) used %or )o3on and e+#ai) uroses' B UPN "onsists o% te R(N )us te

?X(N o% te do#ain' Usin3 # revious e>a#)e, te UPN %or te user na#ed B)anC wou)d $eH B)anC`E>ortsin"'"o#

Bnoter wa ou "an tin7 o% a UPN is as a (N stried o% a)) or3ani;ationa) unit re%eren"es'

F. What are sites What are they used for

B site "onsists o% one or #ore !CP/IP su$nets, wi" are se"i%ied $ an ad#inistrator' Bdditiona)), i% a site "ontains #ore tan one su$net, te su$nets

sou)d $e "onne"ted $ i3+seed, re)ia$)e )in7s' Sites do not "orresond to do#ainsHFou "an ave two or #ore sites witin a sin3)e do#ain, or ou

"an ave #u)ti)e do#ains in a sin3)e site'B site is so)e) a 3rouin3 $ased on IP addresses' ?i3ure 2+ sows two sites "onne"ted $ a s)ow WBN )in7'

!e urose o% sites is to ena$)e servers tat re3u)ar) "o data to oter servers .su" as B"tive (ire"tor re)i"ation data to distin3uis $etweenservers in teir own site .wi" are "onne"ted $ i3+seed )in7s and servers in anoter site .wi" are "onne"ted $ s)ower+seed WBN )in7s'

Re)i"ation $etween do#ain "ontro))ers in te sa#e site is %ast, and ti"a)) ad#inistrators "an er#it Windows 2000 to auto#ati"a)) er%or# tis tas7'

Re)i"ation $etween a do#ain "ontro))er in one site and do#ain "ontro))ers in oter sites is s)ower .$e"ause it ta7es )a"e over a s)ow WBN )in7 and

o%ten sou)d $e s"edu)ed $ te ad#inistrator so tat use o% networ7 $andwidt %or re)i"ation is #ini#i;ed durin3 te networ76s ea7+a"tivit ours'

Sites and B"tive (ire"tor re)i"ation "an $e "on%i3ured $ usin3 B"tive (ire"tor Sites and Servi"es'

Ases of site

Sites are ri#ari) used to "ontro) re)i"ation tra%%i"' (o#ain "ontro))ers witin a site are rett #u" %ree to re)i"ate "an3es to te B"tive (ire"tor

data$ase wenever "an3es are #ade' (o#ain "ontro))ers in di%%erent sites "o#ress te re)i"ation tra%%i" and oerate $ased on a de%ined s"edu)e,

$ot o% wi" are intended to "ut down on networ7 tra%%i"'

ore se"i%i"a)), sites are used to "ontro) te %o))owin3H

Wor7station )o3on tra%%i"

Re)i"ation tra%%i"

(istri$uted ?i)e Sste# .(?S

WhatCs the difference between a site lin-Cs schedule and interval

Site in7 is a si"a) "onne"tion o$De"t on wi" te re)i"ation transort #e"anis# deends on' Gasi"a)) to sea7 it is te te o% "o##uni"ation

#e"anis# used to trans%er te data $etween di%%erent sites' Site in7 S"edu)e is notin3 $ut wen te re)i"ation ro"ess as to $e ta7es )a"e and

te interva) is notin3 $ut ow #an ti#es te re)i"ation as to $e ta7es )a"e in a 3ive ti#e eriod i'e Site in7 S"edu)e'

F. What is relication How it occurs in D What is G"" and ;!

Ea" do#ain "ontro))er stores a "o#)ete "o o% a)) B"tive do#ain "ontro))ers in te sa#e do#ain' (o#ain "ontro))ers in a do#ain auto#ati"a))

re)i"ate dire"tor in%or#ation %or a)) o$De"ts in te do#ain to ea" oter' Wen ou er%or# an a"tion tat "auses an udate to B"tive (ire"tor, ou are

a"tua)) #a7in3 te "an3e at one o% te do#ain "ontro))ers' !at do#ain "ontro))er ten re)i"ates te "an3e to a)) oter do#ain "ontro))ers witin te

do#ain' Fou "an "ontro) re)i"ation o% tra%%i" $etween do#ain "ontro))ers in te networ7 $ se"i%in3 ow o%ten re)i"ation o""urs and te a#ount o%

data tat ea" do#ain "ontro))er re)i"ates at one ti#e' (o#ain "ontro))ers i##ediate) re)i"ate "ertain i#ortant udates, su" as te disa$)in3 o% a

user a""ount'

B"tive (ire"tor uses #u)ti#aster re)i"ation, in wi" no one do#ain "ontro))er is te #aster do#ain "ontro))er' Instead, a)) do#ain "ontro))ers witin a

do#ain are eers, and ea" do#ain "ontro))er "ontains a "o o% te dire"tor data$ase tat "an $e written to' (o#ain "ontro))ers "an o)d di%%erent

in%or#ation %or sort eriods o% ti#e unti) a)) do#ain "ontro))ers ave sn"roni;ed "an3es to B"tive (ire"tor'

B)tou3 B"tive (ire"tor suorts #u)ti#aster re)i"ation, so#e "an3es are i#ra"ti"a) to er%or# in #u)ti#aster %asion' One or #ore do#ain

"ontro))ers "an $e assi3ned to er%or# sin3)e+#aster re)i"ation .oerations not er#itted to o""ur at di%%erent )a"es in a networ7 at te sa#e

ti#e' %perations master roles are se"ia) ro)es assi3ned to one or #ore do#ain "ontro))ers in a do#ain to er%or# sin3)e+#aster re)i"ation'

(o#ain "ontro))ers dete"t "o))isions, wi" "an o""ur wen an attri$ute is #odi%ied on a do#ain "ontro))er $e%ore a "an3e to te sa#e attri$ute on

anoter do#ain "ontro))er is "o#)ete) roa3ated' Co))isions are dete"ted $ "o#arin3 ea" attri$ute6s roert version nu#$er, a nu#$er se"i%i" to
mailto:[email protected]:[email protected]://winadmins.files.wordpress.com/2011/10/clip_image0023.jpgmailto:[email protected]


21/39

an attri$ute tat is initia)i;ed uon "reation o% te attri$ute' B"tive (ire"tor reso)ves te "o))ision $ re)i"atin3 te "an3ed attri$ute wit te i3er

roert version nu#$er'

F. What can you do to ro'ote a server to D" if youCre in a re'ote location with slow W,lin-

Insta)) %ro# ediaIn Windows Server 200& a new %eature as $een added, and tis ti#e it6s one tat wi)) a"tua)) #a7e our )ives easier Fou "an

ro#ote a do#ain "ontro))er usin3 %i)es $a"7ed u %ro# a sour"e do#ain "ontro))er

!is %eature is "a))ed ZInsta)) %ro# ediaV and it6s avai)a$)e $ runnin3 (CPROO wit te /adv swit"' It6s not a re)a"e#ent %or networ7 re)i"ation, we

sti)) need networ7 "onne"tivit, $ut now we "an use an o)d Sste# State "o %ro# anoter Windows Server 200&, "o it to our %uture (C, and ave te

%irst and $asi" re)i"ation ta7e )a"e %ro# te #edia, instead o% a"ross te networ7, tis savin3 va)ua$)e ti#e and networ7 resour"es'

Wat ou $asi"a)) ave to do is to $a"7 u te sste#s data o% an e>istin3 do#ain "ontro))er, restore tat $a"7u to our re)i"a "andidate, use

(CPro#o /Bdv to te)) it to sour"e %ro# )o"a) #edia, rater tan a networ7 sour"e'

!is a)so wor7s %or 3)o$a) "ata)o3s' I% we er%or# a $a"7u o% a 3)o$a) "ata)o3 server, ten we "an "reate a new 3)o$a) "ata)o3 server $ er%or#in3

(CPro#o %ro# tat restored #edia'

#&' (imitations

It on) wor7s %or te sa#e do#ain, so ou "annot $a"7 u a do#ain "ontro))er in do#ain B and "reate a new do#ain G usin3 tat #edia'

It6s on) use%u) u to te to#$stone )i%eti#e wit a de%au)t o% 50 das' So i% ou ave an o)d $a"7u, ten ou "annot "reate a new do#ain "ontro))er

usin3 tat, $e"ause ou6)) run into te ro$)e# o% reani#atin3 de)eted o$De"ts'

F. How can you forcibly re'ove D fro' a server> and what do you do later

De'otin Windows !erver 2003 D"s(CPROO .B"tive (ire"tor Insta))ation Wi;ard is a to33)e swit", wi" a))ows ou to eiter insta)) or re#ove

B"tive (ire"tor (Cs' !o %or"i$) de#ote a Windows Server 200& (C, run te %o))owin3 "o##and eiter at te Start, Run, or at te "o##and ro#tH

d"ro#o /%or"ere#ova)

Note:I% ou6re runnin3 Certi%i"ate Servi"es on te (C, ou #ust %irst re#ove Certi%i"ate Servi"es $e%ore "ontinuin3' I% ou se"i% te /%or"ere#ova)

swit" on a server tat doesn6t ave B"tive (ire"tor insta))ed, te swit" is i3nored and te wi;ard retends tat ou want to insta)) B"tive (ire"tor on

tat server'

On"e te wi;ard starts, ou wi)) $e ro#ted %or te Bd#inistrator assword tat ou want to assi3n to te )o"a) ad#inistrator in te SB data$ase' I%

ou ave Windows Server 200& Servi"e Pa"7 1 insta))ed on te (C, ou6)) $ene%it %ro# a %ew enan"e#ents' !e wi;ard wi)) auto#ati"a)) run "ertain

"e"7s and wi)) ro#t ou to ta7e aroriate a"tions' ?or e>a#)e, i% te (C is a 9)o$a) Cata)o3 server or a (NS server, ou wi)) $e ro#ted' Fou

wi)) a)so $e ro#ted to ta7e an a"tion i% our (C is ostin3 an o% te oerations #aster ro)es'

De'otin Windows 2000 D"sH On a Windows 2000 do#ain "ontro))er, %or"ed de#otion is suorted wit Servi"e Pa"7 2 and )ater' !e rest o% te

ro"edure is si#i)ar to te ro"edure I des"ri$ed %or Windows Server 200&' Just #a7e sure tat wi)e runnin3 te wi;ard, ou ")ear te Z!is server is

te )ast do#ain "ontro))er in te do#ainV "e"7 $o>' On Windows 2000 Servers ou won6t $ene%it %ro# te enan"e#ents in Windows Server 200& SP1,so i% te (C ou are de#otin3 is a 9)o$a) Cata)o3 server, ou #a ave to #anua)) ro#ote so#e oter (C to a 9)o$a) Cata)o3 server'

"leanin the =etadata on a !urvivin D" On"e ou6ve su""ess%u)) de#oted te (C, our Do$ is not quite done et' Now ou #ust ")ean u te

B"tive (ire"tor #etadata' Fou #a $e wonderin3 w I need to ")ean te #etadata #anua))' !e #etadata %or te de#oted (C is not de)eted %ro# te

survivin3 (Cs $e"ause ou %or"ed te de#otion' Wen ou %or"e a de#otion, B"tive (ire"tor $asi"a)) i3nores oter (Cs and does its own tin3'

Ge"ause te oter (Cs are not aware tat ou re#oved te de#oted (C %ro# te do#ain, te re%eren"es to te de#oted (C need to $e re#oved %ro#

te do#ain'

B)tou3 B"tive (ire"tor as #ade nu#erous i#rove#ents over te ears, one o% te $i33est "riti"is#s o% B"tive (ire"tor is tat it doesn6t ")ean u

te #ess ver we))' !is is o$vious in #ost "ases $ut, in oter "ases, ou won6t 7now it un)ess ou start di33in3 dee into B"tive (ire"tor data$ase'

!o ")ean u te #etadata ou use N!(SU!I' !e %o))owin3 ro"edure des"ri$es ow to ")ean u #etadata on a Windows Server 200& SP1' B""ordin3

to i"roso%t, te version o% N!(SU!I in SP1 as $een enan"ed "onsidera$) and does a #u" $etter Do$ o% ")ean+u, wi" o$vious) #eans tat te

ear)ier versions didn6t do a ver 3ood Do$' ?or Windows 2000 (Cs, ou #i3t want to "e"7 out i"roso%t now)ed3e Gase arti")e )*+-, Z


22/39

M' !e se)e"t do#ain nu#$er, were nu#$er is te nu#$er asso"iated wit te do#ain o% our server

10' !e )ist sites'

11' !e se)e"t site nu#$er, were nu#$er is te nu#$er asso"iated wit te site o% our server'

12' !e )ist servers in site'

1&' !e se)e"t server nu#$er, were nu#$er is te nu#$er asso"iated wit te server ou want to re#ove'

1' !e quit to 3o to etadata C)eanu ro#t'

14' !e re#ove se)e"ted server' Fou sou)d see a "on%ir#ation tat te re#ova) "o#)eted su""ess%u))'

15' !e quit to e>it ntdsuti)'

Fou #i3t a)so want to ")eanu (NS data$ase $ de)etin3 a)) (NS re"ords re)ated to te server'

In 3enera), ou wi)) ave $etter )u"7 usin3 %or"ed ro#otion on Windows Server 200&, $e"ause te na#in3 "onte>ts and oter o$De"ts don6t 3et ")eaned

as qui"7) on Windows 2000 9)o$a) Cata)o3 servers, ese"ia)) servers runnin3 Windows 2000 SP& or ear)ier' (ue to te nature o% %or"ed de#otion and

te %a"t tat it6s #eant to $e used on) as a )ast resort, tere are additiona) tin3s tat ou sou)d 7now a$out %or"ed de#otion'

Even a%ter ou6ve used N!(SU!I to ")ean te #etadata, ou #a sti)) need to do additiona) ")eanin3 #anua)) usin3 B(SIEdit or oter su" too)s

F. "an ; et user asswords fro' the D database

Bs o% # now)ed3e tere is no wa to e>tra"t te assword %ro# B( (ata$ase' G te wa tere is a too) "a))edcache du'' Usin3 it we "an e>tra"t

te "a"ed asswords %ro# Windows P #a"ine wi" is Doined to a (o#ain'

F. ,a'e so'e &A desin considerations.

(esi3n OU stru"ture $ased on B"tive (ire"tor $usiness require#ents

N! Resour"e do#ains #a %o)d u into OUs

Create nested OUs to ide o$De"ts

O$De"ts easi) #oved $etween OUs

(eart#ents , 9eo3rai" Re3ion, Jo$ ?un"tion, O$De"t !e

F. What is to'bstone lifeti'e attribute

!e nu#$er o% das $e%ore a de)eted o$De"t is re#oved %ro# te dire"tor servi"es' !is assists in re#ovin3 o$De"ts %ro# re)i"ated servers and

reventin3 restores %ro# reintrodu"in3 a de)eted o$De"t' !is va)ue is in te (ire"tor Servi"e o$De"t in te "on%i3uration NC'

F. How would you find all users that have not loed on since last 'onth

I% ou are usin3 windows 200& do#ain environ#ent, ten 3oto B"tive (ire"tor Users and Co#uters, se)e"t te Saved Xueries, ri3t ")i"7 it and se)e"t

new quer, ten usin3 te "usto# "o##on queries and de%ine quer tere is one wi" sows das sin"e )ast )o3on

F. What are the D! co''ands

D!'od @ #odi%B"tive(ire"torattri$utes

D!r'@ to de)ete B"tive (ire"tor o$De"ts

D!'ove + to re)o"ate o$De"ts

D!add@ "reatenewa""ounts

D!5uery+ to%indo$De"tstat#at"ourquerattri$utes

D!et+ )istteroertieso%ano$De"t

WhatCs the difference between 4D;ort o$De"ts to and %ro# te B( into a (I?+%or#atted %i)e' B (I? .(BP (ata

Inter"an3e ?or#at %i)e is a %i)e easi) reada$)e in an te>t editor owever it is not reada$)e in ro3ra#s )i7e E>"e)' !e #aDor di%%eren"e $etween

CS:(E and (I?(E .$esides te %i)e %or#at is te %a"t tat (I?(E "an $e used to edit and de)ete e>istin3 B( o$De"ts .not Dust users, wi)e CS:(E

"an on) i#ort and e>ort o$De"ts

What is D

!e (istri$uted ?i)e Sste# is used to $ui)d a ierar"i"a) view o% #u)ti)e %i)e servers and sares on te networ7' Instead o% avin3 to tin7 o% a se"i%i"

#a"ine na#e %or ea" set o% %i)es, te user wi)) on) ave to re#e#$er one na#e wi" wi)) $e te =7e6 to a ) ist o% sares %ound on #u)ti)e servers on

te networ7' !in7 o% it as te o#e o% a)) %i)e sares wit )in7s tat oint to one or #ore servers tat a"tua)) ost tose sares'

(?S as te "aa$i)it o% routin3 a ")ient to te ")osest avai)a$)e %i)e server $ usin3 B"tive (ire"tor site #etri"s' It "an a)so $e insta))ed on a ")uster %or

even $etter er%or#an"e and re)ia$i)it'

It is i#ortant to understand te new "on"ets tat are art o% (?S' Ge)ow is an de%inition o% ea" o% te#'

Dfs rootFou "an tin7 o% tis as a sare tat is visi$)e on te networ7, and in tis sare ou "an ave additiona) %i)es and %o)ders'
http://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_DSmod_DSrm.htm%23DSmod&sa=D&sntz=1&usg=AFQjCNHTzEyCTkQSs7I9zS0c0uLrZz7bHghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_DSmod_DSrm.htm%23DSmod&sa=D&sntz=1&usg=AFQjCNHTzEyCTkQSs7I9zS0c0uLrZz7bHghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_DSmod_DSrm.htm%23DSmod&sa=D&sntz=1&usg=AFQjCNHTzEyCTkQSs7I9zS0c0uLrZz7bHghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_DSmod_DSrm.htm%23DSmod&sa=D&sntz=1&usg=AFQjCNHTzEyCTkQSs7I9zS0c0uLrZz7bHghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_DSmod_DSrm.htm%23DSmod&sa=D&sntz=1&usg=AFQjCNHTzEyCTkQSs7I9zS0c0uLrZz7bHghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_DSmod_DSrm.htm%23DSmod&sa=D&sntz=1&usg=AFQjCNHTzEyCTkQSs7I9zS0c0uLrZz7bHghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_DSmod_DSrm.htm%23DSmod&sa=D&sntz=1&usg=AFQjCNHTzEyCTkQSs7I9zS0c0uLrZz7bHghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_DSmod_DSrm.htm%23DSmod&sa=D&sntz=1&usg=AFQjCNHTzEyCTkQSs7I9zS0c0uLrZz7bHghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_DSmod_DSrm.htm%23DSmod&sa=D&sntz=1&usg=AFQjCNHTzEyCTkQSs7I9zS0c0uLrZz7bHghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_DSmod_DSrm.htm%23DSmod&sa=D&sntz=1&usg=AFQjCNHTzEyCTkQSs7I9zS0c0uLrZz7bHghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_add_user.htm%23DSadd&sa=D&sntz=1&usg=AFQjCNElePGctlDIIAJPV3hvTb4Qkr-AuAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_add_user.htm%23DSadd&sa=D&sntz=1&usg=AFQjCNElePGctlDIIAJPV3hvTb4Qkr-AuAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_add_user.htm%23DSadd&sa=D&sntz=1&usg=AFQjCNElePGctlDIIAJPV3hvTb4Qkr-AuAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_add_user.htm%23DSadd&sa=D&sntz=1&usg=AFQjCNElePGctlDIIAJPV3hvTb4Qkr-AuAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_add_user.htm%23DSadd&sa=D&sntz=1&usg=AFQjCNElePGctlDIIAJPV3hvTb4Qkr-AuAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_add_user.htm%23DSadd&sa=D&sntz=1&usg=AFQjCNElePGctlDIIAJPV3hvTb4Qkr-AuAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_add_user.htm%23DSadd&sa=D&sntz=1&usg=AFQjCNElePGctlDIIAJPV3hvTb4Qkr-AuAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_add_user.htm%23DSadd&sa=D&sntz=1&usg=AFQjCNElePGctlDIIAJPV3hvTb4Qkr-AuAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_add_user.htm%23DSadd&sa=D&sntz=1&usg=AFQjCNElePGctlDIIAJPV3hvTb4Qkr-AuAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_DSmod_DSrm.htm%23DSmod&sa=D&sntz=1&usg=AFQjCNHTzEyCTkQSs7I9zS0c0uLrZz7bHghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_DSmod_DSrm.htm%23DSmod&sa=D&sntz=1&usg=AFQjCNHTzEyCTkQSs7I9zS0c0uLrZz7bHghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_DSmod_DSrm.htm%23DSmod&sa=D&sntz=1&usg=AFQjCNHTzEyCTkQSs7I9zS0c0uLrZz7bHghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_DSmod_DSrm.htm%23DSmod&sa=D&sntz=1&usg=AFQjCNHTzEyCTkQSs7I9zS0c0uLrZz7bHghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_DSmod_DSrm.htm%23DSmod&sa=D&sntz=1&usg=AFQjCNHTzEyCTkQSs7I9zS0c0uLrZz7bHghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_DSmod_DSrm.htm%23DSmod&sa=D&sntz=1&usg=AFQjCNHTzEyCTkQSs7I9zS0c0uLrZz7bHghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_add_user.htm%23DSadd&sa=D&sntz=1&usg=AFQjCNElePGctlDIIAJPV3hvTb4Qkr-AuAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_add_user.htm%23DSadd&sa=D&sntz=1&usg=AFQjCNElePGctlDIIAJPV3hvTb4Qkr-AuAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_add_user.htm%23DSadd&sa=D&sntz=1&usg=AFQjCNElePGctlDIIAJPV3hvTb4Qkr-AuAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_add_user.htm%23DSadd&sa=D&sntz=1&usg=AFQjCNElePGctlDIIAJPV3hvTb4Qkr-AuAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSadd_add_user.htm%23DSadd&sa=D&sntz=1&usg=AFQjCNElePGctlDIIAJPV3hvTb4Qkr-AuAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSquery.htm&sa=D&sntz=1&usg=AFQjCNGlyI1UEVMAcvdu5w0NcF1cVJenxAhttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lghttp://www.google.com/url?q=http%3A%2F%2Fwww.computerperformance.co.uk%2FLogon%2FDSGet.htm&sa=D&sntz=1&usg=AFQjCNGtCSh7I2S9UEQBHcb_kceV5pW5lg


23/39

Dfs lin-B )in7 is anoter sare so#ewere on te networ7 tat 3oes under te root' Wen a user oens tis )in7 te wi)) $e redire"ted to a sared

%o)der'

Dfs taret (or relica)!is "an $e re%erred to as eiter a root or a )in7' I% ou ave two identi"a) sares, nor#a)) stored on di%%erent servers, ou "an

3rou te# to3eter as (%s !ar3ets under te sa#e ) in7'

!e i#a3e $e)ow sows te a"tua) %o)der stru"ture o% wat te user sees wen usin3 (?S and )oad $a)an"in3'

!e a"tua) %o)der stru"ture o% (?S and )oad $a)an"in3

F. What are the tyes of relication in D

!ere are two tes o% re)i"ationH

Buto#ati" @ wi" is on) avai)a$)e %or (o#ain (?S

anua) @ wi" is avai)a$)e %or stand a)one, (?S and requires a)) %i)es to $e re)i"ated #anua))'

F. Which service is resonsible for relicatin files in !!V&4 folder

?i)e Re)i"ation Servi"e .?R

netdiag /test:dsgetdc /v

dcdiag /s: domaincontroller /test:fsmocheck

type repadmin /options +DISABLE_IB!"D_#E$L

netdiag /test:dns

dcdiag /s: domaincontroller /test:kno%sofroleholders /ver&ose

netdom comp'tername ('rrent(omp'terame /add:e%(omp'terame)* #ename "sing the etdom

(ommandline ,ool-

repadmin /sho%repsServerame/':Domainame."serame/p%:)0E#I12 S"(ESS1"LL #E$LI(A,I!-

34L5.S2S,E5.('rrent(ontrolSet.Services.etlogon.$arameters6)#ED"(E $D( 7!#4L!AD-

dcdiag /test:replications )to verify repliaton %orking-

34E2_L!(AL_5A(3IE.S2S,E5.('rrent(ontrolSet.Services.,DS.Diagnostics)gar&age collection entry-

net stop ntfrs

dcdiag /test:netlogons

netdom /filtersidstr'steddomain

d"dia3 /v''
http://winadmins.files.wordpress.com/2011/10/clip_image001.jpg


24/39

d"dia3 /v "HadQdia3't>t

d"dia3 /testH(NS /(NSB @ .#a ta7e a %ew #o#ents, $e atient

d"dia3 /testH(NS /(NSB /e /v "HadQdia3't>t

d"dia3 /testH("Pro#o /e /v "HadQdia3't>t

d"dia3 /testHRe3isterIn(NS "HadQdia3't>t

netdia3'e>e /v "HadQdia3't>t

nets d" sow server

nets d" sow server "HadQdia3't>t

read#in /sowres "HadQdia3't>t

read#in /re)su# /errorson)''

read#in /re)su# /errorson) "HadQdia3't>

Windows Server Health Checkup

20=$

Windows !erver Health "hec-u

"/A

O""asiona) i3 CPU si7es are o7 as )on3 as ou are aware o% te ro"ess "ausin3 tis' B server sou)d #aintain 80L CPU uti)i;ation

%or an e>tended eriod o% ti#e' I% it does it #a $e ti#e to u3rade' Its a 3ood idea to 7ee !as7 ana3er oen durin3 te duration o%

our trou$)esootin3 to see trends'

"hec- "/A Asae

1' Oen !as7 ana3er

2' Ce"7 te Pro"esses ta$, ensure tere are no ro"esses "onsu#in3 e>"essive CPU

&' Ce"7 te Per%or#an"e ta$, ensure tere are no sin3)e CPU6s tat ave e>"essive CPU usa3e

"hec- "/A HW

1' Oen (evi"e ana3er .ri3t ")i"7 "o#uter @ ana3e

2' Ensure tat no CPU6s ave red or e))ow underneat te Pro"essors

/rocesses

;n7Deth "hec-

SsInterna)sH

Co /rocess =onitor)o"a)), ten )aun" it'

1' Bna);e ea" ro"ess and wat" wat oerations oen te re3 7es, %i)e et"'

Co /rocess *6lorer)o"a)), ten )aun" it'1' Bna);e ea" ro"ess $ased uon te nu#$er o% treads, and)es, )oaded (6s, et"'

=e'ory

9enera) ru)e o% tu#$ is to #a7e sure te 3enera) #e#or uti)i;ation does not e>"eed 80Lwitin a 3iven eriod o% ti#e'

"hec- =e'ory vailability

1' Oen !as7 ana3er

2' Se)e"t te Per%or#an"e ta$

&' oo7 at te Psi"a) #e#or $o>, and #u)ti) te tota) #e#or $ '2

' I% te tota) avai)a$)e #e#or is )ess tan tis nu#$er ten te $o> is "urrent) uti)i;in3 #ore tan 80 er"ent o% te

#e#or'

"urrent utilization by rocess


25/39

1' Se)e"t te Pro"ess ta$

2' Ce"7 te =sow ro"esses %ro# a)) users6 $o> in te $otto# )e%t "orner

&' C)i"7 te "o)u#n eader =e# Usa3e6 to sort te ro"esses $ #e#or uti)i;ation, i3est to )owest' !is wi)) e) ou

deter#ine wat ro"esses are "urrent) uti)i;in3 te #e#or on te $o> and "an e) ou narrow our sear" %or #e#or intensive

ro"esses'

,etwor-

"hec- ,;" HW

1' :eri% $ot ends o% te networ7 "a$)e are se"ure) seated in te ort

2' On te $a"7 o% te server veri% ou ave a 3reen $)in7in3 )in7 )i3t on te NIC ort

&' :eri% NIC ")a#ation oint' !ese usua)) are )oo7ed u as te serve as redi"tive %uture

%ai)ure indi"ators, su" as dis7 sa"e runnin3 )ow, d" i address )ease renewa) %ai)ures, et"' *rrorNoted wit a red "ir")e i"on and =>6' !ese are indi"ations tat so#etin3 as %ai)ed outri3t and are a 3ood startin3

oint %or trou$)esootin3'

Wen )oo7in3 at event )o3s, use te in%or#ation to deter#ine te %o))owin3H

Is te in"ident tied to a arti"u)ar ti#e or outa3e in"ident[

Is tis a one+o%%, or as tis arti"u)ar error o""urred #u)ti)e ti#es in te ast[

(oes tis error aear on oter sste#s or is it unique to te sste# tat as %ai)ed[

!ervices


26/39

!rou$)esootin3 servi"es sou)d $e )i#ited to te se"i%i" tat is a%%e"ted $ te ro$)e# $ein3 trou$)esot' Ea" server wi)) ave

se"i%i" servi"es varin3 uon te tes o% a)i"ations runnin3' Fou sou)d do"u#ent ow our servers servi"es are "on%i3ured to and

"o#are tat to te server in question to see i% antin3 is not "on%i3ured "orre"t)'

"luster

Servers tat ost a)i"ations and servi"es tat require i3 avai)a$i)it sou)d $e ")ustered so tat i% one node %ai)s te oter "an i"7

u te wor7)oad' C)ustered servers need te sa#e te o% ea)t "e"7s as stand+a)one sste#s e>"et ou wi)) want to "e"7 on te

ea)t o% te ")uster'

"hec- "luster $esource !tatus

86 Oen C)uster Bd#inistratorH o3 onto server, se)e"t $tart@ /un@ "luadmin2' Ce"7 te Resour"es and ensure a)) are On)ine

&' I% C)uster Bd#inistrator does not oen, ensure tat te C)uster Servi"e is runnin3 on te node'

' C)uster resour"e status "an a)so $e "e"7ed %ro# a re#ote server' ?ro# a "o##and ro#t, Dust te @cluster res cluster

name1

"lient !ide Health

86 Ri3t ")i"7 on Co#uter, se)e"t 'anage2' Oen (evi"e ana3e

6 (ri)) down to $2$# and /A#D 2ontrollers, veri% tat te


27/39

I% no na#e sows u asso"iated wit te IP address, )o3 into te do#ain "ontro))er and "e"7 te (NS re"ords %or tis arti"u)ar

na#e/i address

86 ?ro# a (o#ain Contro))er 3o to start#Jrun#Jdns''t.'sc2' E>and te ?orward oo7u bones

&' E>and te ;one %or ou ri#ar ;one tat o)ds te re"ords %or te sste#/s ou are trou$)esootin3

:a)idate tat te re"ord e>ists' I% it does not e>ist #anua)) enter te re"ord na#e and IP address $ ri3t ")i"7in3 on tis sa#e ;one,

1' Se)e"t new ost .a2' Enter te na#e and IP address

6 Ce"7 te $o> ne>t to "reate associated ointer (/$) record;6 C)i"7 add Host

Bdditiona)) )o3 $a"7 into te node tat ou #anua)) entered te re"ord %or and ensure tat (NS is re3isterin3 in (NS

1' Ri3t ")i"7 on te Networ7 P)a"es i"on on te des7to and se)e"t Proerties

2' (ou$)e ")i"7 on te ri#ar adater

6 Se)e"t roerties;6


28/39

!uer scoe@ Essentia)) a "o))e"tion o% s"oes 3roued to3eter su" tat te "an $e ena$)ed and disa$)ed as a sin3)e entit'

What is uthorizin DH"/ !ervers in ctive Directory

I% a (a#)e, redu"in3 te nu#$er o% tas7s required o% networ7 ad#inistrators

Bnd inte3ration o% (NS and (


29/39

JWhat is ctive Directory

B"tive (ire"tor is a eta (ata' B"tive (ire"tor is a data $ase wi" stores a data $ase )i7e our user in%or#ation, "o#uter in%or#ation and a)so ote

networ7 o$De"t in%o' It as "aa$i)ities to #ana3e and ad#inister te "o#)ete Networ7 wi" "onne"t wit B('

JWhat is do'ain

Windows N! and Windows 2000, a do#ain is a set o% networ7 resour"es .a)i"ations, rinters, and so %ort %or a 3rou o% users' !e user needs on)

to )o3 in to te do#ain to 3ain a""ess to te resour"es, wi" #a $e )o"ated on a nu#$er o% di%%erent servers in te networ7' !e =do#ain6 is si#)

our "o#uter address not to "on

complete ad interview quetions

Documents