1.

Windows 2003 vs Windows 2008

o RODC
o WDS instead of RIS
o Services have been changed as roles - server manager
o Introduction of hyper V- only on 64 bit versions
o Enhanced event viewer
o Bitlocker feature
o Server core installation without GUI
o MMC 3.0, with three pane view
o Key management services(KMS) to activate Windows OS without
connecting to Microsoft site
o Performance enhancement using technologies like Windows
SuperFetch,ReadyBoost and Readydrive
o Windows Aero user interface
o Instant search
o Support for IPv6 in DNS

2. ESX vs ESXi
o ESXi has no service console which is a modified version of RHEL
o ESXi is extremely thin hence results in fast installation + fast boot
o ESXi can be purchased as an embedded hypervisor on hardware

o ESXi has builtin server health status check

3. ESXi 4.1 vs ESXi 5.0 - Migration
o Local upgrade from CD

o VMware update manager (only supports upgrade of ESX/ESXi 4.x to

ESXi 5.0)
4. ESXi 4.1 vs ESXi 5.0 - Features
o vSphere Auto deploy
o Storage DRS
o HA - Primary/secondary concept changed to master/slave
o Profile driven storage
o VMFS version - 3 5
o ESXi firewall
o VMware hardware version - 7 8
o VMware tools version - 4.1 5
o vCPU - 8 32
o vRAM - 256 1 TB
o VMs per host - 320 512
o RAM per host - 1TB 2TB
o USB 3.0 support
o vApp

5. FSMO roles
o Schema Master
o Domain naming master
o Infrastructure master
o PDC Emulator

o RID master
6. GPO
o GPO
o Templates (ADMX)
o Block inheritance
o Enforced
o Loopback policy

7. Forest and Domain concepts

8. OSI layer

o Application Layer
o Presentation Layer
o Sessions Layer
o Transport Layer
o Network Layer
o DataLink layer
o Physical Layer

9. ASA - site to site VPN

10.

HA 5.0

o Uses an agent called FDM - Fault domain manager

o HA now talks directly to hostd instead of using vcenter agent vpxa
o Master/slave concept
o Master

monitors availability of hosts/VMs

manages VM restarts after host failure

maintains list of all VMs in each host

restarting failed VMs

exchanging state with vcenter

monitor state of slaves

o Slave

monitor running VMs and send status to master and performs

restart on request from master

monitors master node health

if master fails, participates in election

o Two different heartbeat mechanisms - Network heartbeat and

datastore heartbeat
o Network heartbeat

Sends between slave and master per second

When slave is not receiving heartbeat from master, checks

whether it is isolated or master is isolated or has failed

o Datastore heartbeat

To distinct between isolation and failure

Uses Power On file in datastore to determine isolation

This mechanism is used only when master loses network

connectivity with hosts

2 datastores are chosen for this purpose

o Isolation response

11.

PowerOff

Leave Powered On

Shutdown

vMotion
o vMotion enables live migration of running virtual machines from one
host to another with zero downtime
o Prerequisites
1. Host must be licensed for vMotion
2. Configure host with at least one vMotion n/w interface
(vmkernel port group)
3. Shared storage (this has been compromised in 5.1)
4. Same VLAN and VLAN label
5. GigaBit ethernet network required between hosts
6. Processor compatibility between hosts
7. vMotion does not support migration of applications clustered
using Microsoft clustering service
8. No CD ROM attached

9. No affinity is enabled
10.

12.

vmware tools should be installed

RAID
o Redundant Array of Independent disks
o A category of disk drives that uses 2 or more drives in a
combination for redundancy and performance
o Most common RAIDs: RAID 0(Striped), RAID 1(Mirroring), RAID 5

13.

Backup types
o Backup types
1. Full backup - Will take the backup of all selected files and
reset the archive bit
2. Copy backup - Will take the backup of all selected files but
does not reset the archive bit
3. Incremental backup - Will take the backup of files whose
archive bits are set and resets it after backup
4. Differential backup - Will take the backup of files whose
archive bits are set but does not reset it after backup

14.

2003 2008 migration

o Can be done only by logging in to Windows 2003 server
o Min of Windows 2003 SP1 required
o Can be migrated only to same version, except for Windows server
2003 standard which can be migrated to either standard or
enterprise
o Extra space of 30 GB required prior migration

o Cannot upgrade to server core

o Perform forestprep and domainprep to 2008 using 2008 cd before
migrating. (Copy sources/adprep folder for this)

15.

ESXi update manager

16.

Global Catalog
o Global catalog (GC) is a role handled by domain controllers in an
Active directory model.
o The global catalog stores a full copy of all objects in the directory
for its host domain and a partial copy of all objects for all other
domains in the forest.
o Partial copy refers to the set of attributes that are most used for
searching every object in every domain.
o All domain controllers can be promoted as a GC.
o GC helps in faster search of AD objects.
o The replicas that are replicated to the global catalog also include
the access permissions for each object and attribute.
o If you are searching for an object that you do not have permission
to access, you do not see the object in the list of search results.
Users can find only objects to which they are allowed access.
o Global catalog server clients depend on DNS to provide the IP
address of global catalog servers. DNS is required to advertise
global catalog servers for domain controller location.
o By default, first DC of in a forest will be a global catalog server

17.

Basic networking concepts

18.

RODC
o New feature in Windows 2008
o Only have the read only copy of directory database
o RODC will have all the objects of a normal DC in read only mode.
But this doesnt include passwords. RODC does not store password
of accounts.
o Updates are replicated to RODC by writable DC
o Password caching : A feature which enables RODC to cache
password of the logged in users.
o Password Replication Policy: Determines whether the password can
be cached or not.
o DNS can be integrated with RODC but will not directly register client
updates. For any DNS change, the RODC refers the client to DNS
server that hosts a primary or AD integrated zone

19.

NAS vs SAN
o Both used as storage solution
o NAS can be used by any device connected using LAN whereas SAN
is used only by server class devices with SCSI
o NAS is file based whereas SAN is block based storage
o NAS is cheap while SAN is expensive
o SAN is comparatively faster than NAS

20.

What is DRS? Types of DRS

o Distributed Resource Scheduler
o It is a feature of a cluster

o DRS continuously monitors utilization across the hosts and moves

virtual machines to balance the computing capacity
o DRS uses vMotion for its functioning
o Types of DRS
1. Fully automated - The VMs are moved across the hosts
automatically. No admin intervention required.
2. Partially automated - The VMs are moved across the hosts
automatically during the time of VM bootup. But once up,
vCenter will provide DRS recommendations to admin and has
to perform it manually.
3. Manual - Admin has to act according to the DRS
recommendations

21.

DRS prerequisites
o Shared storage
o Processor compatibility of hosts in the DRS cluster
o vMotion prerequisites

22.

vMotion is not working. What are the possible reasons?

o Ensure vMotion is enabled on all ESX/ESXi hosts
o Ensure that all vmware pre requisites are met
o Verify if the ESXi/ESX host can be reconnected or if reconnecting the
ESX/ESXi host resolves the issue
o Verify that time is synchronized across environment
o Verify that the required disk space is available

23.

What happens if a host is taken to maintenance mode

o Hosts are taken to maintenance mode during the course of

maintenance
o In a single ESX/ESXi setup, all the VMs need to be shutdown before
getting into maintenance mode
o In a vCenter setup If DRS is enabled, the VMs will be migrated to
other hosts automatically.
o

23.

How will you clone a VM in an ESXi without vCenter

o Using vmkftools
o Copy the vmdk file and attach to a new VM
o Using VMware converter

25.

Explain traverse folder

o Allows or denies moving through a restricted folder to reach files
and folders beneath the restricted folder in the folder hierarchy.
o Traverse folder takes effect only when the group or user is not
granted the "Bypass traverse checking user" right in the Group
Policy snap-in. This permission does not automatically allow running
program files.

1. Windows 2003 vs Windows 2008

o RODC
o WDS instead of RIS
o Services have been changed as roles - server manager
o Introduction of hyper V- only on 64 bit versions
o Enhanced event viewer

o Bitlocker feature
o Server core installation without GUI
o MMC 3.0, with three pane view
o Key management services(KMS) to activate Windows OS without
connecting to Microsoft site
o Performance enhancement using technologies like Windows
SuperFetch,ReadyBoost and Readydrive
o Windows Aero user interface
o Instant search
o Support for IPv6 in DNS

2. ESX vs ESXi

o ESXi has no service console which is a modified version of RHEL

o ESXi is extremely thin hence results in fast installation + fast boot
o ESXi can be purchased as an embedded hypervisor on hardware
o ESXi has builtin server health status check

3. ESXi 4.1 vs ESXi 5.0 - Migration

o Local upgrade from CD

o VMware update manager (only supports upgrade of ESX/ESXi 4.x to

ESXi 5.0)

4. ESXi 4.1 vs ESXi 5.0 - Features

o vSphere Auto deploy

o Storage DRS
o HA - Primary/secondary concept changed to master/slave
o Profile driven storage
o VMFS version - 3 5
o ESXi firewall
o VMware hardware version - 7 8
o VMware tools version - 4.1 5
o vCPU - 8 32
o vRAM - 256 1 TB
o VMs per host - 320 512
o RAM per host - 1TB 2TB
o USB 3.0 support
o vApp

5. FSMO roles

o Schema Master
o Domain naming master
o Infrastructure master
o PDC Emulator
o RID master

6. GPO

o GPO
o Templates (ADMX)
o Block inheritance
o Enforced
o Loopback policy

7. Forest and Domain concepts

8. OSI layer

o Application Layer
o Presentation Layer
o Sessions Layer
o Transport Layer
o Network Layer
o DataLink layer
o Physical Layer

9. ASA - site to site VPN

10.

HA 5.0

o Uses an agent called FDM - Fault domain manager

o HA now talks directly to hostd instead of using vcenter agent vpxa
o Master/slave concept
o Master

monitors availability of hosts/VMs

manages VM restarts after host failure

maintains list of all VMs in each host

restarting failed VMs

exchanging state with vcenter

monitor state of slaves

o Slave

monitor running VMs and send status to master and performs

restart on request from master

monitors master node health

if master fails, participates in election

o Two different heartbeat mechanisms - Network heartbeat and

datastore heartbeat
o Network heartbeat

Sends between slave and master per second

When slave is not receiving heartbeat from master, checks

whether it is isolated or master is isolated or has failed

o Datastore heartbeat

To distinct between isolation and failure

Uses Power On file in datastore to determine isolation

This mechanism is used only when master loses network

connectivity with hosts

2 datastores are chosen for this purpose

o Isolation response

11.

PowerOff

Leave Powered On

Shutdown

vMotion
o vMotion enables live migration of running virtual machines from one
host to another with zero downtime
o Prerequisites

1. Host must be licensed for vMotion

2. Configure host with at least one vMotion n/w interface
(vmkernel port group)
3. Shared storage (this has been compromised in 5.1)
4. Same VLAN and VLAN label
5. GigaBit ethernet network required between hosts
6. Processor compatibility between hosts
7. vMotion does not support migration of applications clustered
using Microsoft clustering service
8. No CD ROM attached
9. No affinity is enabled
10.

12.

vmware tools should be installed

RAID
o Redundant Array of Independent disks
o A category of disk drives that uses 2 or more drives in a
combination for redundancy and performance
o Most common RAIDs: RAID 0(Striped), RAID 1(Mirroring), RAID 5

13.

Backup types
o Backup types
1. Full backup - Will take the backup of all selected files and
reset the archive bit
2. Copy backup - Will take the backup of all selected files but
does not reset the archive bit

3. Incremental backup - Will take the backup of files whose

archive bits are set and resets it after backup
4. Differential backup - Will take the backup of files whose
archive bits are set but does not reset it after backup

14.

2003 2008 migration

o Can be done only by logging in to Windows 2003 server
o Min of Windows 2003 SP1 required
o Can be migrated only to same version, except for Windows server
2003 standard which can be migrated to either standard or
enterprise
o Extra space of 30 GB required prior migration
o Cannot upgrade to server core
o Perform forestprep and domainprep to 2008 using 2008 cd before
migrating. (Copy sources/adprep folder for this)

15.

ESXi update manager

16.

Global Catalog
o Global catalog (GC) is a role handled by domain controllers in an
Active directory model.
o The global catalog stores a full copy of all objects in the directory
for its host domain and a partial copy of all objects for all other
domains in the forest.
o Partial copy refers to the set of attributes that are most used for
searching every object in every domain.
o All domain controllers can be promoted as a GC.
o GC helps in faster search of AD objects.

o The replicas that are replicated to the global catalog also include
the access permissions for each object and attribute.
o If you are searching for an object that you do not have permission
to access, you do not see the object in the list of search results.
Users can find only objects to which they are allowed access.
o Global catalog server clients depend on DNS to provide the IP
address of global catalog servers. DNS is required to advertise
global catalog servers for domain controller location.
o By default, first DC of in a forest will be a global catalog server

17.

Basic networking concepts

18.

RODC
o New feature in Windows 2008
o Only have the read only copy of directory database
o RODC will have all the objects of a normal DC in read only mode.
But this doesnt include passwords. RODC does not store password
of accounts.
o Updates are replicated to RODC by writable DC
o Password caching : A feature which enables RODC to cache
password of the logged in users.
o Password Replication Policy: Determines whether the password can
be cached or not.
o DNS can be integrated with RODC but will not directly register client
updates. For any DNS change, the RODC refers the client to DNS
server that hosts a primary or AD integrated zone

19.

NAS vs SAN
o Both used as storage solution

o NAS can be used by any device connected using LAN whereas SAN
is used only by server class devices with SCSI
o NAS is file based whereas SAN is block based storage
o NAS is cheap while SAN is expensive
o SAN is comparatively faster than NAS

20.

What is DRS? Types of DRS

o Distributed Resource Scheduler
o It is a feature of a cluster
o DRS continuously monitors utilization across the hosts and moves
virtual machines to balance the computing capacity
o DRS uses vMotion for its functioning
o Types of DRS
1. Fully automated - The VMs are moved across the hosts
automatically. No admin intervention required.
2. Partially automated - The VMs are moved across the hosts
automatically during the time of VM bootup. But once up,
vCenter will provide DRS recommendations to admin and has
to perform it manually.
3. Manual - Admin has to act according to the DRS
recommendations

21.

DRS prerequisites
o Shared storage
o Processor compatibility of hosts in the DRS cluster
o vMotion prerequisites

22.

vMotion is not working. What are the possible reasons?

o Ensure vMotion is enabled on all ESX/ESXi hosts
o Ensure that all vmware pre requisites are met
o Verify if the ESXi/ESX host can be reconnected or if reconnecting the
ESX/ESXi host resolves the issue
o Verify that time is synchronized across environment
o Verify that the required disk space is available

23.

What happens if a host is taken to maintenance mode

o Hosts are taken to maintenance mode during the course of
maintenance
o In a single ESX/ESXi setup, all the VMs need to be shutdown before
getting into maintenance mode
o In a vCenter setup If DRS is enabled, the VMs will be migrated to
other hosts automatically.
o

23.

How will you clone a VM in an ESXi without vCenter

o Using vmkftools
o Copy the vmdk file and attach to a new VM
o Using VMware converter

25.

Explain traverse folder

o Allows or denies moving through a restricted folder to reach files
and folders beneath the restricted folder in the folder hierarchy.

o Traverse folder takes effect only when the group or user is not
granted the "Bypass traverse checking user" right in the Group
Policy snap-in. This permission does not automatically allow running
program files.
1. Maximum number of LUNs that can be attached to a host (ESXi
5.0)
o 256

2. Maximum number of vCPUs that can be assigned to a VM (ESXi

5.0)
o 32

3. What are the uses of ntdsutil tool?

o Some of the main uses of ntdsutil tool
1. Authoritative Restore - Authoritatively restores the Active
Directory database or AD LDS instance
2. ifm - Create installation media for writable and RODC setups
(Offline DC provisioning)
3. metadata cleanup - Cleans up objects of decommissioned
servers
4. roles - Transfers and seizes operations master roles
5. set DSRM password - Resets DSRM administrator password
6. snapshot - Manages snapshots of the volumes that contain
the Active Directory database and log files

4. FSMO roles and its failure scenarios

o http://www.systemadminguide.in/2013/07/fsmo-roles-innutshell.html

5. IPv6 addresses and its DNS record

o 128 bit address
o Represented as 8 groups of 4 hexadecimel digits seperated by
colons
o Represented by AAAA record in DNS
o Uses DHCP v6 for addressing

6. Loadbalancer vs Clustering
o Clustering
1. Cluster is a group of resources that are trying to achieve a
common objective, and are aware of one another.
2. Clustering usually involves setting up the resources (servers
usually) to exchange details on a particular channel (port)
and keep exchanging their states, so a resources state is
replicated at other places as well.
3. It usually also includes load balancing, wherein, the request is
routed to one of the resources in the cluster as per the load
balancing policy
ii.

Load Balancing

1.

Used to forward requests to either one server or other, but

one server does not use the other servers resources. Also, one
resource does not share its state with other resources.

7. Software installation using group policy

o This can be done using 2 methods
1. Assigning
2. Publishing
ii.

Assign :
1. If you assign the program to a user, it is installed when the
user logs on to the computer. When the user first runs the
program, the installation is completed.
2. If you assign the program to a computer, it is installed when
the computer starts, and it is available to all users who log on
to the computer. When a user first runs the program, the
installation is completed.

ii.

Publish :
1. You can publish a program distribution to users.
2. When the user logs on to the computer, the published
program is displayed in the Add or Remove Programs dialog
box, and it can be installed from there.

ii.

msi packages are used for installation. Normal exe would not work.

iii.

Windows cannot install the software while the user is already logged
on. The user need to log off and log in

8. Group policy security filtering for users. Which all users are in
there by default. Members of Authenticated Users group
o Security filtering is a way of refining which users and computers will
receive and apply the settings in a Group Policy object (GPO)
o In order for the GPO to apply to a given user or computer, that user
or computer must have both Read and Apply Group Policy (AGP)
permissions on the GPO, either explicitly, or effectively through
group membership
o By default, all GPOs have Read and AGP both Allowed for the
Authenticated Users group.
o The Authenticated Users group includes both users and computers.
This is how all authenticated users receive the settings of a new
GPO when it is applied to an organizational unit, domain or site

9. Relevance of host file and its location

o Came before the concept of DNS
o An FQDN is first checked in Host file
o Location : C:\Windows\System32\Drivers\etc

10.

L3 switch vs Routers
o L3 switches just have the ethernet ports only whereas the routers
have WAN interfaces
o QoS is not available with L3 switches whereas in routers it can be
enabled
o Routers have expansion slots and cards that allow them to use
different media types, like serial connections for T1 and T3 circuits

o Routers are more intelligent in handling packets

o L3 switches does not support NAT

11.

VLAN vs Subnet
o VLAN works at layer 2 while subnet is at layer 3
o Subnets are more concerned about IP addresses.
o VLANs bring more network efficiency
o Subnets have weaker security than VLANs as all the subnet uses the
same physical network

12.

Contents of System state backup

o Registry
o COM+ Class Registration database
o Boot files, including the system files
o System files that are under Windows File Protection
o Active Directory directory service (If it is domain controller)
o SYSVOL directory (If it is domain controller)
o Cluster service information (If it is a part of a cluster)
o IIS Metadirectory (If it is an IIS server)
o Certificate Services database (If it is a certificate server)

13.

Incremental vs Differential backups

o Incremental backup - Will take the backup of files whose archive bits
are set and resets it after backup
o Differential backup - Will take the backup of files whose archive bits
are set but does not reset it after backup

14.

Robocopy
o Microsoft tool used for copying files effectively
o It has plenty of options to manage the copy process

15.
How do you patch microsoft applications? Frequency of
patches released by Microsoft
o The Microsoft applications can be patched using WSUS
o In WSUS, we can create several computer groups to manage this
patch process.
o MS patches are released once in a month

16.

Explain GPO, GPC & GPT

o GPO - Group Policy Object : Refers to the policy that is configured at
the Active Directory level and is inherited by the domain member
computers. You can configure a GPO at the site level, domain level
or OU level. GPO stores policy settings in two locations GPC and GPT

o GPO behaviour : Local Policy > Site GPO > Domain GPO > OU GPO
> Child OU GPO
o GPC - Group Policy Container :This is the AD portion of the group
policy. This can be viewed using ADSI edit. It stores version
information, status information, and other policy information. When
you create a new GPO, an AD object of class groupPolicyContainer
gets created under the System\Policies container within your AD
domain
o GPT - Group Policy Template : The GPT is where the GPO stores the
actual settings. It stores software policy script, and deployment
information.
o GPT is stored in SYSVOL share (\\DomainNameHere\SYSVOL\Policies)
whereas GPC is stored in the AD

17.

What is CPU affinity in VMware? Its impact on DRS?

o CPU refers to a logical processor on a hyperthreaded system and
refers to a core on a non-hyperthreaded system
o By setting CPU affinity for each VM, you can restrict the assignment
of VMs to a subset of available processors
o The main use of setting CPU affinity is when there are display
intensive workloads which requires additional threads with vCPUs.
o DRS will not work with CPU affinity

http://frankdenneman.nl/2011/01/11/beating-a-dead-horse-using-cpu-affinity/

18.

VMversion 4 vs VMversion 7
o Version 4

1. Runs on ESX 3.x

2. Max supported RAM 64 GB
3. Max vCPUs 4
4. MS cluster is not supported
5. 4 NICs/VM
6. No USB Support
ii.
1.

Version 7
Runs on vSphere 4.x
2. Max supported RAM 256 GB
3. Max vCPUs 8
4. MS cluster is supported
5. 10 NICs/VM
6. USB support

19.
What happens to the VMs if a standalone host is taken to
maintenance mode?
o In case of standalone servers , VMware recommends that VMs
should be powered off before putting the server in maintenance
mode
o If we put the standalone host in maintenance mode without
powering off the VMs, it will remain in the entering maintenance
mode state until the VMs are all shutdown
o When all the VMs are powered down, the host status changes to
under maintenance

http://pubs.vmware.com/vsphere-4-esxvcenter/index.jsp#using_drs_clusters_to_manage_resources/c_using_maintenanc
e_mode.html

20.

What is new in Windows server 2012

o Server core improvements: no need of fresh installation, you can
add/remove GUI from server manager
o Remotely manage servers , add/remove roles etc using Server
manager-manage 2008 and 2008 R2 with WMF 3.0 installation,
installed by default in Server 2012
o Remote server administration tools available for windows 8 to
manage Windows server 2012 infrastructure
o Powershell v3
o Hyper-V 3.0
1. supports upto 64 processors and 1 TB RAM per virtual
machine
2. upto 320 logical hardware processors and 4 TB RAM per host
3. Shared nothing live migration, move around VMs without
shared storage
o ReFS(Resilient file system), upgraded version of NTFS- supports
larger file and directory sizes. Removes the 255 character limitation
on long file names and paths, the limit on the path/filename size is
now 32K characters!
o Improved CHKDSK utility that will fix disk corruptions in the
background without disruption

21.
How does the backup software recognize that a file has
changed since last backup?

o The files use a bit called archive bit for tracking any change in the
file.
o The backup softwares normally checks the archive bit of the file to
determine whether the file has to be backed up or not

22.

How can you edit a vm template?

o The VM templates cannot be modified as such
o First , the VM template have to be converted to a virtual machine
o After making necessary machines in the virtual machine, convert
the virtual machine back to template

23.

VMware configuration maximums

ESXi 5.5

ESXi 5.1

64
1 TB
10
62 TB

64
1 TB
10
1 TB

ESXi 5.0

ESXi 4.x

32
1 TB
10
1 TB

8
255 GB
10
2 TB for 8MB block

160
2 TB
256
64 TB
512

160
1 TB
256
64 TB
320

VMs
vCPU
RAM
vNIC
VMDK size

Hosts
Logical CPU
Memory
LUNs
LUN size
Virtual Machines

320
4 TB
256
64 TB
512

160
2 TB
256
64 TB
512

24.
What is the major difference between Windows server 2008
and windows server 2012 in terms of AD promotion?

In Win 2012, dcpromo has been depreciated. In order to make a Windows

server 2012 to a domain controller, the ADDS service has to be installed from
the server manager. After installation, run the post-deployment configuration
wizard from server manager to promote the server as AD

25.

VMware hardware version comparison

1. What is vSAN?
o

It is a hypervisor-converged storage solution built by aggregating the local

storage attached to the ESXi hosts managed by a vCenter.

2. Recommended iSCSI configuration?

o

A separate vSwitch, and a separate network other than VMtraffic network

for iSCSI traffic. Dedicated physical NICs should be connected to vSwitch
configured for iSCSI traffic.

3. What is iSCSI port binding ?

o

Port binding is used in iSCSI when multiple VMkernel ports for iSCSI reside
in the same broadcast domain and IP subnet, to allow multiple paths to an
iSCSI array that broadcasts a single IP address.

4. iSCSI port binding considerations ?

o

Array Target iSCSI ports must reside in the same broadcast domain and IP
subnet as the VMkernel port.

All VMkernel ports used for iSCSI connectivity must reside in the same
broadcast domain and IP subnet.

All VMkernel ports used for iSCSI connectivity must reside in the same
vSwitch.

Currently, port binding does not support network routing.

5. Recommended iSCSI configuration of a 6 NIC infrastructure ? (Answer

changes as per the infrastructure requirements)
o

2 NICs for VM traffic

2 NICs for iSCSI traffic

1 NIC for vMotion

1 NIC for management network

6. Post conversion steps in P2V

o

Adjust the virtual hardware settings as required

Remove non present device drivers

Remove all unnecessary devices such as serial ports, USB controllers,

floppy drives etc..

Install VMware tools

7. Which esxtop metric will you use to confirm latency issue of storage ?
o

esxtop --> d --> DAVG

8. What are standby NICs

o

These adapters will only become Active if the defined Active adapters
have failed.

9. Path selection policies in ESXi

Most Recently Used (MRU)

Fixed

Round Robin

2. Which networking features are recommended while using iSCSI traffic

o

iSCSI port binding

Jumbo Frames

Ports used by vCenter

80,443,902

What is 'No Access' role

Users assigned with the 'No Access' role for an object, cannot view or
change the object in any way

When is a swap file created

When the guest OS is first installed in the VM

The active directory group, where the members will be ESXi

administrators by default.

ESX Admins

Which is the command used in ESXi to manage and retrieve

information from virtual machines ?

vmware-cmd

Which is the command used in ESXi to view live performance

data?

esxtop

Command line tool used in ESXi to manage virtual disk files?

vmkfstools

Port used for vMotion

8000

Log file location of VMware host

\var\log\vmware

Can you map a single physical NIC to multiple virtual switches ?

No

Can you map a single virtual switch to multiple physical NICs?

Yes. This method is called NIC teaming.

VMKernel portgroup can be used for:

vMotion

Fault Tolerance Logging

Management traffic

Major difference between ESXi 5.1 and ESXi 5.5 free versions

Till ESXi 5.1 free version there was a limit to the maximum physical
memory to 32 GB. But from 5.5 onwards this limit has been lifted.

o
o

What is IPAM server in Windows server 2012?

IPAM is IP Address Management server in Windows Server 2012.
It enables central management of both DHCP and DNS servers. It can also
be used to discover, monitor, and audit DHCP and DNS servers.

How to promote a server to domain controller in Windows server

2012?

DCPROMO was the conventional tool used to promote a normal server to

DC. This is now deprecated in Server 2012.

In Server 2012, you can convert a server into DC using the server
manager console. Under Server Manager, add a new role "Active Directory
Domain Services"

Can I deploy non-MSI software with GPO?

Yes, you can. Apart from MSI packages, GPO also supports deployment of
ZAP files

How frequently is the client policy refreshed ?

By default, group policy is updated in the background every 90

minutes.You can specify an update rate from 0 to 44,640 minutes (31
days). If you select 0 minutes, the computer tries to update Group Policy
every 7 seconds. However, because updates might interfere with users'
work and increase network traffic, very short update intervals are not
appropriate for most installations.

The refresh interval can be configured manually using group policy - GPO
--> Computer Configuration --> Administrative Templates --> System -->
Group Policy --> Set Group Policy refresh interval for Computers

How does the Group Policy No Override and Block Inheritance

work ?

No Override - This prevents child containers from overriding policies set at

higher levels

Block Inheritance - Stops containers inheriting policies from parent

containers

Why cant you restore a DC that was backed up 4 months ago?

The reason is 'Tombstoning' . If a domain controller was restored from a

backup that was older than the tombstone lifetime, then the domain
controller might contain deleted objects, and because the tombstones are
deleted from the replica, the deletion event does not replicate into the

restored domain controller. This is why Backup does not allow you to
restore data from a backup that is older than the tombstone lifetime.
o

More details about tombstoning

- http://www.systemadminguide.in/2013/11/active-directorytombstone.html

I want to look at the RID allocation table for a DC. What do I do?

Dcdiag.exe /TEST:RidManager /v | find /i "Available RID Pool for the

Domain"

Can you connect Active Directory to other 3rd-party Directory

Services? Name a few options.

Microsoft Identity Integration Server (MIIS)

Forefront Identity Manager (FIM)

Can you explain Netlogon services ?

The Netlogon services help the client servers to connect to the Domain

What is urgent replication in AD ?

Normally, a change in a DC (say DC1) is notified to its replication

partner(say DC2) after 15 seconds. Once the change is notified, DC2
makes the change in its database. DC2 then notifies its replication partner
after another 15 seconds. If it's a multi-site setup, the 15 seconds delay
would cost a big delay for the final recipient DC. Suppose if the change
was an 'Account Lock Out', this big delay will be a pain. Here comes
Urgent notification. Urgent notification bypasses the change notification
delay and processes the change immediately across all DCs.

How to migrate AD location to another ? (from C:\AD to D:\AD)

First, stop the Active Directory Domain Services

Open Command Prompt with Admin privilege

Run ntdsutil tool

In the ntdsutil prompt, type Activate instance ntds

Then type files

In the next prompt (file maintenance), type move db to D:\AD

Once the database is moved, move the logs using the command move
logs to D:\AD

Once completed, start the Active Directory Domain Services

What is the schema version of Windows 2008 R2 ?

Windows 2003 R2 - 31

Windows 2008

Windows 2008 R2 - 47

Windows 2012

Windows 2012 R2 - 69

Whats the number of permitted unsuccessful logons for

- 44

- 56

Administrator account?
o

Unlimited - Only for Administrator, not for others in Administrators group

Difference between Everyone and Authenticated users?

Authenticated Users - Include all Users and Computers whose identities

have been authenticated.

Everyone - For Windows 2003 and above, 'Everyone' includes all

Authenticated Users including Guest accounts. Before Windows 2003,
'Everyone' includes all Authenticated Users , Guest accounts and
Anonymous account.

How many passwords by default are remembered when you check

Enforce Password History Remembered?

24

What is an IP Helper address feature and why is it required in a

DHCP environment ?

IP helper-address helps to implement DHCP relay agent in Cisco routers

This is configured at the network interface of the router containing the

DHCP client

The IP helper-address intercepts the DHCP discover message from the

client and unicasts it to the DHCP server after adding 'Option 82'.

With the help of Option 82, the DHCP server identifies the client network
and assigns an IP from that network.

What is FRS and DFS-R ?

File Replication Service (FRS), introduced in Windows 2000 server to

replicate DFS and Sysvol folder in DC. FRS is no longer used in new
versions.

Distributed File System Replication (DFS-R), introduced in Windows

2008R2, came out as a replacement to FRS for replicating DFS and Sysvol.

What is group policy preference ?

Group policy preference is a set of new settings that were released with
Windows 2008, that allows IT administrators to do anything they want to
configure in a corporate environment.

What is the use of LDP.exe

This is a part of Windows Support tools which helps us to make any LDAP
searches against the Active Directory

How to replace a failed RAID controller ?

This depends on the type of controller used. If you are using modern RAID
controllers and are trying to replace with the same model, then the RAID
should work without any issues as the RAID configuration or metadata is
stored in the disk array. But you should ensure that you are using the
same model from vendor or a model which is compatible with the failed
controller.

What is the difference between RAID 1 and RAID 5 ?

RAID 1 - Mirroring - This RAID configuration gives you maximum

redundancy as the same data is written into two disks at a time. But this
solution will be costly as you always need to have disks double of what
you actually require. Minimum 2 disks required.

RAID 5 - This RAID is the most popular RAID configuration. This works on
the parity principle. Minimum 3 disks required. Even if one disk fail, the
data of the failed disk can be calculated from the parity stored in the other
2 disks.

In RAID 5, which activity is faster - Read or Write ?

Good Read performance but slower Write operations due to parity

calculation.

RAID 0 and RAID 1 has got excellent Read and Write performance.

Can we setup an AD site without a DC ?

Yes..

What is DAS ? How is it connected to the server ?

DAS is Direct Attached Storage. DAS is available with many vendors. When
a server has exhausted all its storage resource, we can connect a DAS
solution to it. DAS can be connected to a server using SAS cable.

How is an iscsi device connected to a server ?

An iscsi device can be connected using the iqn number.

How can I add new HDD space to an existing drive ?

Convert the drive from Basic to Dynamic

What happens when a standalone host is taken into maintenance

mode ?

The activity will wait until all VMs are shutdown.

What if all GC in the environment are down ?

GC is required for multi domain forests - In a single domain infrastructure,

the DCs will not contact the GC for authenticating. But in multi domain
infrastructure, GC is required for authentication.

Universal Group Membership evaluation - Universal Group Membership

which exists in a multi domain forests works only with GC.

UPN resolution - The users cannot login to the domain using the username
abc@example.com

How to update Dell server BIOS ?

Dell provides the update in different file formats. One for Windows , one
for linux...If it is a VMware server, then download the Non-Packaged exe
format from Dell website and copy it to a DOS bootable USB drive.
Shutdown the server and boot from USB drive and execute the file.

DSET

Dell Server E-Support Tool (DSET) provides the ability to collect hardware,
storage and operating system information from Dell PowerEdge server.

How to upgrade ESXi 5.1 to ESXi 5.5 ?

Using vSphere update manager

Upgrade interactively using the ESXi installer ISO image on CD/DVD or

Flash drive

Using vSphere Auto Deploy

Using esxcli command-line interface

What is default time after which the DHCP client assigns itself an
APIPA ?

The client waits for 60 seconds before which it assigns automatic private
ip address.