SlideShare a Scribd company logo

Windows sys admin interview questions

Download as DOCX, PDF
Student, profile picture
Student

This document contains questions about Windows Server 2003 Active Directory administration. It includes questions about Active Directory schema, domain and forest functional levels, global catalog servers, IPv6, default domain functional level, physical and logical components of Active Directory, renaming domains, multimaster replication, sites, removing Active Directory from a domain controller, creating a schema-containing console, trusts, the file responsible for the Active Directory database, Active Directory Domain Services 2008, the SYSVOL folder, new features in Windows Server 2008 Active Directory Domain Services including auditing, fine-grained password policies, read-only domain controllers, restartable AD DS, an AD DS database mounting tool, the global catalog, read-only domain controllers (RODCs

Internet
1 of 14
Downloaded 13 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
Windowssys admininterviewquestions 1. What isActive Directoryschema? 2. What are the domainfunctional levelinWindowsServer2003? 3. What are the forestfunctional levelinWindowsServer2003? 4. What isglobal catalogserver? 5. How we can raise domain functional &forestfunctional level inWindowsServer2003? 6. Whichis the deafultprotocol usedindirectoryservices? 7. What isIPv6? 8. What isthe defaultdomainfunctional level inWindowsServer2003? 9. What are the physical &logical componentsof ADS 10. In whichdomainfunctional level,we canrename domainname? 11. What ismultimasterreplication? 12. What isa site? 13. Whichis the commandusedto remove active directoryfromadomaincontroler? 14. How we can create console,whichcontainschema? 15. What istrust? 16. What isthe file that’sresponsible forkeepall ActiveDirectorydatabase?
What isActive DirectoryDomainServices2008? Active DirectoryDomainServices(ADDS),formerlyknownasActive DirectoryDirectoryServices,isthe central locationforconfigurationinformation,authenticationrequests,andinformationaboutall of the objectsthatare storedwithinyourforest.UsingActive Directory,youcanefficientlymanage users, computers,groups,printers,applications,andotherdirectory-enabledobjectsfromone secure, centralizedlocation. What isthe SYSVOLfolder? The Sysvol folderona Windowsdomaincontrollerisusedtoreplicate file-baseddataamongdomain controllers.Because junctionsare usedwithinthe Sysvol folderstructure,WindowsNTfile system (NTFS) version5.0is requiredondomaincontrollersthroughoutaWindowsdistributedfile system(DFS) forest. Thisis a quote frommicrosoftthemselves,basicallythe domaincontrollerinfostoredinfileslike your grouppolicystuff isreplicatedthroughthisfolderstructure What’sNewinWindowsServer2008 Active DirectoryDomainServices? Active DirectoryDomainServicesinWindowsServer2008 providesanumberof enhancementsover previousversions,includingthese: Auditing—ADDSauditinghas beenenhancedsignificantlyinWindowsServer2008. The enhancements provide more granularauditingcapabilitiesthroughfournew auditingcategories:DirectoryServices Access,DirectoryServicesChanges,DirectoryServicesReplication,andDetailedDirectoryServices Replication.Additionally,auditingnowprovidesthe capabilitytologoldandnew valuesof an attribute whena successful change ismade tothat attribute. Fine-GrainedPasswordPolicies—ADDSinWindowsServer2008 now providesthe capabilitytocreate differentpasswordandaccountlockoutpoliciesfordifferentsetsof usersinadomain.Userand group passwordandaccount lockoutpoliciesare definedandappliedviaaPasswordSettingObject(PSO).A PSOhas attributesforall the settingsthatcan be definedinthe DefaultDomainPolicy,exceptKerberos settings.PSOscanbe appliedtobothusersand groups.
Read-OnlyDomainControllers—ADDSinWindowsServer2008 introducesa new type of domain controllercalledaread-onlydomaincontroller(RODC).RODCscontainaread-onlycopyof the ADDS database.RODCsare coveredinmore detail inChapter6,“Manage Sitesand Replication.” Restartable Active DirectoryDomainServices—ADDSinWindowsServer2008 can now be stoppedand restartedthroughMMC snap-insandthe commandline.The restartable ADDSservice reducesthe time requiredtoperformcertainmaintenanceandrestore operations.Additionally,otherservicesrunningon the serverremainavailabletosatisfyclientrequestswhileAD DSis stopped. AD DS Database MountingTool—ADDSin WindowsServer2008 comeswitha AD DS database mountingtool,whichprovidesameanstocompare data as itexistsinsnapshotsorbackupstakenat differenttimes.The ADDSdatabase mountingeliminatesthe needtorestore multiple backupsto compare the AD data that theycontainand providesthe capabilitytoexamineanychange made todata storedinAD DS. What isthe Global Catalog? A global catalogserverisa domaincontroller.Itisa mastersearchable database thatcontains informationabouteveryobjectineverydomaininaforest.The global catalogcontainsacomplete replicaof all objectsinActive Directoryforitshostdomain,andcontainsa partial replicaof all objectsin Active Directoryforeveryotherdomaininthe forest. It has twoimportantfunctions: Providesgroupmembershipinformationduringlogonandauthentication Helpsuserslocate resourcesinActive Directory What are RODCs?Andwhat are the majorbenefitsof usingRODCs? A read-onlydomaincontroller(RODC) isanew type of domaincontrollerinthe WindowsServer® 2008 operatingsystem.WithanRODC,organizationscaneasilydeployadomaincontrollerinlocationswhere physical securitycannotbe guaranteed.AnRODChosts read-onlypartitionsof the Active Directory® DomainServices(ADDS) database.
Before the release of WindowsServer2008, if usershad to authenticate withadomaincontrollerovera wide areanetwork(WAN),there wasnoreal alternative.Inmanycases,thiswasnotan efficient solution.Branchofficesoftencannotprovide the adequatephysical securitythatisrequiredfora writable domaincontroller.Furthermore,branchofficesoftenhave poornetworkbandwidthwhenthey are connectedtoa hub site.Thiscan increase the amountof time thatisrequiredtologon. It can also hamperaccessto networkresources. BeginningwithWindowsServer2008, an organizationcandeployanRODCto addressthese problems. As a result,usersinthissituationcanreceive the followingbenefits: * Improvedsecurity * Fasterlogontimes * More efficientaccesstoresourcesonthe network What doesan RODC do? Inadequate physical securityisthe mostcommonreasontoconsiderdeployinganRODC.AnRODC providesawayto deploya domaincontrollermore securelyinlocationsthatrequire fastandreliable authenticationservicesbutcannotensure physical securityforawritable domaincontroller. However,yourorganizationmayalsochoose todeployanRODCfor special administrative requirements.Forexample,aline-of-business(LOB) applicationmayrunsuccessfullyonlyif itisinstalled on a domaincontroller.Or,the domaincontrollermightbe the onlyserverinthe branchoffice,andit may have to hostserverapplications. In suchcases,the LOB applicationownermustoftenlogontothe domaincontrollerinteractivelyoruse Terminal Servicestoconfigure andmanage the application.Thissituationcreatesasecurityriskthat may be unacceptable ona writable domaincontroller. An RODCprovidesamore secure mechanismfordeployingadomaincontrollerinthisscenario.Youcan grant a nonadministrative domainuserthe righttologon to an RODC while minimizingthe securityrisk to the Active Directoryforest. You mightalsodeployanRODC inotherscenarioswhere local storage of all domainuserpasswordsisa primarythreat,for example,inanextranetorapplication-facingrole.
What isREPADMIN? Repadmin.exe:ReplicationDiagnosticsTool Thiscommand-line tool assists administratorsindiagnosingreplicationproblemsbetweenWindows domaincontrollers. Administratorscanuse Repadmintoview the replicationtopology(sometimesreferredtoasRepsFrom and RepsTo) asseenfromthe perspective of eachdomaincontroller.In addition,Repadmincanbe used to manuallycreate the replicationtopology(althoughinnormal practice thisshouldnotbe necessary), to force replicationeventsbetweendomaincontrollers,andtoview boththe replicationmetadataand up-to-datenessvectors. Repadmin.execanalsobe usedfor monitoringthe relative healthof anActive Directoryforest.The operationsreplsummary,showrepl,showrepl/csv,andshowvector/latencycanbe usedto checkfor replicationproblems. What isNETDOM? NETDOMis a command-line tool thatallowsmanagementof Windowsdomainsandtrustrelationships. It isusedfor batch managementof trusts,joiningcomputerstodomains,verifyingtrusts,andsecure channels What is Newin WindowsServer2008? 1. Security Securityhasbecome the dailymantraof Microsoft these days,andthisversionof the OSprovesit.After initial installation,absolutelynothingisturnedon.Inobviouscontrasttopreviousincarnationsof the OS,WindowsServer2003 has almostno surface areato lure hackers.Of course,one of the firstthings youwill findyourselfdoingisturningonservices(e.g.,IIS,File Server,PrintServices,DNS,etc.).Only whatyou specificallyinstall will be enabled.
2. Kernel Mode HTTP Driver While IIS6.0 provides quite alotof newfunctionalitytokeepwebsitesfunctional inthe worstof days, Microsoftwentthe extrastepof movingthe HTTP servingtoa Kernel Mode Driver.Whatthismeansis that no matterhowmany processesinIIS6.0 are broughtdown,the HTTP servingwill continue.The http.sysdriverservesandcacheswebpagesrightinthe kernel,sonotonlyisthere improvedisolation betweenapplicationprocesses,the performance ismarkedlyimproved. 3. .NET Framework 1.1 If you have beenkeepingupwithONDotnet.com'sarticles,youshouldalreadyknow aboutthe changes inthe .NETFramework1.1. More importantly,WindowsServer2003 comespre-installedwiththe new versionof the framework.Nomore explainingthatyourapplicationneedsthe .NETruntime tobe installedaswell.Microsoftistreatingthe FrameworklikeWin32APIbefore ...it'sall inthere. 4. IIS 6.0 ApplicationPools In IIS6.0, eachwebapplicationbelongstoanApplicationPool.Thesepoolsare usedto improve the healthof eachapplication,aswell asthe serveritself.The poolseachhave fourtypesof settings:  Recycling:Allowsforthe workerprocessesinthe pool tobe recycled,basedonspecificrules such as the lengthof time the processhasbeen running,the numberof requeststhe process has serviced,andthe amountof memorythe processhasused,or simplybasedonspecifictimes duringthe day.  Performance:Allowsthe workerprocessestobe shutdownwhenthe applicationisnot receivinganyrequestsandenablesCPUthrottlingforthe webapplication.  Health: Allowsforhealthmonitoringof workerprocesses.Thisincludespingingof worker processestoensure healthof the processandrapidshutoff of processesif multiple failures occur in a short amountof time,andallowsspecifictime limitsforstartupandshutdown.  Identity:Allowsall of the workerprocessestobe launchedwithspecificidentities,including NetworkService orspecificsecurityaccounts.
5. WebGardens While itiseasyto get "WebGardens"confusedwith"WebFarms,"the conceptissimilar.A WebFarm hostsa single webapplicationonmultiple machines,andaWebGarden allowsmultiple processesto service asingle webapplication.Since thereare multiple processestohandle requestsforthe web application,there shouldbe reducedcontentionforOSresources. 6. WindowsSystemResource Manager Hiddenbeneaththe coversof WindowsServer2003 isthe WindowsSystemResource Manager(WSRM). The WSRM allowsyouto specifyCPUandmemoryallocationpoliciesfordifferentapplications.The purpose of the WSRM isto allowyouto hostmultiple applicationsonasingle serverandlimithowmany serverresourcestowhicha single applicationisentitled. 7. BITS Server Extensionfor IIS 6.0 BackgroundIntelligentTransferService (BITS) isanIISserverextensionthatallowsyoutowrite your own"WindowsUpdate"-style backgrounddownloadingof new contentorproductupdates.BITS automaticallyresumesdownloadsasaconnectioncomes andgoes. 8. MSMQ 3.0 Afterbeingable toplayaroundwithMSMQ forthe pastyear inWindowsXP,finallythere'saServerOS that supportsit.For the uninitiated,MSMQ3.0 adds:  Supportfor multicastmessages(onemessagetomultiple locations).  Message triggers.  Message lookupwithoutnavigatingthroughall messages. 9. XML-BasedIIS 6.0 Metabase Gone are the days of havingto use convolutedAPIstoaddvirtual directoriesandsitestothe IIS Metabase.The newIIS6.0 Metabase is justan XML file.Inaddition,the new metabasecanbe setso that manual editstothe XML file are automaticallyreflectedinthe runninginstanceof IIS6.0.
10. Active Directory ApplicationMode Thoughnot officiallypartof WindowsServer2003, Active DirectoryApplication Mode (ADAM) representsabetterwayfordeveloperstouse directorystores.InADAM,youcan install anActive Directoryinstance thatisnot tiedto a domaincontroller.Nolongerare yourequiredtointermingle the IT department'sActive Directoryinstance withyourapplicationdata.ADAMandActive Directoryshare mostof theirsource code so that all of the oldADSIand System.DirectoryServices APIsworkjustasyou wouldexpect. How do you viewreplicationpropertiesforAD? By usingActive Directory ReplicationMonitor. Start–> Run–> Replmon What are sitesWhat are they usedfor? One or more well-connected(highlyreliable andfast) TCP/IPsubnets.A site allowsadministratorsto configure Active Directory accessandreplicationtopologytotake advantage of the physical network. Name some OU designconsiderations? OU designrequiresbalancingrequirementsfordelegatingadministrative rights –independentof Group Policyneeds–and the needtoscope the applicationof GroupPolicy.The followingOUdesign recommendationsaddressdelegationandscope issues: ApplyingGroupPolicyAnOUis the lowest-levelActiveDirectorycontainertowhichyoucan assign Group Policysettings.Delegatingadministrative authorityusuallydon’tgomore than3 OU levels http://technet.microsoft.com/en-us/library/cc783140.aspx What are FMSO Roles?List them. Fsmorolesare serverrolesinaForest There are five typesof FSMOroles 1-Schemamaster 2-Domainnamingmaster
3-Ridmaster 4-PDC Emullator 5-Infrastructure master Logical Diagram of Active Directory ?, What is the difference betweenchilddomain& additional domain Server? Well,if youknowwhata domainisthenyou have half the answer.Sayyouhave the domain Microsoft.com.Nowmicrosofthasa servernamedserver1inthatdomain,whichhappenstothe be parentdomain.Soit’sFQDN isserver1.microsoft.com.If youaddan additional domainserverandname it server2,thenit’sFQDN isserver2.microsoft.com. NowMicrosoftis bigso ithas officesinEurope andAsia.Sotheymake childdomainsforthemand their FQDN wouldlooklike this:europe.microsoft.com&asia.microsoft.com.Now letssayeachof themhave a serverinthose childdomainsnamedserver1.TheirFQDN wouldthenlooklike this: server1.europe.microsoft.com&server1.asia.microsoft.com.. What are Active Directory Groups? Groups are containersthatcontainuser andcomputerobjectswithinthemasmembers.Whensecurity permissionsare setfora groupinthe AccessControl Liston a resource,all membersof thatgroup receive those permissions.DomainGroupsenable centralizedadministrationinadomain.All domain groupsare createdon a domaincontroller. In a domain,Active Directoryprovidessupportfordifferenttypesof groupsandgroupscopes.The grouptype determinesthe type of taskthatyou manage with the group.The group scope determines whetherthe groupcan have membersfrommultiple domainsora single domain. Group Types * Securitygroups: Use Securitygroupsforgrantingpermissionstogainaccesstoresources.Sendingan e-mail message toagroup sendsthe message toall membersof the group.Therefore securitygroups share the capabilitiesof distributiongroups. * Distributiongroups: Distributiongroupsare usedforsendinge-mainmessagestogroupsof users.You cannot grant permissionstosecuritygroups.Eventhoughsecuritygroupshave all the capabilitiesof distributiongroups,distributiongroupsstill requires,becausesome applicationscanonlyread distributiongroups.
Group Scopes Group scope normallydescribe whichtype of usersshouldbe clubbedtogetherinaway whichiseasy for there administration.Therefore,indomain,groupsplayanimportantpart.One groupcan be a memberof othergroup(s) whichisnormallyknownasGroupnesting.One ormore groupscan be memberof anygroup inthe entire domain(s) withinaforest. * Domain Local Group: Use thisscope to grant permissionstodomainresourcesthatare locatedinthe same domaininwhichyoucreatedthe domainlocal group.Domainlocal groupscan existinall mixed, native and interimfunctionallevel of domainsandforests.Domainlocal groupmembershipsare not limitedasyoucan add membersasuseraccounts,universal andglobal groupsfromanydomain.Justto remember,nestingcannotbe done indomainlocal group.A domainlocal groupwill notbe a memberof anotherDomainLocal or anyother groupsinthe same domain. * Global Group:Users withsimilarfunctioncanbe groupedunderglobal scope andcanbe given permissiontoaccessa resource (like aprinterorsharedfolder andfiles)available inlocal oranother domaininsame forest.To sayin simple words,Global groupscanbe use to grant permissionstogain access to resourceswhichare locatedinanydomainbutin a single forestastheirmembershipsare limited.Useraccountsandglobal groupscan be addedonlyfromthe domaininwhichglobal groupis created.Nestingispossible inGlobal groupswithinothergroupsasyoucan add a global groupinto anotherglobal groupfromany domain.Finallytoprovide permissiontodomainspecificresources(like printersandpublishedfolder),theycanbe membersof aDomainLocal group.Global groupsexistinall mixed,native andinterimfunctional level of domainsandforests. * Universal GroupScope:these groupsare precisely usedforemail distributionandcanbe granted access to resourcesinall trusteddomainasthese groupscanonlybe usedasa securityprincipal (securitygrouptype) inawindows2000 native orwindowsserver2003 domainfunctional level domain. Universal groupmembershipsare notlimitedlikeglobal groups.Alldomainuseraccountsandgroups can be a memberof universal group.Universal groupscanbe nestedunderaglobal or DomainLocal groupin any domain. What are the typesof backup? Explain each? Incremental A “normal”incremental backupwillonlybackupfilesthathave beenchangedsince the lastbackupof any type. Thisprovidesthe quickestmeansof backup,since itonlymakescopiesof filesthathave not yetbeenbackedup.For instance,followingourfull backuponFriday,Monday’stape will containonly
those fileschangedsince Friday.Tuesday’stape containsonlythose fileschangedsince Monday,andso on.The downside tothisisobviouslythatinorderto performa full restore,youneedtorestore the last full backupfirst,followedbyeachof the subsequentincremental backupstothe presentdayinthe correct order.Shouldanyone of these backupcopiesbe damaged(particularlythe fullbackup),the restore will be incomplete. Differential A cumulative backupof all changesmade afterthe lastfull backup.The advantage tothisis the quicker recoverytime,requiringonlyafull backupandthe latestdifferential backuptorestore the system.The disadvantage isthatforeach day elapsedsince the lastfull backup,more dataneedstobe backedup, especiallyif amajorityof the data has beenchanged. What is the SYSVOL folder? The WindowsServer2003 SystemVolume (SYSVOL) isacollectionof foldersandreparse pointsinthe file systemsthatexistoneachdomaincontrollerinadomain.SYSVOLprovidesastandardlocationto store importantelementsof GroupPolicyobjects(GPOs) andscriptssothatthe File Replicationservice (FRS) can distribute themtootherdomaincontrollerswithinthatdomain. You can go to SYSVOLfolderbytyping: %systemroot%/sysvol What is the ISTG Whohas that role by default? The firstserverinthe site becomesthe ISTGforthe site,The domaincontrollerholdingthisrole maynot necessarilyalsobe abridgeheadserver. What is the order in which GPOsare applied? Local,Site,Domain,OU 1. Can a workstationcomputerbe configuredtobrowse the InternetandyetNOThave a default gateway?
If we are usingpublicipaddress,we can browse the internet.If itishavinganintranetaddressa gatewayisneededasa routeror firewall tocommunicate withinternet. 2. What is CIDR? CIDR (ClasslessInter-DomainRouting,sometimesknownassupernetting) isawayto allocate and specifythe Internetaddressesusedininter-domainroutingmore flexiblythanwiththe original system of InternetProtocol (IP) addressclasses.Asaresult,the numberof available Internetaddresseshas beengreatlyincreased.CIDRisnowthe routingsystemusedbyvirtuallyall gatewayhostsonthe Internet’sbackbone network.The Internet’sregulatingauthoritiesnow expecteveryInternetservice provider(ISP) touse itfor routing. 3. What is DHCP? What are the benefitsanddrawbacksof usingit? DHCP isDynamicHost ConfigurationProtocol.Inanetworkedenvironmentitisa methodtoassignan ‘address’toa computerwhenitbootsup. Advantages All the IPconfigurationinformationgetsautomaticallyconfiguredforyourclientmachine by the DHCP server. If you move yourclientmachine toa differentsubnet,the clientwill sendoutitsdiscovermessage at boottime and workas usual.However,whenyoufirstbootupthere youwill notbe able toget back the IP addressyouhadat yourpreviouslocationregardlessof how littletime haspassed. Disadvantage Your machine name doesnotchange whenyouget a new IPaddress.The DNS (DomainName System) name is associatedwithyourIPaddressandtherefore doeschange.Thisonlypresentsaproblemif otherclientstryto access yourmachine byitsDNS name. 4. How do youmanuallycreate SRV recordsinDNS? To create SRV recordsinDNS do belowsteps: -
OpenDNS Clickon Zone —–Selectdomainabc.local ——- RightClickto domainandgo to OtherNew Records—— Andchoose service location(SRV) 5. Name 3 benefitsof usingAD-integratedzones. Benefitsasfollows a. youcan give easyname resolutiontourclients. b. By creatingAD- integratedzone youcanalsotrace hackerand spammerbycreatingreverse zone. c. AD integratedzonedall forincremental zone transferswhichontransferchangesandnotthe entire zone.Thisreduceszone transfertraffic. d. AD Integratedzonessuportbothsecure anddmanicupdates. e.AD integratedzonesare storedaspart of the active directoryandsupportdomain-wide orforest- wide replicationthroughapplicationpertitionsinAD. 6. How do I clearthe DNScache on the DNSserver? Go to cmd promptand type “ipconfig/flushdns”withoutquotes 7. What is NAT? NAT(NetworkAddressTranslation) isatechnique forpreservingscarce InternetIPaddresses.Formore detailsgoto Microsoftlink 8. How do youconfigure NATonWindows2003? For above answergoto belowlink
Configure NAT 9. How to configure special portstoallow inboundconnections? a. ClickStart,AdministrativeTools,andthenclickRoutingandRemote Accesstoopen the Routingand Remote Accessmanagementconsole. b. Locate the interface thatyouwantto configure. c. Right-clickthe interface andthenselectPropertiesfromthe shortcutmenu. d. Clickthe Special Portstab. e.Under Protocol,selectTCPorUDP and thenclickthe Addbutton. f.Enter the port numberof the incomingtrafficinIncomingPort. g. SelectOnThisAddressPool Entry,andprovide the publicIPaddressof the incomingtraffic. h. Enterthe port numberof the private networkresource inOutgoingPort. i.Enter the private networkresource’sprivateIPaddressinPrivate Address. j. ClickOK.

More Related Content

What's hot (20)

DOCX
Curriculum vitae
dhanrajsharma2
 
ODP
Cl309
Juliette Ponnet
 
ODP
Cl219
Juliette Ponnet
 
PPSX
Oracle 11g R2 RAC implementation and concept
Santosh Kangane
 
PPT
Cl107
Juliette Ponnet
 
ODP
Cl115
Juliette Ponnet
 
PPT
Jurijs Velikanovs Direct NFS - Why and How?
Andrejs Vorobjovs
 
PPSX
RAC - The Savior of DBA
Nikhil Kumar
 
PPTX
Oracle Unified Directory. Lessons learnt. Is it ready for a move from OID? (O...
Andrejs Prokopjevs
 
PPTX
Failover cluster
Chinmoy Jena
 
PDF
Presentation Template - NCOAUG Conference Presentation - 16 9
Mohamed Sadek
 
PDF
Oracle Clusterware Node Management and Voting Disks
Markus Michalewicz
 
PDF
Server 2008 r2 ppt
Raj Solanki
 
PPTX
Active Directory
rainrjcahili
 
DOCX
Oracle 12c RAC On your laptop Step by Step Implementation Guide 1.0
Yury Velikanov
 
PDF
DataStax | Advanced DSE Analytics Client Configuration (Jacek Lewandowski) | ...
DataStax
 
PPTX
Understand oracle real application cluster
Satishbabu Gunukula
 
PPTX
JoTechies - Azure SQL DB
JoTechies
 
PDF
Best practices oracle_clusterware_session355_wp
wardell henley
 
PDF
RMAN best practices for RAC
Syed Hussain
 
Curriculum vitae
dhanrajsharma2
 
Cl309
Juliette Ponnet
 
Cl219
Juliette Ponnet
 
Oracle 11g R2 RAC implementation and concept
Santosh Kangane
 
Cl107
Juliette Ponnet
 
Cl115
Juliette Ponnet
 
Jurijs Velikanovs Direct NFS - Why and How?
Andrejs Vorobjovs
 
RAC - The Savior of DBA
Nikhil Kumar
 
Oracle Unified Directory. Lessons learnt. Is it ready for a move from OID? (O...
Andrejs Prokopjevs
 
Failover cluster
Chinmoy Jena
 
Presentation Template - NCOAUG Conference Presentation - 16 9
Mohamed Sadek
 
Oracle Clusterware Node Management and Voting Disks
Markus Michalewicz
 
Server 2008 r2 ppt
Raj Solanki
 
Active Directory
rainrjcahili
 
Oracle 12c RAC On your laptop Step by Step Implementation Guide 1.0
Yury Velikanov
 
DataStax | Advanced DSE Analytics Client Configuration (Jacek Lewandowski) | ...
DataStax
 
Understand oracle real application cluster
Satishbabu Gunukula
 
JoTechies - Azure SQL DB
JoTechies
 
Best practices oracle_clusterware_session355_wp
wardell henley
 
RMAN best practices for RAC
Syed Hussain
 

Similar to Windows sys admin interview questions (20)

PDF
Active Directory
Jessica Henderson
 
DOCX
Windows admin interview questions
Harikiran Raju
 
PDF
29041329 interview-questions-for-server-2003
rafiq123
 
DOCX
Windows server Interview question and answers
Availity Fore Support Services pvt ltd
 
PPTX
Activedirecotryfundamentals
Shekhar Singh
 
PPT
Ads Overview En
raj240969
 
PPT
Ads Overview En
raj240969
 
PPTX
Active Directory 2008 R2 Updates
Amit Gatenyo
 
PPT
Active Directory Ii
deshvikas
 
PPT
Active directory ii
deshvikas
 
PDF
Case Project 12-2 Devising an AD DS Design with RODC, AD RMS, and A.pdf
Amansupan
 
PPTX
Ad ds ws2008 r2
MICTT Palma
 
DOC
Technical interview questions -networking
rafiq123
 
PDF
50 most commonly asked windows server interview questions
Temok IT Services
 
PPT
Active directory - an introduction
pepoluan
 
PPTX
BITIC-27 Proyecto 3 BITIC 3 2022 Andres Labera ADDS.pptx
RodrigoOrtz4
 
PPTX
32 Most Commonly Asked Windows Server Administrator Interview Questions (With...
Temok IT Services
 
PPT
Chapter01 Introduction To Windows Server 2003
Raja Waseem Akhtar
 
PDF
Jetking questions and answers 8.5x11
sunil kumar
 
PDF
chapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdf
KhadijaTahir29
 
Active Directory
Jessica Henderson
 
Windows admin interview questions
Harikiran Raju
 
29041329 interview-questions-for-server-2003
rafiq123
 
Windows server Interview question and answers
Availity Fore Support Services pvt ltd
 
Activedirecotryfundamentals
Shekhar Singh
 
Ads Overview En
raj240969
 
Ads Overview En
raj240969
 
Active Directory 2008 R2 Updates
Amit Gatenyo
 
Active Directory Ii
deshvikas
 
Active directory ii
deshvikas
 
Case Project 12-2 Devising an AD DS Design with RODC, AD RMS, and A.pdf
Amansupan
 
Ad ds ws2008 r2
MICTT Palma
 
Technical interview questions -networking
rafiq123
 
50 most commonly asked windows server interview questions
Temok IT Services
 
Active directory - an introduction
pepoluan
 
BITIC-27 Proyecto 3 BITIC 3 2022 Andres Labera ADDS.pptx
RodrigoOrtz4
 
32 Most Commonly Asked Windows Server Administrator Interview Questions (With...
Temok IT Services
 
Chapter01 Introduction To Windows Server 2003
Raja Waseem Akhtar
 
Jetking questions and answers 8.5x11
sunil kumar
 
chapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdf
KhadijaTahir29
 
Ad

Recently uploaded (20)

PPTX
Finally, My Best IPTV Provider That Understands Movie Lovers Experience IPTVG...
Rafael IPTV
 
PPTX
02 IoT Industry Applications and Solutions (1).pptx
abuizzaam
 
PDF
The AI Trust Gap: Consumer Attitudes to AI-Generated Content
Exploding Topics
 
PDF
AiDAC – Custody Platform Overview for Institutional Use.pdf
BobPesakovic
 
PDF
Real Cost of Hiring a Shopify App Developer_ Budgeting Beyond Hourly Rates.pdf
CartCoders
 
PDF
The Complete Guide to Chrome Net Internals DNS – 2025
Orage Technologies
 
PDF
Azure Devops Introduction for CI/CD and agile
henrymails
 
PDF
Pas45789-Energs-Efficient-Craigg1ing.pdf
lafinedelcinghiale
 
PPTX
Random Presentation By Fuhran Khalil uio
maniieiish
 
PPTX
ipv6 very very very very vvoverview.pptx
eyala75
 
PPTX
InOffensive Security_cybersecurity2.pptx
wihib17507
 
PPTX
Slides ZPE - QFS Eco Economic Epochs.pptx
Steven McGee
 
PDF
123546568reb2024-Linux-remote-logging.pdf
lafinedelcinghiale
 
PPTX
1.10-Ruta=1st Term------------------------------1st.pptx
zk7304860098
 
PPTX
Internet_of_Things_Presentation_KaifRahaman.pptx
kaifrahaman27593
 
PPTX
Birth-after-Previous-Caesarean-Birth (1).pptx
fermann1
 
PPTX
Simplifying and CounFounding in egime.pptx
Ryanto10
 
PPTX
Internet Basics for class ix. Unit I. Describe
ASHUTOSHKUMAR1131
 
PDF
APNIC's Role in the Pacific Islands, presented at Pacific IGF 2205
APNIC
 
PDF
DORA - MobileOps & MORA - DORA for Mobile Applications
Willy ROUVRE
 
Finally, My Best IPTV Provider That Understands Movie Lovers Experience IPTVG...
Rafael IPTV
 
02 IoT Industry Applications and Solutions (1).pptx
abuizzaam
 
The AI Trust Gap: Consumer Attitudes to AI-Generated Content
Exploding Topics
 
AiDAC – Custody Platform Overview for Institutional Use.pdf
BobPesakovic
 
Real Cost of Hiring a Shopify App Developer_ Budgeting Beyond Hourly Rates.pdf
CartCoders
 
The Complete Guide to Chrome Net Internals DNS – 2025
Orage Technologies
 
Azure Devops Introduction for CI/CD and agile
henrymails
 
Pas45789-Energs-Efficient-Craigg1ing.pdf
lafinedelcinghiale
 
Random Presentation By Fuhran Khalil uio
maniieiish
 
ipv6 very very very very vvoverview.pptx
eyala75
 
InOffensive Security_cybersecurity2.pptx
wihib17507
 
Slides ZPE - QFS Eco Economic Epochs.pptx
Steven McGee
 
123546568reb2024-Linux-remote-logging.pdf
lafinedelcinghiale
 
1.10-Ruta=1st Term------------------------------1st.pptx
zk7304860098
 
Internet_of_Things_Presentation_KaifRahaman.pptx
kaifrahaman27593
 
Birth-after-Previous-Caesarean-Birth (1).pptx
fermann1
 
Simplifying and CounFounding in egime.pptx
Ryanto10
 
Internet Basics for class ix. Unit I. Describe
ASHUTOSHKUMAR1131
 
APNIC's Role in the Pacific Islands, presented at Pacific IGF 2205
APNIC
 
DORA - MobileOps & MORA - DORA for Mobile Applications
Willy ROUVRE
 
Ad

Windows sys admin interview questions

  • 1. Windowssys admininterviewquestions 1. What isActive Directoryschema? 2. What are the domainfunctional levelinWindowsServer2003? 3. What are the forestfunctional levelinWindowsServer2003? 4. What isglobal catalogserver? 5. How we can raise domain functional &forestfunctional level inWindowsServer2003? 6. Whichis the deafultprotocol usedindirectoryservices? 7. What isIPv6? 8. What isthe defaultdomainfunctional level inWindowsServer2003? 9. What are the physical &logical componentsof ADS 10. In whichdomainfunctional level,we canrename domainname? 11. What ismultimasterreplication? 12. What isa site? 13. Whichis the commandusedto remove active directoryfromadomaincontroler? 14. How we can create console,whichcontainschema? 15. What istrust? 16. What isthe file that’sresponsible forkeepall ActiveDirectorydatabase?
  • 2. What isActive DirectoryDomainServices2008? Active DirectoryDomainServices(ADDS),formerlyknownasActive DirectoryDirectoryServices,isthe central locationforconfigurationinformation,authenticationrequests,andinformationaboutall of the objectsthatare storedwithinyourforest.UsingActive Directory,youcanefficientlymanage users, computers,groups,printers,applications,andotherdirectory-enabledobjectsfromone secure, centralizedlocation. What isthe SYSVOLfolder? The Sysvol folderona Windowsdomaincontrollerisusedtoreplicate file-baseddataamongdomain controllers.Because junctionsare usedwithinthe Sysvol folderstructure,WindowsNTfile system (NTFS) version5.0is requiredondomaincontrollersthroughoutaWindowsdistributedfile system(DFS) forest. Thisis a quote frommicrosoftthemselves,basicallythe domaincontrollerinfostoredinfileslike your grouppolicystuff isreplicatedthroughthisfolderstructure What’sNewinWindowsServer2008 Active DirectoryDomainServices? Active DirectoryDomainServicesinWindowsServer2008 providesanumberof enhancementsover previousversions,includingthese: Auditing—ADDSauditinghas beenenhancedsignificantlyinWindowsServer2008. The enhancements provide more granularauditingcapabilitiesthroughfournew auditingcategories:DirectoryServices Access,DirectoryServicesChanges,DirectoryServicesReplication,andDetailedDirectoryServices Replication.Additionally,auditingnowprovidesthe capabilitytologoldandnew valuesof an attribute whena successful change ismade tothat attribute. Fine-GrainedPasswordPolicies—ADDSinWindowsServer2008 now providesthe capabilitytocreate differentpasswordandaccountlockoutpoliciesfordifferentsetsof usersinadomain.Userand group passwordandaccount lockoutpoliciesare definedandappliedviaaPasswordSettingObject(PSO).A PSOhas attributesforall the settingsthatcan be definedinthe DefaultDomainPolicy,exceptKerberos settings.PSOscanbe appliedtobothusersand groups.
  • 3. Read-OnlyDomainControllers—ADDSinWindowsServer2008 introducesa new type of domain controllercalledaread-onlydomaincontroller(RODC).RODCscontainaread-onlycopyof the ADDS database.RODCsare coveredinmore detail inChapter6,“Manage Sitesand Replication.” Restartable Active DirectoryDomainServices—ADDSinWindowsServer2008 can now be stoppedand restartedthroughMMC snap-insandthe commandline.The restartable ADDSservice reducesthe time requiredtoperformcertainmaintenanceandrestore operations.Additionally,otherservicesrunningon the serverremainavailabletosatisfyclientrequestswhileAD DSis stopped. AD DS Database MountingTool—ADDSin WindowsServer2008 comeswitha AD DS database mountingtool,whichprovidesameanstocompare data as itexistsinsnapshotsorbackupstakenat differenttimes.The ADDSdatabase mountingeliminatesthe needtorestore multiple backupsto compare the AD data that theycontainand providesthe capabilitytoexamineanychange made todata storedinAD DS. What isthe Global Catalog? A global catalogserverisa domaincontroller.Itisa mastersearchable database thatcontains informationabouteveryobjectineverydomaininaforest.The global catalogcontainsacomplete replicaof all objectsinActive Directoryforitshostdomain,andcontainsa partial replicaof all objectsin Active Directoryforeveryotherdomaininthe forest. It has twoimportantfunctions: Providesgroupmembershipinformationduringlogonandauthentication Helpsuserslocate resourcesinActive Directory What are RODCs?Andwhat are the majorbenefitsof usingRODCs? A read-onlydomaincontroller(RODC) isanew type of domaincontrollerinthe WindowsServer® 2008 operatingsystem.WithanRODC,organizationscaneasilydeployadomaincontrollerinlocationswhere physical securitycannotbe guaranteed.AnRODChosts read-onlypartitionsof the Active Directory® DomainServices(ADDS) database.
  • 4. Before the release of WindowsServer2008, if usershad to authenticate withadomaincontrollerovera wide areanetwork(WAN),there wasnoreal alternative.Inmanycases,thiswasnotan efficient solution.Branchofficesoftencannotprovide the adequatephysical securitythatisrequiredfora writable domaincontroller.Furthermore,branchofficesoftenhave poornetworkbandwidthwhenthey are connectedtoa hub site.Thiscan increase the amountof time thatisrequiredtologon. It can also hamperaccessto networkresources. BeginningwithWindowsServer2008, an organizationcandeployanRODCto addressthese problems. As a result,usersinthissituationcanreceive the followingbenefits: * Improvedsecurity * Fasterlogontimes * More efficientaccesstoresourcesonthe network What doesan RODC do? Inadequate physical securityisthe mostcommonreasontoconsiderdeployinganRODC.AnRODC providesawayto deploya domaincontrollermore securelyinlocationsthatrequire fastandreliable authenticationservicesbutcannotensure physical securityforawritable domaincontroller. However,yourorganizationmayalsochoose todeployanRODCfor special administrative requirements.Forexample,aline-of-business(LOB) applicationmayrunsuccessfullyonlyif itisinstalled on a domaincontroller.Or,the domaincontrollermightbe the onlyserverinthe branchoffice,andit may have to hostserverapplications. In suchcases,the LOB applicationownermustoftenlogontothe domaincontrollerinteractivelyoruse Terminal Servicestoconfigure andmanage the application.Thissituationcreatesasecurityriskthat may be unacceptable ona writable domaincontroller. An RODCprovidesamore secure mechanismfordeployingadomaincontrollerinthisscenario.Youcan grant a nonadministrative domainuserthe righttologon to an RODC while minimizingthe securityrisk to the Active Directoryforest. You mightalsodeployanRODC inotherscenarioswhere local storage of all domainuserpasswordsisa primarythreat,for example,inanextranetorapplication-facingrole.
  • 5. What isREPADMIN? Repadmin.exe:ReplicationDiagnosticsTool Thiscommand-line tool assists administratorsindiagnosingreplicationproblemsbetweenWindows domaincontrollers. Administratorscanuse Repadmintoview the replicationtopology(sometimesreferredtoasRepsFrom and RepsTo) asseenfromthe perspective of eachdomaincontroller.In addition,Repadmincanbe used to manuallycreate the replicationtopology(althoughinnormal practice thisshouldnotbe necessary), to force replicationeventsbetweendomaincontrollers,andtoview boththe replicationmetadataand up-to-datenessvectors. Repadmin.execanalsobe usedfor monitoringthe relative healthof anActive Directoryforest.The operationsreplsummary,showrepl,showrepl/csv,andshowvector/latencycanbe usedto checkfor replicationproblems. What isNETDOM? NETDOMis a command-line tool thatallowsmanagementof Windowsdomainsandtrustrelationships. It isusedfor batch managementof trusts,joiningcomputerstodomains,verifyingtrusts,andsecure channels What is Newin WindowsServer2008? 1. Security Securityhasbecome the dailymantraof Microsoft these days,andthisversionof the OSprovesit.After initial installation,absolutelynothingisturnedon.Inobviouscontrasttopreviousincarnationsof the OS,WindowsServer2003 has almostno surface areato lure hackers.Of course,one of the firstthings youwill findyourselfdoingisturningonservices(e.g.,IIS,File Server,PrintServices,DNS,etc.).Only whatyou specificallyinstall will be enabled.
  • 6. 2. Kernel Mode HTTP Driver While IIS6.0 provides quite alotof newfunctionalitytokeepwebsitesfunctional inthe worstof days, Microsoftwentthe extrastepof movingthe HTTP servingtoa Kernel Mode Driver.Whatthismeansis that no matterhowmany processesinIIS6.0 are broughtdown,the HTTP servingwill continue.The http.sysdriverservesandcacheswebpagesrightinthe kernel,sonotonlyisthere improvedisolation betweenapplicationprocesses,the performance ismarkedlyimproved. 3. .NET Framework 1.1 If you have beenkeepingupwithONDotnet.com'sarticles,youshouldalreadyknow aboutthe changes inthe .NETFramework1.1. More importantly,WindowsServer2003 comespre-installedwiththe new versionof the framework.Nomore explainingthatyourapplicationneedsthe .NETruntime tobe installedaswell.Microsoftistreatingthe FrameworklikeWin32APIbefore ...it'sall inthere. 4. IIS 6.0 ApplicationPools In IIS6.0, eachwebapplicationbelongstoanApplicationPool.Thesepoolsare usedto improve the healthof eachapplication,aswell asthe serveritself.The poolseachhave fourtypesof settings:  Recycling:Allowsforthe workerprocessesinthe pool tobe recycled,basedonspecificrules such as the lengthof time the processhasbeen running,the numberof requeststhe process has serviced,andthe amountof memorythe processhasused,or simplybasedonspecifictimes duringthe day.  Performance:Allowsthe workerprocessestobe shutdownwhenthe applicationisnot receivinganyrequestsandenablesCPUthrottlingforthe webapplication.  Health: Allowsforhealthmonitoringof workerprocesses.Thisincludespingingof worker processestoensure healthof the processandrapidshutoff of processesif multiple failures occur in a short amountof time,andallowsspecifictime limitsforstartupandshutdown.  Identity:Allowsall of the workerprocessestobe launchedwithspecificidentities,including NetworkService orspecificsecurityaccounts.
  • 7. 5. WebGardens While itiseasyto get "WebGardens"confusedwith"WebFarms,"the conceptissimilar.A WebFarm hostsa single webapplicationonmultiple machines,andaWebGarden allowsmultiple processesto service asingle webapplication.Since thereare multiple processestohandle requestsforthe web application,there shouldbe reducedcontentionforOSresources. 6. WindowsSystemResource Manager Hiddenbeneaththe coversof WindowsServer2003 isthe WindowsSystemResource Manager(WSRM). The WSRM allowsyouto specifyCPUandmemoryallocationpoliciesfordifferentapplications.The purpose of the WSRM isto allowyouto hostmultiple applicationsonasingle serverandlimithowmany serverresourcestowhicha single applicationisentitled. 7. BITS Server Extensionfor IIS 6.0 BackgroundIntelligentTransferService (BITS) isanIISserverextensionthatallowsyoutowrite your own"WindowsUpdate"-style backgrounddownloadingof new contentorproductupdates.BITS automaticallyresumesdownloadsasaconnectioncomes andgoes. 8. MSMQ 3.0 Afterbeingable toplayaroundwithMSMQ forthe pastyear inWindowsXP,finallythere'saServerOS that supportsit.For the uninitiated,MSMQ3.0 adds:  Supportfor multicastmessages(onemessagetomultiple locations).  Message triggers.  Message lookupwithoutnavigatingthroughall messages. 9. XML-BasedIIS 6.0 Metabase Gone are the days of havingto use convolutedAPIstoaddvirtual directoriesandsitestothe IIS Metabase.The newIIS6.0 Metabase is justan XML file.Inaddition,the new metabasecanbe setso that manual editstothe XML file are automaticallyreflectedinthe runninginstanceof IIS6.0.
  • 8. 10. Active Directory ApplicationMode Thoughnot officiallypartof WindowsServer2003, Active DirectoryApplication Mode (ADAM) representsabetterwayfordeveloperstouse directorystores.InADAM,youcan install anActive Directoryinstance thatisnot tiedto a domaincontroller.Nolongerare yourequiredtointermingle the IT department'sActive Directoryinstance withyourapplicationdata.ADAMandActive Directoryshare mostof theirsource code so that all of the oldADSIand System.DirectoryServices APIsworkjustasyou wouldexpect. How do you viewreplicationpropertiesforAD? By usingActive Directory ReplicationMonitor. Start–> Run–> Replmon What are sitesWhat are they usedfor? One or more well-connected(highlyreliable andfast) TCP/IPsubnets.A site allowsadministratorsto configure Active Directory accessandreplicationtopologytotake advantage of the physical network. Name some OU designconsiderations? OU designrequiresbalancingrequirementsfordelegatingadministrative rights –independentof Group Policyneeds–and the needtoscope the applicationof GroupPolicy.The followingOUdesign recommendationsaddressdelegationandscope issues: ApplyingGroupPolicyAnOUis the lowest-levelActiveDirectorycontainertowhichyoucan assign Group Policysettings.Delegatingadministrative authorityusuallydon’tgomore than3 OU levels http://technet.microsoft.com/en-us/library/cc783140.aspx What are FMSO Roles?List them. Fsmorolesare serverrolesinaForest There are five typesof FSMOroles 1-Schemamaster 2-Domainnamingmaster
  • 9. 3-Ridmaster 4-PDC Emullator 5-Infrastructure master Logical Diagram of Active Directory ?, What is the difference betweenchilddomain& additional domain Server? Well,if youknowwhata domainisthenyou have half the answer.Sayyouhave the domain Microsoft.com.Nowmicrosofthasa servernamedserver1inthatdomain,whichhappenstothe be parentdomain.Soit’sFQDN isserver1.microsoft.com.If youaddan additional domainserverandname it server2,thenit’sFQDN isserver2.microsoft.com. NowMicrosoftis bigso ithas officesinEurope andAsia.Sotheymake childdomainsforthemand their FQDN wouldlooklike this:europe.microsoft.com&asia.microsoft.com.Now letssayeachof themhave a serverinthose childdomainsnamedserver1.TheirFQDN wouldthenlooklike this: server1.europe.microsoft.com&server1.asia.microsoft.com.. What are Active Directory Groups? Groups are containersthatcontainuser andcomputerobjectswithinthemasmembers.Whensecurity permissionsare setfora groupinthe AccessControl Liston a resource,all membersof thatgroup receive those permissions.DomainGroupsenable centralizedadministrationinadomain.All domain groupsare createdon a domaincontroller. In a domain,Active Directoryprovidessupportfordifferenttypesof groupsandgroupscopes.The grouptype determinesthe type of taskthatyou manage with the group.The group scope determines whetherthe groupcan have membersfrommultiple domainsora single domain. Group Types * Securitygroups: Use Securitygroupsforgrantingpermissionstogainaccesstoresources.Sendingan e-mail message toagroup sendsthe message toall membersof the group.Therefore securitygroups share the capabilitiesof distributiongroups. * Distributiongroups: Distributiongroupsare usedforsendinge-mainmessagestogroupsof users.You cannot grant permissionstosecuritygroups.Eventhoughsecuritygroupshave all the capabilitiesof distributiongroups,distributiongroupsstill requires,becausesome applicationscanonlyread distributiongroups.
  • 10. Group Scopes Group scope normallydescribe whichtype of usersshouldbe clubbedtogetherinaway whichiseasy for there administration.Therefore,indomain,groupsplayanimportantpart.One groupcan be a memberof othergroup(s) whichisnormallyknownasGroupnesting.One ormore groupscan be memberof anygroup inthe entire domain(s) withinaforest. * Domain Local Group: Use thisscope to grant permissionstodomainresourcesthatare locatedinthe same domaininwhichyoucreatedthe domainlocal group.Domainlocal groupscan existinall mixed, native and interimfunctionallevel of domainsandforests.Domainlocal groupmembershipsare not limitedasyoucan add membersasuseraccounts,universal andglobal groupsfromanydomain.Justto remember,nestingcannotbe done indomainlocal group.A domainlocal groupwill notbe a memberof anotherDomainLocal or anyother groupsinthe same domain. * Global Group:Users withsimilarfunctioncanbe groupedunderglobal scope andcanbe given permissiontoaccessa resource (like aprinterorsharedfolder andfiles)available inlocal oranother domaininsame forest.To sayin simple words,Global groupscanbe use to grant permissionstogain access to resourceswhichare locatedinanydomainbutin a single forestastheirmembershipsare limited.Useraccountsandglobal groupscan be addedonlyfromthe domaininwhichglobal groupis created.Nestingispossible inGlobal groupswithinothergroupsasyoucan add a global groupinto anotherglobal groupfromany domain.Finallytoprovide permissiontodomainspecificresources(like printersandpublishedfolder),theycanbe membersof aDomainLocal group.Global groupsexistinall mixed,native andinterimfunctional level of domainsandforests. * Universal GroupScope:these groupsare precisely usedforemail distributionandcanbe granted access to resourcesinall trusteddomainasthese groupscanonlybe usedasa securityprincipal (securitygrouptype) inawindows2000 native orwindowsserver2003 domainfunctional level domain. Universal groupmembershipsare notlimitedlikeglobal groups.Alldomainuseraccountsandgroups can be a memberof universal group.Universal groupscanbe nestedunderaglobal or DomainLocal groupin any domain. What are the typesof backup? Explain each? Incremental A “normal”incremental backupwillonlybackupfilesthathave beenchangedsince the lastbackupof any type. Thisprovidesthe quickestmeansof backup,since itonlymakescopiesof filesthathave not yetbeenbackedup.For instance,followingourfull backuponFriday,Monday’stape will containonly
  • 11. those fileschangedsince Friday.Tuesday’stape containsonlythose fileschangedsince Monday,andso on.The downside tothisisobviouslythatinorderto performa full restore,youneedtorestore the last full backupfirst,followedbyeachof the subsequentincremental backupstothe presentdayinthe correct order.Shouldanyone of these backupcopiesbe damaged(particularlythe fullbackup),the restore will be incomplete. Differential A cumulative backupof all changesmade afterthe lastfull backup.The advantage tothisis the quicker recoverytime,requiringonlyafull backupandthe latestdifferential backuptorestore the system.The disadvantage isthatforeach day elapsedsince the lastfull backup,more dataneedstobe backedup, especiallyif amajorityof the data has beenchanged. What is the SYSVOL folder? The WindowsServer2003 SystemVolume (SYSVOL) isacollectionof foldersandreparse pointsinthe file systemsthatexistoneachdomaincontrollerinadomain.SYSVOLprovidesastandardlocationto store importantelementsof GroupPolicyobjects(GPOs) andscriptssothatthe File Replicationservice (FRS) can distribute themtootherdomaincontrollerswithinthatdomain. You can go to SYSVOLfolderbytyping: %systemroot%/sysvol What is the ISTG Whohas that role by default? The firstserverinthe site becomesthe ISTGforthe site,The domaincontrollerholdingthisrole maynot necessarilyalsobe abridgeheadserver. What is the order in which GPOsare applied? Local,Site,Domain,OU 1. Can a workstationcomputerbe configuredtobrowse the InternetandyetNOThave a default gateway?
  • 12. If we are usingpublicipaddress,we can browse the internet.If itishavinganintranetaddressa gatewayisneededasa routeror firewall tocommunicate withinternet. 2. What is CIDR? CIDR (ClasslessInter-DomainRouting,sometimesknownassupernetting) isawayto allocate and specifythe Internetaddressesusedininter-domainroutingmore flexiblythanwiththe original system of InternetProtocol (IP) addressclasses.Asaresult,the numberof available Internetaddresseshas beengreatlyincreased.CIDRisnowthe routingsystemusedbyvirtuallyall gatewayhostsonthe Internet’sbackbone network.The Internet’sregulatingauthoritiesnow expecteveryInternetservice provider(ISP) touse itfor routing. 3. What is DHCP? What are the benefitsanddrawbacksof usingit? DHCP isDynamicHost ConfigurationProtocol.Inanetworkedenvironmentitisa methodtoassignan ‘address’toa computerwhenitbootsup. Advantages All the IPconfigurationinformationgetsautomaticallyconfiguredforyourclientmachine by the DHCP server. If you move yourclientmachine toa differentsubnet,the clientwill sendoutitsdiscovermessage at boottime and workas usual.However,whenyoufirstbootupthere youwill notbe able toget back the IP addressyouhadat yourpreviouslocationregardlessof how littletime haspassed. Disadvantage Your machine name doesnotchange whenyouget a new IPaddress.The DNS (DomainName System) name is associatedwithyourIPaddressandtherefore doeschange.Thisonlypresentsaproblemif otherclientstryto access yourmachine byitsDNS name. 4. How do youmanuallycreate SRV recordsinDNS? To create SRV recordsinDNS do belowsteps: -
  • 13. OpenDNS Clickon Zone —–Selectdomainabc.local ——- RightClickto domainandgo to OtherNew Records—— Andchoose service location(SRV) 5. Name 3 benefitsof usingAD-integratedzones. Benefitsasfollows a. youcan give easyname resolutiontourclients. b. By creatingAD- integratedzone youcanalsotrace hackerand spammerbycreatingreverse zone. c. AD integratedzonedall forincremental zone transferswhichontransferchangesandnotthe entire zone.Thisreduceszone transfertraffic. d. AD Integratedzonessuportbothsecure anddmanicupdates. e.AD integratedzonesare storedaspart of the active directoryandsupportdomain-wide orforest- wide replicationthroughapplicationpertitionsinAD. 6. How do I clearthe DNScache on the DNSserver? Go to cmd promptand type “ipconfig/flushdns”withoutquotes 7. What is NAT? NAT(NetworkAddressTranslation) isatechnique forpreservingscarce InternetIPaddresses.Formore detailsgoto Microsoftlink 8. How do youconfigure NATonWindows2003? For above answergoto belowlink
  • 14. Configure NAT 9. How to configure special portstoallow inboundconnections? a. ClickStart,AdministrativeTools,andthenclickRoutingandRemote Accesstoopen the Routingand Remote Accessmanagementconsole. b. Locate the interface thatyouwantto configure. c. Right-clickthe interface andthenselectPropertiesfromthe shortcutmenu. d. Clickthe Special Portstab. e.Under Protocol,selectTCPorUDP and thenclickthe Addbutton. f.Enter the port numberof the incomingtrafficinIncomingPort. g. SelectOnThisAddressPool Entry,andprovide the publicIPaddressof the incomingtraffic. h. Enterthe port numberof the private networkresource inOutgoingPort. i.Enter the private networkresource’sprivateIPaddressinPrivate Address. j. ClickOK.