1. What is GLOBAL CATALOG and GLOBAL CATALOG port number?
Ans. Global Catalog Port No. -- 3268
Ans. Global Catalog Port No. -- 3268
By default GC is created in the first domain
controller automatically in the forest, it stores full replica of all objects
from its own domain and a partial replica of all objects from every other
domain in the forest. The Global Catalog (GC) has two primary functions. First,
it acts as a domain controller that stores object data and manages queries
about objects and their most common attributes (called the Global Catalog
Partial Attribute Set, or PAS). Second, it provides data that permits network
logon. In single domain controller environments, the Active Directory and GC
reside on the same server. Where multiple domain controllers exist, as we
discuss later, it is often advisable to move the GC to its own dedicated domain
controller. All domain trees have a GC, and must reside on a domain controller.
In the absence of a GC, a user can log on only
to the local system. However, a member of the Domain Administrators group can
log on to the network without a GC. When the first Active Directory is
installed, it creates a default Global Catalog. More than one Global Catalog
server can exist, depending on the size of the enterprise, the number of
physical sites, and the quality of network connectivity. Global Catalog servers
are added through the Sites and Servers Management snap-in of the Microsoft
Management Console (MMC). Moving the GC to another domain controller is
accomplished by modifying the NTDS Setting Properties in the Sites and Server
Management snap-in.
2. Group
policy is not applying to all clients. Step by step to solve the issue?
Ans. A) Check Active
Directory Users and Computers to see what site, domain, and OU the user and the
computer are in.
B) In GPMC, expand the Active Directory containers that contain the affected client. In the navigation pane, scan the list of GPOs for each container for disabled links.
C) GPOs are filtered according to the Active Directory groups that the users and computers belong to. The Active Directory objects in which you place your Active Directory groups and the ways you group users or computers affect how GPOs can be distributed and applied.
D) Active Directory and FRS replication lag can affect either part of the GPO.
E)If you have an OU that contains other OUs and you remove Read permissions to the parent OU, then no policy will be processed by computers or users in that OU hierarchy.
F) If there are conflicting settings in the GPOs that apply to the client, they are resolved according to the Group Policy inheritance rules.
B) In GPMC, expand the Active Directory containers that contain the affected client. In the navigation pane, scan the list of GPOs for each container for disabled links.
C) GPOs are filtered according to the Active Directory groups that the users and computers belong to. The Active Directory objects in which you place your Active Directory groups and the ways you group users or computers affect how GPOs can be distributed and applied.
D) Active Directory and FRS replication lag can affect either part of the GPO.
E)If you have an OU that contains other OUs and you remove Read permissions to the parent OU, then no policy will be processed by computers or users in that OU hierarchy.
F) If there are conflicting settings in the GPOs that apply to the client, they are resolved according to the Group Policy inheritance rules.
Adding a User or Computer to an OU
When a user or computer is
added to an OU, two things need to happen before the GPOs that the new OU links
to are applied to the client:
The new OU assignment must be replicated to
the client’s domain controller. After the replication is complete, you must
either log off and log back on again if the user account moved to the new OU,
or restart the computer if the computer moved to the new OU.
3. What is
DHCP server? What are server and scope options?
Ans.
DHCP stands for Dynamic Host Configuration Protocol. DHCP allows us to
automatically assign IP addresses, subnet masks and other configuration
information such as default gateway addresses, preferred and alternate DNS
servers, WINS servers and several other options to client computers on a local
network. DHCP implementation includes:-Installing the DHCP server, authorizing
the server, configuring scopes, exclusions and reservations of IP address and
options and finally activating the scopes.
A DHCP scope is a pool of IP addresses with in
a logical subnet that the DHCP server can assign to clients.
A SUPERSCOPE is an administrative grouping of
scopes that is used to support multinets or multiple logical subnets on a
single network segment.
An IP address with in a defined scope that is
offered to a DHCP client is known as lease.
The default lease duration value is 8 days.
To provide fault tolerance for the DHCP
service within a given subnet, we can configure two DHCP servers to assign
addresses for the same subnet.
DHCP options provide client with additional
data such a specific server IP addresses, along with an address lease. We can
configure DHCP options at the reservation level, scope level and server level.
Option set at the reservation level override all others, and scope level
options override server level option.
Important tools
Ping:-
Tracert:-
Ipconfig /all:-To
view the TCP/IP related information from a windows system.
Ipconfig /release:-To
release the IP address of a windows system.
Ipconfig /renew:-To
renew the IP address of a windows system.
Ipconfig /flushdns:-
Ipconfig /displaydns:-
Ipconfig /registerdns:-
Dsget:
- The Dsget command-line utility is used to display the selected
properties of a specified object within the Active Directory
Dsadd:
- You can automate the process of creating users, groups, contacts, quota,
ou and computers through the Dsadd command-line utility.
Dsmove:
- The Dsmove command-line utility is used to rename or move a
single object within the Active Directory.
Dsquery:
- You use the Dsquery command-line utility to query the Active
Directory for objects that meet specified criteria.
Dsmod:
- You can modify existing Active Directory objects through the Dsmod command-line
utility
Nslookup:-
Hostname:-
Netuser:-
Netuse:-
Netstat:-
Netview:-
Arp:-
Netdiag:-
Netdiag /fix:-
Dcdiag:-
Gpupdate /force:-
Dcpromo:-
Dcpromo /adv:-
Dcpromo /remove:-
Diskpart:-
Cipher:-
Gpresult /r:-
4. What is
HTTPS port number?
Ans.443
5. What are
FTP port numbers? Command and data port for FTP?
Ans.
20, 21-20 for data execution and 21 for command execution.
6. Can we
apply group policy to Groups?
Ans.
Yes But we can’t link any GPO to groups or users. GPO can be linked to sites,
domain, domain controller, OU. Groups and users are getting group policies
because they can become a member of an OU, domain…….
7. What is
NTDS.DIT? What is the default size of this file? Maximum size of this file can grow
up to? Where is the AD database held and what are other folders related to AD?
Ans.
New Technology Directory Service.
Directory Information Tree.
This is the AD database and stores all AD
objects. NTDS.DIT consists of the following tables:-
Schema table:-The types of object that can be
created in the active directory, relationships between them, and the attributes
on each type of object.
Link Table:-contains linked attributes, which
contain values referring to the other objects in the active directory.
Data Table:-Users, groups,
application-specific data, and any other data stored in the active directory.
From a different perspective, Active directory
has 3 types of data:-
Schema information:-Definitional detail about
objects and attributes that one can store in the AD. Replicates to all DC’s. Static
in nature.
Configuration information:-configuration data
about trees and forests. Replicates to all DC’s. Static as your forest is.
Domain Information:-Object information for a
domain. Replicates to all DC’s with in a domain. The object portion becomes the
part of GC.
From a different perspective, Active
directory has 3 types of partitions:-
Schema partition: - The schema is the
blueprint for your AD and the schema partition contains that blueprint
definition. The fact that this schema partition is common to all domains in a
forest means every domain in a forest has the same schema. Every domain
controller in the forest has a replica of the same schema partition.
Configuration partition: - This partition
contains the replication topology and other configuration information common to
the entire tree. This includes information about the domains in the tree,
domain controllers and sites. Every domain controller in the forest has a
replica of the same schema partition.
Domain partition: - Each domain contained the
information about the objects in the domain. This is known as the domain
partition. This partition of AD containing the domain’s information. Every
domain has a separate domain partition, and every domain controller in a domain
contains a full replica of its domain’s domain partition.
Application Directory partition: - The
Application Directory partition stores dynamic application-specific data in AD,
but rather than replicate to all domain controllers in a domain or tree, the
data replicates only to domain controllers specified by the administrator.
Application Directory partitions can contain any type of object except security
principals. The data contained can be configured to replicate to any domain
controller in any domain within the tree or every domain controller in the
tree. All the domain controllers configured to host the application directory
partition hold a replica of the information. However, only Windows 2003/2008
domain controllers can host a replica of an application directory partition.
Windows 2008 (and previously Windows 2003) creates a number of application
partitions to enable the capability to replicate DNS information stored in AD
to only specific domain controllers
8. Where is
the location of DHCP folder?
Ans.
C:\WINDOWS\system32\dhcp
9. What is
RAID? What is software RAID and hardware RAID? How to configure software RAID
and hardware RAID? Need to tell the steps.
Ans.
Redundant Array of Inexpensive Disk or Redundant Array of Independent Disk. It
is a standard used for protecting the data and it is a range of disk management
and striping techniques to implement fault tolerance.
Fault tolerance:-It is a technique used for
protecting data against hardware failures.
The 2 types of RAID are software RAID and
hardware RAID.
Hardware RAID:-It can be implemented above the
OS and including the OS is protected. In a hardware RAID, the disk controller
interface handles the creation and regeneration of redundant information.
Hardware RAID offers more fault tolerance than software RAID. Hardware RAID is
more expensive than Software RAID. It supports hot swapping and hot sparing.
1. Concatenation
(Simple RAID):-Concatenation is also known as simple RAID. It is a collection
of disks that are welded together. Data will be written across the disks in a
linear fashion from one disk to the next. When you write the data to the disk
you will write to the first disk, and you will keep writing your data to the
first disk until it’s full, then you will start writing to the second disk, and
o on. But it is not fault tolerant. If any one disk in a simple RAID corrupted
or lost, data on the entire volume is lost as well.
2. RAID
0
3. RAID
1
4. RAID
5
5. RAID
6:- -A RAID 6 volume uses 4 or more physical disks to provide fault tolerance
and excellent read performance. Data is written to all physical disks at the
same rate, the data is writing with 2 set of checksum information, called
parity which act as a checksum and provide the fault tolerance for the stripe.
In a RAID 6 enabled system , a second set of parity is calculated, written and
distributed across all the drives. RAID 6 eliminates the risk of data loss if a
second hard disk fails.
Software RAID:-It can be implemented from OS. It
is not a guaranteed fault tolerance.
6. Simple
volume:-Simple volumes utilize the space on a single physical disk. Simple
volumes can be extended to the unallocated space on other region of the same
disk. Simple volumes exist on only one physical disk, they are not fault
tolerant.
7. Spanned
Volume:-A spanned volume includes space on more than one physical disk (2 or
more). Up to 32 physical disks can participate in a spanned volume, and the
amount of space used on each disk can be different. When the space on the first
disk fills, the second is written to, and so on. Spanned volumes provide an
option for increasing drive capacity. But spanned volumes are not fault
tolerant. If anyone disk in a spanned volume corrupted or lost, data on the
entire volume is lost as well.
8. Striped
Volume (RAID 0):-A striped volume combines areas of free space from multiple
hard disks (2 or more) in to one logical volume. Unlike a spanned volume,
however, data is written to all physical disks in the volume at the same rate.
RAID 0 is dealing with 2 important terms that are columns and striped width.
RAID 0 is treating each disk as a column and the data we put on each column
before moving to the next is our stripe width. But striped volumes are not
fault tolerant. If anyone disk in a striped volume corrupted or lost, data on
the entire volume is lost as well.
9. Mirrored
Volume (RAID 1):-A mirrored volume consists of two identical copies of a simple
volume, each on a separate hard disk. Two disks participate in a mirrored
volume, and all data is written to both volumes. One-half of the capacity is
used for fault tolerance in mirroring so it is too expensive. Mirrored volumes
provide fault tolerant in the event that one physical disk fails.
10. Striped volume with parity (RAID 5):-A
RAID 5 volume uses 3 or more physical disks to provide fault tolerance and
excellent read performance .Data is written to all physical disks at the same
rate, but unlike a striped volume, the data is writing with checksum
information, called parity which act as a checksum and provide the fault
tolerance for the stripe. The amount of space used for fault tolerance is the
equivalent of the space used by one disk in the volume. One-third of the
capacity is used for fault tolerance if we are using 3 hard disk.1/32 of the capacity
is used for fault tolerance if we are using maximum 32 hard disks. The capacity
of the volume is limited to the smallest section of unallocated space on any
one of the volume disks.
11. Striping plus
mirroring (RAID 10):-RAID 10 is a combination of RAID 1 and RAID 0.Here we are
just mirroring a RAID 0.We have to have 2 identical RAID 0 and then mirror them
together. RAID 10 maximizes both fault tolerance and performance.
Configure software RAID 1
Configure software RAID 1
To create a mirrored volume, we must have unallocated
space on 2 dynamic disks.
Right click one of these spaces and choose
create volume.
The new volume wizard will step us through the
process of selecting a mirrored volume and choosing space on another disk to
include in the volume. And then assign a drive letter for the volume. And then
select the file system to format the volume.
Configure software RAID 5
We need to have pace on at least 3 dynamic
disks to be able to create a RAID 5 volume.
Right click one disks unallocated space and
choose new volume.
The new volume wizard will step you through
selecting a RAID 5 volume type, and then selecting the disks that will
participate in the volume. And then assign a drive letter for the volume. And
then select the file system to format the volume.
Configure hardware RAID
Connects the disk controller interface to the
system.
Connects hard disks to the array.
Boot the system with the RAID configuration CD
which has been provided by the hardware vendor.
Then update the drivers for the disk
controller card and scan the connected hard disk from the RAID configuration
utility and select the RAID type and select the hard disks which have been
detected by the disk controller card. And then partition the RAID and select
the file system to format.
Then start to install the Operating system
with the OS cd.
15.
Difference between MS outlook and Outlook express? Tell 5 differences.
Ans.
Outlook Express
Outlook Express is the e-mail client that is
included with Microsoft Internet Explorer 4.x, Microsoft Internet Explorer 5.x,
the Microsoft Windows 98 operating system, the Microsoft Windows Millennium
Edition (Me) operating system, the Microsoft Windows 2000 operating systems,
and Microsoft Office 98 for the Macintosh. Outlook Express is designed for home
users who gain access to their e-mail messages by dialing in to an Internet
service provider (ISP).
Built on open Internet standards, Outlook Express is designed for use with any Internet standard system, for example, Simple Mail Transfer Protocol (SMTP), Post Office Protocol 3 (POP3), and Internet Mail Access Protocol (IMAP). It provides full support for today's most important e-mail, news, and directory standards such as Lightweight Directory Access Protocol (LDAP), Multipurpose Internet Mail Extension Hypertext Markup Language (MHTML), Hypertext Markup Language (HTML), Secure/Multipurpose Internet Mail Extensions (S/MIME), and Network News Transfer Protocol (NNTP). Full support ensures that you can take advantage of new technologies as well as seamlessly send and receive e-mail.
New migration tools that automatically import your existing mail settings, address book entries, and e-mail messages from Eudora, Netscape, Microsoft Exchange Server, the Windows Inbox, and Outlook make it easy for you to quickly take advantage of all that Outlook Express has to offer. The ability to receive mail from multiple e-mail accounts, as well as the ability to create Inbox rules, helps you manage and organize your e-mail.
Built on open Internet standards, Outlook Express is designed for use with any Internet standard system, for example, Simple Mail Transfer Protocol (SMTP), Post Office Protocol 3 (POP3), and Internet Mail Access Protocol (IMAP). It provides full support for today's most important e-mail, news, and directory standards such as Lightweight Directory Access Protocol (LDAP), Multipurpose Internet Mail Extension Hypertext Markup Language (MHTML), Hypertext Markup Language (HTML), Secure/Multipurpose Internet Mail Extensions (S/MIME), and Network News Transfer Protocol (NNTP). Full support ensures that you can take advantage of new technologies as well as seamlessly send and receive e-mail.
New migration tools that automatically import your existing mail settings, address book entries, and e-mail messages from Eudora, Netscape, Microsoft Exchange Server, the Windows Inbox, and Outlook make it easy for you to quickly take advantage of all that Outlook Express has to offer. The ability to receive mail from multiple e-mail accounts, as well as the ability to create Inbox rules, helps you manage and organize your e-mail.
Ms Outlook
Outlook is Microsoft's premier messaging and
collaboration client. It is a stand-alone application that is integrated into
Microsoft Office and Exchange Server. Outlook also provides performance and
integration with Internet Explorer 5.5. Complete integration of e-mail,
calendaring, and contact management, makes Outlook the perfect client for many
business users.
Outlook helps you find and organize information so that you can work seamlessly with Office applications. This helps you communicate and share information more effectively.
Powerful Inbox rules enable you to filter and organize e-mail messages. With Outlook, you can integrate and manage e-mail from multiple e-mail accounts, personal and group calendars, contacts, and tasks.
When you use Outlook with Exchange Server, you can use workgroup information sharing and workflow communications, group scheduling, public folders, forms, and enhanced Internet connectivity.
Outlook is designed for use with the Internet (SMTP, POP3, and IMAP4), Exchange Server, or any other standards-based communication system that supports Messaging Application Programming Interface (MAPI), including voice mail. Outlook is based on Internet standards and supports today's most important e-mail, news, and directory standards, including LDAP, MHTML, NNTP, MIME, and S/MIME, vCalendar, vCard, iCalendar, and full support for HTML mail.
Outlook also offers the same import tools that are offered with Outlook Express. This enables easy migration from other e-mail clients, and offers further migration from Microsoft Mail, Microsoft Schedule+ 1.0, Microsoft Schedule+ 7.0, Lotus Organizer, NetManage ECCO, Starfish SideKick, Symantec ACT, as well as synchronization with leading Personal Digital Assistants (PDAs), such as the 3Com Palm Pilot.
Outlook helps you find and organize information so that you can work seamlessly with Office applications. This helps you communicate and share information more effectively.
Powerful Inbox rules enable you to filter and organize e-mail messages. With Outlook, you can integrate and manage e-mail from multiple e-mail accounts, personal and group calendars, contacts, and tasks.
When you use Outlook with Exchange Server, you can use workgroup information sharing and workflow communications, group scheduling, public folders, forms, and enhanced Internet connectivity.
Outlook is designed for use with the Internet (SMTP, POP3, and IMAP4), Exchange Server, or any other standards-based communication system that supports Messaging Application Programming Interface (MAPI), including voice mail. Outlook is based on Internet standards and supports today's most important e-mail, news, and directory standards, including LDAP, MHTML, NNTP, MIME, and S/MIME, vCalendar, vCard, iCalendar, and full support for HTML mail.
Outlook also offers the same import tools that are offered with Outlook Express. This enables easy migration from other e-mail clients, and offers further migration from Microsoft Mail, Microsoft Schedule+ 1.0, Microsoft Schedule+ 7.0, Lotus Organizer, NetManage ECCO, Starfish SideKick, Symantec ACT, as well as synchronization with leading Personal Digital Assistants (PDAs), such as the 3Com Palm Pilot.
17.
Difference between domain and Domain controller?
Ans. DOMAIN
In Active Directory, a collection of computer, user, and group objects defined by the administrator. These objects share a common directory database, security policies, and security relationships with other domains. In DNS, any tree or sub tree within the DNS namespace. Although the names for DNS domains often correspond to Active Directory domains, DNS domains should not be confused with Active Directory domains.
DOMAINCONTROLLER
In an Active Directory forest, a server that contains a writable copy of the Active Directory database, participates in Active Directory replication, and controls access to network resources. Administrators can manage user accounts, network access, shared resources, site topology, and other directory objects from any domain controller in the forest.
In Active Directory, a collection of computer, user, and group objects defined by the administrator. These objects share a common directory database, security policies, and security relationships with other domains. In DNS, any tree or sub tree within the DNS namespace. Although the names for DNS domains often correspond to Active Directory domains, DNS domains should not be confused with Active Directory domains.
DOMAINCONTROLLER
In an Active Directory forest, a server that contains a writable copy of the Active Directory database, participates in Active Directory replication, and controls access to network resources. Administrators can manage user accounts, network access, shared resources, site topology, and other directory objects from any domain controller in the forest.
19. What is
OU?
Ans. A
particularly useful type of directory object contained within domains is the
organizational unit. Organizational units are Active Directory containers into
which you can place users, groups, computers, and other organizational units.
An organizational unit cannot contain objects from other domains. An
organizational unit is the smallest scope or unit to which you can assign Group
Policy settings or delegate administrative authority. Using organizational
units, you can create containers within a domain that represent the
hierarchical, logical structures within your organization. You can then manage
the configuration and use of accounts and resources based on your
organizational model. OUs are part of the LDAP
name space and not the DNS name space.
21. What is
Backup? Different types of backup?
Ans.The
Backup utility helps you protect data from accidental loss if your system
experiences hardware or storage media failure. The backup storage medium can be
a logical drive such as your hard drive, or a separate storage device such as a
removable disk, or an entire library of disks or tapes.
The Backup utility supports five methods of
backing up data on your computer or network.
Copy backup
A copy backup copies all selected files but does not mark each file as having been backed up (in other words, the archive attribute is not cleared). Copying is useful if you want to back up files between normal and incremental backups because copying does not affect these other backup operations.
Daily backup
A daily backup copies all selected files that have been modified the day the daily backup is performed. The backed-up files are not marked as having been backed up (in other words, the archive attribute is not cleared).
Differential backup
A differential backup copies files created or changed since the last normal or incremental backup. It does not mark files as having been backed up (in other words, the archive attribute is not cleared). If you are performing a combination of normal and differential backups, restoring files and folders requires that you have the last normal as well as the last differential backup.
Incremental backup
An incremental backup backs up only those files created or changed since the last normal or incremental backup. It marks files as having been backed up (in other words, the archive attribute is cleared). If you use a combination of normal and incremental backups, you will need to have the last normal backup set as well as all incremental backup sets in order to restore your data.
Normal backup
A normal backup copies all selected files and marks each file as having been backed up (in other words, the archive attribute is cleared). With normal backups, you need only the most recent copy of the backup file or tape to restore all of the files. You usually perform a normal backup the first time you create a backup set.
Backing up your data using a combination of normal backups and incremental backups requires the least amount of storage space and is the quickest backup method. However, recovering files can be time-consuming and difficult because the backup set can be stored on several disks or tapes.
Backing up your data using a combination of normal backups and differential backups is more time-consuming, especially if your data changes frequently, but it is easier to restore the data because the backup set is usually stored on only a few disks or tapes.
A copy backup copies all selected files but does not mark each file as having been backed up (in other words, the archive attribute is not cleared). Copying is useful if you want to back up files between normal and incremental backups because copying does not affect these other backup operations.
Daily backup
A daily backup copies all selected files that have been modified the day the daily backup is performed. The backed-up files are not marked as having been backed up (in other words, the archive attribute is not cleared).
Differential backup
A differential backup copies files created or changed since the last normal or incremental backup. It does not mark files as having been backed up (in other words, the archive attribute is not cleared). If you are performing a combination of normal and differential backups, restoring files and folders requires that you have the last normal as well as the last differential backup.
Incremental backup
An incremental backup backs up only those files created or changed since the last normal or incremental backup. It marks files as having been backed up (in other words, the archive attribute is cleared). If you use a combination of normal and incremental backups, you will need to have the last normal backup set as well as all incremental backup sets in order to restore your data.
Normal backup
A normal backup copies all selected files and marks each file as having been backed up (in other words, the archive attribute is cleared). With normal backups, you need only the most recent copy of the backup file or tape to restore all of the files. You usually perform a normal backup the first time you create a backup set.
Backing up your data using a combination of normal backups and incremental backups requires the least amount of storage space and is the quickest backup method. However, recovering files can be time-consuming and difficult because the backup set can be stored on several disks or tapes.
Backing up your data using a combination of normal backups and differential backups is more time-consuming, especially if your data changes frequently, but it is easier to restore the data because the backup set is usually stored on only a few disks or tapes.
23. How to
check the health of Domain Controller?
Ans.
How can I check domain controller health of a number of machines on the network? The
following simple way we can do if we do not have a specific application servers
such as Microsoft System Center Operations Manager or third party tools to
check.
How can I check domain controller health of a
number of machines on the network? The following simple way we can do if we do
not have a specific application servers such as Microsoft System Center
Operations Manager or third party tools to check.
Always do check in Event Viewer, and see some
of the events associated with the domain controller, replication, dns, etc..
And also do health checks on the domain
controller machine, create Health_Check folder in C: \ or another location that
you like to accommodate report the results of the checking. Health Check domain
controller by running:
Dcdiag.exe /v >>
c:\Health_Check\pre_dcdiag.txt
This command must be done and will notify you
if there are problems with DC and / or services associated with the domain
controller.
Netdiag.exe /v >>
c:\Health_Check\pre_Netdiag.txt
This command tells if there are issues with
the network components on the domain controller.
Netsh dhcp show server >>
c:\Health_Check\pre_dhcp.txt
This command is to reexamine the existence of
a dhcp server that is authorized.
Repadmin /showreps >> c:\Health_Check\pre_rep_partners.txt
This command displays all the replication of
both the success and failures are made. The information obtained will be more
if the engine is at once the Global Catalog.
repadmin /replsum /errorsonly >>
c:\Health_Check\pre_repadmin_err.txt
This order for a summary of the replication
process to ensure that there are certain issues.
24. What are
NETDIAG and DCDIAG?
Ans.
Dcdiag.exe /v >> c:\Health_Check\pre_dcdiag.txt
This command must be done and will notify you
if there are problems with DC and / or services associated with the domain
controller.
Netdiag.exe /v >>
c:\Health_Check\pre_Netdiag.txt
This command tells if there are issues with
the network components on the domain controller.
32. What is
server hardening?
Ans. Server Hardening is the process of
enhancing server security through a variety of means resulting in a much more
secure server operating environment which is due to the advanced security
measures that are put in place during the server hardening process.
Install all Service Packs/Hotfixes, etc.
Disable all unnecessary
services/devices/accounts
Enable appropriate password settings
(esp. Service Accounts!)
Enable appropriate logging/auditing
Use the concept of “Least Privilege”
Admin Accounts (esp. Service Accounts!)
User Rights (Beware the “Everyone” Group!)
Enable “extra” security settings (e.g. Warning
Banners)
Tighten NTFS/Registry permissions
Implement Time Synchronization
33. What is
memory dumping?
Ans.It
is a process that writes technical information to the hard disk of a computer
has stopped unexpectedly, usually used for debugging purposes. The cause
of the memory dump can be problem with device drivers, hardware or software. You
can load small memory dump files by using the Dump Check Utility (Dumpchk.exe).
You can also use Dumpchk.exe to verify that a memory dump file has been created
correctly. You can also read small memory dump files by using the WinDbg
tool or the KD.exe tool.
The default location of the dump file is in
C:\WINDOWS\Minidump and it is having the extension as .dmp.
34. What is
the smallest size of memory dump file?
Ans.64
kb
35. What are
the different types of memory dump files?
Ans.1.Complete
memory dump
2.
Small memory dump
3.
Kernel memory dump
37. What is
NNTP? What is the use of it?
Ans.
NNTP is an acronym for Network News Transfer Protocol. From the user end, it
simply refers to the means by which the many thousands of various newsgroups
and their associated content are accessed by client computers. The protocol is
based on the sharing of large amounts of information between the various NNTP
servers and the client’s. NNTP servers are generally accessed through one’s
ISP. NNTP information is transferred over TCP port 119.
38. What is
paged pool and non paged pool memory?
Ans.
When a machine boots up, the Memory Manager creates two dynamically sized
memory pools that kernel-mode components use to allocate system memory. These
two pools are known as the Paged Pool and Non Paged Pool. Each of these
pools start at an initial size that is based upon the amount of physical memory
present in the system. Pool memory is a subset of available memory.
The first difference is that Paged Pool is
exactly what its name implies - it can be paged out. The Non Paged Pool
cannot be paged out. Drivers use the Non Paged Pool for many of their
requirements because they can be accessed at any Interrupt Request Level
(IRQL).
The non paged pool is memory which always
resides in physical memory – it is never paged out. It is used by the
kernel and also by device drivers installed on a system to store data which
might be accessed in situations when page faults are not allowed. The
amount of memory allocated to the non paged pool varies, and is determined as a
function of operating system, processor architecture, and physical memory size.
70. What are
FSMO roles? Describe one by one.
Ans. A
multi-master enabled database, such as the Active Directory, provides the
flexibility of allowing changes to occur at any DC in the enterprise, but it
also introduces the possibility of conflicts that can potentially lead to
problems once the data is replicated to the rest of the enterprise. To
prevent conflicting updates in Windows 2000/2003, the Active Directory performs
updates to certain objects in a single-master fashion.
In a single-master model, only one DC in the
entire directory is allowed to process updates. This is similar to the role
given to a primary domain controller (PDC) in earlier versions of Windows (such
as Microsoft Windows NT 4.0), in which the PDC is responsible for processing
all updates in a given domain.
In a forest, there are five FSMO roles that
are assigned to one or more domain controllers. The five FSMO roles are:
1. Schema master.
2. Domain Naming master.
3. Infra-structure master.
4. PDC emulator.
2. Domain Naming master.
3. Infra-structure master.
4. PDC emulator.
5. RID master.
Schema Master:
The schema master domain controller controls
all updates and modifications to the schema. Once the Schema update is
complete, it is replicated from the schema master to all other DCs in the
directory. To update the schema of a forest, you must have access to the schema
master. There can be only one schema master in the whole forest.
Domain naming master:
The domain naming master domain controller
controls the addition or removal of domains in the forest. This DC is the only
one that can add or remove a domain from the directory. It can also add or
remove cross references to domains in external directories. There can be only
one domain naming master in the whole forest.
Infrastructure Master:
When an object in one domain is referenced by
another object in another domain, it represents the reference by the GUID, the
SID (for references to security principals), and the DN of the object being
referenced. The infrastructure FSMO role holder is the DC responsible for
updating an object's SID and distinguished name in a cross-domain object
reference. At any one time, there can be only one domain controller acting as
the infrastructure master in each domain.
Note: The Infrastructure Master (IM) role
should be held by a domain controller that is not a Global Catalog server (GC).
If the Infrastructure Master runs on a Global Catalog server it will stop
updating object information because it does not contain any references to
objects that it does not hold. This is because a Global Catalog server holds a
partial replica of every object in the forest. As a result, cross-domain object
references in that domain will not be updated and a warning to that effect will
be logged on that DC's event log. If all the domain controllers in a domain
also host the global catalog, all the domain controllers have the current data,
and it is not important which domain controller holds the infrastructure master
role.
Relative ID (RID) Master:
The RID master is responsible for processing
RID pool requests from all domain controllers in a particular domain. When a DC
creates a security principal object such as a user or group, it attaches a
unique Security ID (SID) to the object. This SID consists of a domain SID (the
same for all SIDs created in a domain), and a relative ID (RID) that is unique
for each security principal SID created in a domain. Each DC in a domain is
allocated a pool of RIDs that it is allowed to assign to the security
principals it creates. When a DC's allocated RID pool falls below a threshold,
that DC issues a request for additional RIDs to the domain's RID master. The
domain RID master responds to the request by retrieving RIDs from the domain's
unallocated RID pool and assigns them to the pool of the requesting DC. At any
one time, there can be only one domain controller acting as the RID master in
the domain.
PDC Emulator:
The PDC emulator is necessary to synchronize
time in an enterprise. Windows 2000/2003 includes the W32Time (Windows Time)
time service that is required by the Kerberos authentication protocol. All
Windows 2000/2003-based computers within an enterprise use a common time. The
purpose of the time service is to ensure that the Windows Time service uses a
hierarchical relationship that controls authority and does not permit loops to
ensure appropriate common time usage.
The PDC emulator of a domain is authoritative
for the domain. The PDC emulator at the root of the forest becomes
authoritative for the enterprise, and should be configured to gather the time
from an external source. All PDC FSMO role holders follow the hierarchy of
domains in the selection of their in-bound time partner.
In a Windows 2000/2003 domain, the PDC
emulator role holder retains the following functions:
· Password
changes performed by other DCs in the domain are replicated preferentially to
the PDC emulator.
· Authentication
failures that occur at a given DC in a domain because of an incorrect password
are forwarded to the PDC emulator before a bad password failure message is
reported to the user.
· Account
lockout is processed on the PDC emulator.
· Editing
or creation of Group Policy Objects (GPO) is always done from the GPO copy
found in the PDC Emulator's SYSVOL share, unless configured not to do so by the
administrator.
· The
PDC emulator performs all of the functionality that a Microsoft Windows NT 4.0
Server-based PDC or earlier PDC performs for Windows NT 4.0-based or earlier
clients.
This part of the PDC emulator role becomes
unnecessary when all workstations, member servers, and domain controllers that
are running Windows NT 4.0 or earlier are all upgraded to Windows 2000/2003.
The PDC emulator still performs the other functions as described in a Windows
2000/2003 environment.
At any one time, there can be only one domain
controller acting as the PDC emulator master in each domain in the
forest.
71. What is
Global Catalog?
Ans.By
default a GC is created automatically on the first DC in the forest. The GC
provides the ability to locate objects from any domain without having to know
the domain name. A GC is a domain controller that stores a full replica of all
objects in the directory for its own domain and a partial replica of all
objects of every other domain in the forest. The replica I partial because it
stores only some attributes for each objects.
The GC performs 2 key directory roles:-
It enables network logon by providing universal
group membership information to a DC when a logon process is initiated.
It enables finding directory information
regardless of which domain in the forest actually contain the data.
72. What is
network printer? How to install a network printer?
Ans.
A network printer is shared by more than one computer. A local printer is
directly connected to one computer. A network printer has its own IP
address. You can identify it by "pinging" the IP.
a) Make sure you have the most recent drivers
for your printer.
b) Make sure the Printer is powered on and
connected to the network via Ethernet.
c) Obtain a configuration page from the
printer that has the IP address on it.
d) Make sure your computer is properly
connected to the network via Ethernet and is properly configured.
Click on Start
Click on Printers and Faxes
The Printers and Faxes window opens
On the menu bar select File - Add Printer
The Add Printer Wizard opens
Click the Next> button
Select Local Printer Attached to this
computer.
Make sure automatically detect and
install my Plug and Play Printer is NOT selected.
Click the Next> button
Select create a new Port.
From the Type of port: pull down
menu, select Standard TCP/IP Port
Click the Next> button
The Add Standard TCP/IP Wizard will
open
Click the Next> button
In the Printer Name or IP Address, enter
the printer's IP address or host name (IP address is preferred.)
The wizard will create a Port Name based
on the IP address or host name you entered. If you want to make it more
descriptive, you can change the Port Name.
Click the Next> button
The wizard will display a confirmation
page. Make a note of the Port Name in case you need to re-install the
printer.
Click the Finish Button
The Install Printer Software window will
appear.
Select your printer's manufacturer from the
list on the left
Select your printer's model and driver from
the list on the right
If you can't find your printer driver in the
list, it may be a newer printer. Try clicking on the Windows Update button
and repeat the last two steps. If you need to use a specific driver from
a disk, click on the Have Disk... button and follow the prompts to
choose the driver.
Click the Next> button
The Name Your Printer window will
appear.
Windows will assign a name based on the
printer driver you selected. If you want to make it more descriptive,
change the description in thePrinter Name box.
If you want this printer to be your default
printer, choose the Yes radio button, if not choose the No radio
button.
Click the Next> button
The Print Test Page window appears.
Select Yes
Click the Next> button
The wizard will display a confirmation
window.
Click the Finish button.
After a few seconds, files will be copied and
drivers will be loaded. A dialog box will appear about your test page.
Click the OK button
Check to see if your test page printed on the
printer.
73. What is
lingering object in AD? How do you delete a lingering object?
Ans:
A lingering object is a deleted AD object that re-appears (“lingers”) on the
restored domain controller (DC) in its local copy of Active Directory. An
object that has been permanently deleted from Active Directory (that is,
its tombstone has been garbage-collected) remains on a domain controller. The
domain controller failed to receive direct or transitive replication of the
object deletion because it was disconnected (offline or experiencing an inbound
replication failure) from the replication topology for a period that exceeded a
tombstone lifetime. That object has been updated on the domain controller,
causing a replication notification to the replication partner that an update is
ready for replication. The replication partner has responded according to its
replication consistency setting. This notification applies to attempted
replication of a writable object. A copy of the writable lingering object might
also exist on a global catalog server.
To DETECT and REMOVE lingering
objects:
STRICT replication consistency MUST be enabled
for the following to work.
Will NOT work with LOOSE replication
consistency as the data between the "DC with lingering objects"
and "DC with correct data" is the same
REPADMIN /REMOVELINGERINGOBJECTS <FQDN of
DC with lingering objects> <objectGUID of DC with correct data> <DN
of partition containing lingering objects>
Example:
repadmin /removelingeringobjects
BAD-DC.ADCORP.LAN ed0c6601-28c1-47e9-b3db-5dcf291d9e31 DC=ADCORP,DC=LAN
On the DC containing the lingering objects the
event IDs 1937 (starting removal summary), 1945 (for each lingering object
detected and removed) and 1939 (final removal summary) are registered in the
Directory Service event log.
74. What are
boot volume and system volume?
Ans. Boot
volume: The volume that contains the Windows operating system and its support
files. The boot volume can be, but does not have to be, the same as the system
volume.
System volume: The volume that contains the
hardware-specific files that you must have to load Windows. The system volume
can be, but does not have to be, the same as the boot volume. The Boot.ini,
Ntdetect.com, and Ntbootdd.sys files are examples of files that are located on
the system volume.
76. Refresh
interval in between dc’s and clients in terms of group policy.
Ans.
The default refresh interval for policies is 90 minutes. The default refresh
interval for domain controllers is 5 minutes. Group policy object's group
policy refresh intervals may be changed in the group policy object. The
appropriate refresh interval depends on link speed. A slow network should have
longer refresh intervals. A slow link is defined as one slower than
500Kbps.
77. What is
stub zone in dns?
Ans. Stub
zones are a new feature of DNS in Windows Server 2003 that can be used to
streamline name resolution, especially in a split namespace scenario. They also
help reduce the amount of DNS traffic on your network, making DNS more
efficient especially over slow WAN links. A stub zone is a copy of a zone
that contains only those resource records necessary to identify the
authoritative Domain Name System (DNS) servers for that zone. A stub zone is
used to resolve names between separate DNS namespaces. This type of resolution
may be necessary when a corporate merger requires that the DNS servers for two
separate DNS namespaces resolve names for clients in both namespaces.
A stub zone is like a secondary zone in that
it obtains its resource records from other name servers (one or more master
name servers). A stub zone is also read-only like a secondary zone, so
administrators can't manually add, remove, or modify resource records on it.
But the differences end here, as stub zones are quite different from secondary
zones in a couple of significant ways.
First, while secondary zones contain copies of
all the resource records in the corresponding zone on the master name server,
stub zones contain only three kinds of resource records:
A copy of the SOA record for the zone.
Copies of NS records for all name servers
authoritative for the zone.
Copies of A records for all name servers
authoritative for the zone.
The IP address of one or more master servers
that can be used to update the stub zone.
78.
What is conditional forwarding?
Ans. Conditional
forwarding is a new feature of DNS in Windows Server 2003 that can be used to
speed up name resolution in certain scenarios. They can also be used to help
companies resolve each other's namespace in a situation where companies
collaborate a merger is underway. A conditional forwarder is one that
handles name resolution only for a specific domain. A conditional forwarder is
a Domain Name System (DNS) server on a network that you use to forward DNS
queries according to the DNS domain name in the query. For example, you can
configure a DNS server to forward all the queries it receives for names ending
with widgets.contoso.com to the IP address of a specific DNS server or to the
IP addresses of multiple DNS servers.
79. A user
is not able to login to one system and able to login in another system in
domain system. What will be the cause for this?
Ans.
It could be because of pdc emulator is not available.
When a new user is login to the new computer,
it is mandatory to have pdc emulator and global catalog on the network.
The system cache stores logged in users id and
password so they can login to the system if the pdc emulator is not available
also.
No comments:
Post a Comment