Interview questions and answers-------- updating

1)what are the disk types used in a two node cluster?

Single quorum device cluster, also called a standard quorum cluster
Single Quorum Device Cluster
The most widely used cluster type is the single quorum device cluster, also called the
standard quorum cluster. In this type of cluster there are multiple nodes with one or more cluster
disk arrays, also called the cluster storage, and a connection device, that is, a bus. Each disk in
the array is owned and managed by only one server at a time. The disk array also contains the
quorum resource. The following figure illustrates a single quorum device cluster with one cluster
disk array.
Single Quorum Device Cluster

2) where are the quorum information stored in a cluster?

A quorum is the clusters configuration database.
The database resides in a file named \MSCS\quolog.log. The quorum is sometimes also referred
to as the quorum log.
If the error message occurs after you restore the system state on a computer that has lost the
quorum log, the quorum information is copied to %SystemRoot%\Cluster\Cluster_backup. You
can use the Clusrest.exe tool from the Resource Kit to restore this information to the quorum
disk.
Although the quorum is just a configuration database, it has two very important jobs. First of all, it
tells the cluster which node should be active.
The quorum tells the cluster which node is currently active and which node or nodes are in stand
by.
In Windows Server 2003, Microsoft introduced a new type of quorum called the Majority Node
Set Quorum (MNS).
The thing that really sets a MNS quorum apart from a standard quorum is the fact that each node
has its own, locally stored copy of the quorum database.
Although MNS quorums offer some interesting possibilities, they also have some serious
limitations that you need to be aware of. The key to understanding MNS is to know that
everything works based on majorities. One example of this is that when the quorum database is
updated, each copy of the database needs to be updated. The update isnt considered to
have actually been made until over half of the databases have been updated ((number of nodes /
2) +1). For example, if a cluster has five nodes, then three nodes would be considered the
majority. If an update to the quorum was being made, the update would not be considered valid
until three nodes had been updated. Otherwise if two or fewer nodes had been updated, then the
majority of the nodes would still have the old quorum information and therefore, the old quorum
configuration would still be in effect.
3)Is there any 3 node cluster available, if so which one that?
Majority Node set where we can have quorum on three nodes.

One of the most important things to know about MNS is that you must have at least three nodes
in the cluster.
Remember that a majority of nodes must be running at all times. If a cluster only has two nodes,
then the majority is calculated to be 2 ((2 nodes / 2) +1)-2. Therefore, if one node were to fail, the
entire cluster would go down because it would not have quorum.
4)how can we add group policy to a group of 100 users in a domain?Apply group policy to a
group other than using OU? he is telling like we can do that practically ---- no idea
Normally we will assign it through OU.We will put these users in that specific OU and apply policy
to that OU.
In order to apply Group Polices to specific users or computers, you add users (or groups) and
computers to container objects. Anything in the container object will then get the policies linked to
that container. Sites, Domains and OUs are considered container objects.
Computer and User Active Directory objects do not have to put in the same container object. For
example, Sally the user is an object in Active Directory. Sally's Windows 2000 Pro PC is also an
object in Active Directory. Sally the user object can be in one OU, while her computer object can
be another OU. It all depends on how you organize your Active Directory structure and what
Group Policies you want applied to what objects.
Reference: http://www.svrops.co...s/gpolicies.htm
5)we have a domain set with 10 dcs and all are initially windows mixed mode.i have the system
state backup and finally I raised the functional level to 2003.suddenly one of my dc goes down
how can I restore the dc from that backup?
What I have answered is no need to use the backup. We have to reinstall a new dc with same
name and connect with the existing setup as after replication data will get update to each other
If any problem with that then need cleanup the device info from the AD database and do the
same as all dcs are peers.
6)what are the different types of cluster available?
three different types of server clusters:
Single quorum device cluster, also called a standard quorum cluster
Majority node set cluster
Local quorum cluster, also called a single node cluster
Single Quorum Device Cluster
The most widely used cluster type is the single quorum device cluster, also called the
standard quorum cluster. In this type of cluster there are multiple nodes with one or more cluster
disk arrays, also called the cluster storage, and a connection device, that is, a bus. Each disk in
the array is owned and managed by only one server at a time. The disk array also contains the
quorum resource. The following figure illustrates a single quorum device cluster with one cluster

disk array.
Single Quorum Device Cluster

Because single quorum device clusters are the most widely used cluster, this Technical
Reference focuses on this type of cluster.
Majority Node Set Cluster
Windows Server 2003 supports another type of cluster, the majority node set cluster. In a
majority node set cluster, each node maintains its own copy of the cluster configuration data. The
quorum resource keeps configuration data consistent across the nodes. For this reason, majority
node set clusters can be used for geographically dispersed clusters. Another advantage of
majority node set clusters is that a quorum disk can be taken offline for maintenance and the
cluster as a whole will continue to operate.
The major difference between majority node set clusters and single quorum device clusters
is that single quorum device clusters can operate with just one node, but majority node set
clusters need to have a majority of the cluster nodes available for the server cluster to operate.
The following figure illustrates a majority node set cluster. For the cluster in the figure to continue
to operate, two of the three cluster nodes (a majority) must be available.
Majority Node Set Cluster

This Technical Reference focuses on the single quorum device cluster.

Local Quorum Cluster
A local quorum cluster, also called a single node cluster, has a single node and is often used
for testing. The following figure illustrates a local quorum cluster.
Local Quorum Cluster

7)how many ips are required for 3 node cluster? What are they?
Scenario supporting above questions
In a hypothetical scenerio:
I want 4 node, active/active/active/active cluster.
There are 4 sql instances installed on each node, with name SQLInstance1....
SQLInstance4
My questions:
1) Can I use just one virtual name, for example SQLVirtualServer and clients
can access sql instances in format SQLVirtualServer\InstnaceName? Or Do I
need to create separate pair or virtual name/IP for each sql instance?

How many total IP addresses/hostnames I will need in 4 nodes/instances

cluster?
2) Each instance will be active on one node and other three nodes will in
stand by mode for that instance? Or there can be only on node in stand by for
each instance?
3) if there can be multiple nodes stand by, how it is determined which node
will take over in case of a failure?
Ans: Each instance must be installed in a unique virtual server.
Virtual names must be unique and instance names must be unique.
You will need 9 names and IP addresses;
One for each node (4)
One for each instance(4)
and one for the cluster itself(1)
Instances and nodes are independent entities. You can spread instances
across all the nodes or stack them together. Note that instances do not
have to consume an entire node.
Clustering chooses the least loaded node to failover to or you can set a
preferred failover order per instance.
I suggest building a virtual guest cluster and playing with clustering to
get the concepts down before you try and design a production system.
8)what is the difference between 2003 and 2008 dns?
Top 10 new features in Windows Server 2008
1. The self-healing NTFS file system
2. Parallel session creation
3. Clean service shutdown
4. Kernel Transaction Manager
5. SMB2 network file system
6. Address Space Load Randomization (ASLR)
7. Windows Hardware Error Architecture (WHEA)
8. Windows Server Virtualization
9. PowerShell
10. Server Core

^ Windows Server 2008 R2 supports DNSSEC, however dynamic DNS is not supported for
DNSSEC-signed zones. For earlier versions including Windows Server 2003, DNSSEC
functionality must be manually activated in the registry. In these versions, the DNSSEC support is
sufficient to act as a slave/secondary server for a signed zone, but not sufficient to create a
signed zone (lack of key generation and signing utilities).
^ IPv6 functionality in the Microsoft DNS server is only available on Windows Server 2003 and
newer.
Prior to Windows Server 2003 and Microsoft Windows 2000 Service Pack 3, the most common
problem encountered with Microsoft's DNS server was cache pollution. Although Microsoft's DNS
Server had a mechanism for properly dealing with cache pollution, the mechanism was turned off
by default
In 2004, a common problem involved the feature of the Windows Server 2003 version of
Microsoft's DNS server to use EDNS0, which a large number of firewalls could not cope with. [3]
What's New in DNS in Windows Server 2008
Windows Server 2008 provides a number of enhancements to the DNS Server service that
improve how DNS performs.
Overview of the Improvements in DNS
The DNS Server role in Windows Server 2008 contains four new or enhanced features that
improve the performance of the DNS Server service or give it new abilities:
Background zone loading: DNS servers that host large DNS zones that are stored in Active
Directory Domain Services (AD DS) are able to respond to client queries more quickly when they
restart because zone data is now loaded in the background.
IP version 6 (IPv6) support: The DNS Server service now fully supports the longer
addresses of the IPv6 specification.
Support for read-only domain controllers (RODCs): The DNS Server role in Windows Server
2008 provides primary read-only zones on RODCs.
Global single names: The GlobalNames zone provides single-label name resolution for large
enterprise networks that do not deploy Windows Internet Name Service (WINS). The
GlobalNames zone is useful when using DNS name suffixes to provide single-label name
resolution is not practical.
Global query block list: Clients of such protocols as the Web Proxy Auto-Discovery Protocol
(WPAD) and the Intra-site Automatic Tunnel Addressing Protocol (ISATAP) that rely on DNS
name resolution to resolve well-known host names are vulnerable to malicious users who use
dynamic update to register host computers that pose as legitimate servers. The DNS Server role
in Windows Server 2008 provides a global query block list that can help reduce this vulnerability.
What are the major changes in dns for windows 2008 R2?
Support for Domain Name System Security Extensions (DNSSEC) is introduced in Windows
Server 2008 R2 and Windows 7. With Windows Server 2008 R2 DNS server, you can now
sign and host DNSSEC-signed zones to provide security for your DNS infrastructure.
The following changes are available in DNS server in Windows Server 2008 R2:

 Ability to sign a zone and host signed zones.

Support for changes to the DNSSEC protocol.
Support for DNSKEY, RRSIG, NSEC, and DS resource records.
The following changes are available in DNS client in Windows 7:
Ability to indicate knowledge of DNSSEC in queries.
Ability to process the DNSKEY, RRSIG, NSEC, and DS resource records.
Ability to check whether the DNS server with which it communicated has performed
validation on the clients behalf.
The DNS clients behavior with respect to DNSSEC is controlled through the Name
Resolution Policy Table (NRPT), which stores settings that define the DNS client s behavior.
The NRPT is typically managed through Group Policy.
What does DNSSEC do?
DNSSEC is a suite of extensions that add security to the DNS protocol. The core DNSSEC
extensions are specified in RFCs 4033, 4034, and 4035 and add origin authority, data integrity,
and authenticated denial of existence to DNS. In addition to several new concepts and operations
for both the DNS server and the DNS client, DNSSEC introduces four new resource records
(DNSKEY, RRSIG, NSEC, and DS) to DNS.
In short, DNSSEC allows for a DNS zone and all the records in the zone to be cryptographically
signed. When a DNS server hosting a signed zone receives a query, it returns the digital
signatures in addition to the records queried for. A resolver or another server can obtain the
public key of the public/private key pair and validate that the responses are authentic and have
not been tampered with. In order to do so, the resolver or server must be configured with a trust
anchor for the signed zone, or for a parent of the signed zone.
DNS Devolution
Published: October 21, 2009
Devolution is a behavior in Active Directory environments that allows client computers that are
members of a child namespace to access resources in the parent namespace without the need
to explicitly provide the fully qualified domain name (FQDN) of the resource.
With devolution, the DNS resolver creates new FQDNs by appending the single-label, unqualified
domain name with the parent suffix of the primary DNS suffix name, and the parent of that suffix,
and so on, stopping if the name is successfully resolved or at a level determined by devolution
settings.
For example, if the primary DNS suffix is central.contoso.com and devolution is enabled with a
devolution level of two, an application attempting to query the host name emailsrv7 will attempt to
resolve emailsrv7.central.contoso.com and emailsrv7.contoso.com. If the devolution level is
three, an attempt will be made to resolve emailsrv7.central.contoso.com, but not
emailsrv7.contoso.com.
Devolution is not enabled in Active Directory domains when the following conditions are true:
1. A global suffix search list is configured using Group Policy.
2. The Append parent suffixes of the primary DNS suffix check box is selected on the DNS tab in

the Advanced TCP/IP Settings for IPv4 or IPv6 Internet Protocol (TCP/IP) Properties of a client
computers network connection.
9)what is AD DS and ADLDS WHERE WE ARE USING IN WINDOWS 2008?
AD DS is the active directory domain services
Active Directory Application Mode (ADAM) is a light-weight implementation of Active Directory.
ADAM is capable of running as a service, on computers running Microsoft Windows Server 2003
or Windows XP Professional. ADAM shares the code base with Active Directory and provides the
same functionality as Active Directory, including an identical API, but does not require the
creation of domains or domain controllers.
Like Active Directory, ADAM provides a Data Store, which is a hierarchical datastore for storage
of directory data, a Directory Service with an LDAP Directory Service Interface. Unlike Active
Directory, however, multiple ADAM instances can be run on the same server, with each instance
having its own and required by applications making use of the ADAM directory service.
In Windows Server 2008, ADAM has been renamed AD LDS (Lightweight Directory Services).
[15]
Active Directory Lightweight Directory Services
Active Directory Lightweight Directory Services (AD LDS) provides directory services for
directory-enabled applications. AD LDS does not require or rely on Active Directory domains or
forests. AD LDS was previously known as Active Directory Application Mode (ADAM).
10)HOW WE WILL ADD unique wall paper for set of users/
If you run a company, you might want to set your company logo or any particular wallpaper on all
of your users' desktops. On the other hand, if you use a single system you might still want to have
your desired wallpaper on Desktop and it really annoys when someone changes the wallpaper.
So if you are tired from people changing the wallpaper and want to prevent users from changing
it everyday, then this tutorial will help you.
In this tutorial, you'll learn a way to set your desired wallpaper on Desktop and no one will be able
to change it neither from Desktop Properties nor by right-clicking on an image and select "Set as
Desktop Background".
So here we start our tutorial:
1. Type regedit in RUN dialog box or Startmenu Search box and press Enter. It'll open registry
Editor.
2. Now go to following key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
3. Under "Policies" key, create a new key "System". It might already exist in some systems.
4. Now select "System" key and in right-side pane, create a new STRING value Wallpaper and
set its value to the exact path of your desired wallpaper. You can use .JPG and .BMP files in this
method.
e.g. if your wallpaper exists in "E:\Wallpapers\Wall1.JPG", then set the same path as value of
"Wallpaper".
5. You can also set the wallpaper style e.g. Centered, Tiled or Stretched. Create a new STRING

value WallpaperStyle and set its value to as following:

0 (Centered)
1 (Tiled)
2 (Stretched)
6. That's it. Now restart or log off your system and no one will be able to change the wallpaper.
PS: If you also want to disable the "Desktop" tab in Desktop Properties, then you can visit
following tutorial:
We can also enable the group policy options like enable desktop wall paper and enable active
desktop in group policy
In case if this is not properly working for the OU where we apply this also try with the following
registry key
Based on our test, it seems the Registry key [HKEY_CURRENT_USER\Control
Panel\Desktop\WallPaper] is missing and caused this problem. To work around this issue, please
create a String Value [HKEY_CURRENT_USER\Control Panel\Desktop\WallPaper] on client and
try to set wallpaper.
We can use Group Policy Preference->Registry to deploy this Registry key or use user logon
script to deploy this Registry key.
11)how we will enable auditing for a set of users login to domain and where we will do that?
Windows & Active Directory Auditing
If you are like most administrators, you want to know who is logging on, to which computer, and
accessing resources on your servers. For your Windows computers and Active Directory
environment, you have options to help you determine what you want to know.
If you fall into the category of a highly-secure environment, where you need to track access to
some or all of the resources on the network, you also have options to help you track the access
to the resources. The feature in Windows that provides this tracking and logging of who is
accessing which resource from computers on the network is called auditing. There are numerous
auditing options and configurations that you can choose from. We will take a look at each option
and go over what each option can provide for you.
Your Auditing Buffet Options
When you set out to configure auditing for computers on your network, you will find that there are
numerous options for you to choose from. This granularity helps in many ways. First, it allows you
to target specific activities, instead of taking a wider sweep of all activity on a computer. Second,
with a narrower scope of what you are auditing, will result in smaller logs which make reviewing
the logged information more efficient. Finally, reducing the auditing options to just what you need

will reduce the load on the computer, allowing it to provide more resources to other activities.
The list of auditing options can be seen in Figure 1.
Figure 1: There are a total of nine auditing settings that you can configure on every Windows
computer
Audit account logon events This will audit each time a user is logging on or off from another
computer in which the computer performing the auditing is used to validate the account. The best
example of this is when a user logs on to their Windows XP Professional computer, but is
authenticated by the domain controller. Since the domain controller is validating the user, the
event would be generated on the domain controller. This setting is not enabled for any operating
system, except for Windows Server 2003 domain controllers, which is configured to audit
success of these events. It is common and a best practice to have all domain controllers and
servers audit these events. I also find that in many environments clients are also configured to
audit these events.
Audit account management This will audit each event that is related to a user managing an
account (user, group, or computer) in the user database on the computer where the auditing is
configured. Examples of these events include:
Creating a user account
Adding a user to a group
Renaming a user account
Changing a password for a user account
For domain controllers, this will audit changes to domain accounts, as described in the following
article named Auditing Users and Groups with the Windows Security Log. For a server or client, it
will audit the local Security Accounts Manager and the accounts that reside there. This setting is
not enabled for any operating system, except for Windows Server 2003 domain controllers, which
is configured to audit success of these events. It is common and a best practice to have all
domain controllers and servers audit these events. For auditing of the user accounts that the
security logs and audit settings cant capture, refer to the article named Auditing User
Accounts.
Audit directory service access This will audit each event that is related to a user accessing
an Active Directory object which has been configured to track user access through the System
Access Control List (SACL) of the object, as shown in Figure 2.
Figure 2: Each Active Directory object has a SACL
The SACL of an Active Directory object specifies three things:
The account (typically user or group) that will be tracked
The type of access that will be tracked, such as read, create, modify, etc
Success or failure access to the object
Since each object has its own unique SACL, the level of control over which Active Directory
object will be tracked can be very precise. This setting is not enabled for any operating system,

except for Windows Server 2003 domain controllers, which is configured to audit success of
these events. It is a best practice to enable both success and failure auditing of directory service
access for all domain controllers.
Audit logon events This will audit each event that is related to a user logging on to, logging
off from, or making a network connection to the computer configured to audit logon events. A
good example of when these events are logged is when a user logs on interactively to their
workstation using a domain user account. This will generate an event on the workstation, but not
on the domain controller that performed the authentication. In essence, logon events are tracked
where the logon attempt occurs, not where the user account resides. This setting is not enabled
for any operating system, except for Windows Server 2003 domain controllers, which is
configured to audit success of these events. It is common and best practice to log these events
on all computers on the network.
Audit object access This will audit each event when a user accesses an object. Objects
include files, folders, printers, Registry keys, and Active Directory objects. In reality, any object
that has an SACL will be included in this form of auditing. Like the Auditing of directory access,
each object has its own unique SACL, allowing for targeted auditing of individual objects. There
are no objects configured to be audited by default, which means that enabling this setting will not
produce any logged information. Once this setting is established and a SACL for an object is
configured, entries will start to show up in the logs on access attempts to the object. It is not
common to configure this level of auditing until there is a specific need to track access to
resources. In highly secure environments, this level of auditing is usually enabled and numerous
resources are configured to audit access.
Audit policy change This will audit each event that is related to a change to one of the three
policy areas on a computer. These policy areas include:
User Rights Assignment
Audit Policies
Trust relationships
This setting is not enabled for any operating system, except for Windows Server 2003 domain
controllers, which is configured to audit success of these events. It is common and best practice
to configure this level of auditing for all computers on the network.
Audit privilege use This will audit each event that is related to a user performing a task that is
controlled by a user right. The list of user rights is rather extensive, as shown in Figure 3.
Figure 3: List of User Rights for a Windows computer
This level of auditing is not configured to track events for any operating system by default. It is
common and a best practice to configure this level of auditing for all computers on the network.
Audit process tracking This will audit each event that is related to processes on the
computer. Examples would include program activation, process exit, handle duplication, and
indirect object access. This level of auditing produces an excessive number of events and is
typically not configured unless an application is being tracked for troubleshooting purposes.

Audit system events This will even audit an event that is related to a computer restarting or
being shut down. Events that are related to the system security and security log will also be
tracked when this auditing is enabled. This is a required audit configuration for a computer that
needs to track not only when events occur that need to be logged, but when the log itself is
cleaned. This setting is not enabled for any operating system, except for Windows Server 2003
domain controllers, which is configured to audit success of these events. It is a best practice to
configure this level of auditing for all computers on the network.
Success or Failure Auditing?
Each of these options provide two configuration settings: Success and/or Failure. These options
are essential to help you track the required information that is generated from a user performing
a task. Tasks are typically related to one of the following:
Permissions configured on the Access Control List of a resource
User Rights configured for a specific computer
Administrative privileges, typically granted through group membership
If the user attempts to perform a task which they have not been granted permission for will result
in a failure to perform the task. For example, if a user attempts to change the time on their laptop,
but they are not in the local Administrators group, this will generate a failed attempt to
Change the System Time, which is a User Right granted directly to users or groups of
users, including the Administrators group.
The flip side of this is also true, where if a user attempts to perform a task which they have been
granted the appropriate permission, they will generate a success trigger for that task. A good
example here might be a user that has been delegated permissions to modify the membership of
a group located in Active Directory.
As you can see, depending on what you want to track, success or failure, will need to be setup
when you enable the specific auditing setting.
Conclusion
With so many options for tracking events in a Windows environment, it is important to understand
what each option provides through the security log of the event viewer. It is also important to
know and recognize the default settings, which are not always set to properly track events for
your important member servers. Finally, you were provided with some best practice
recommendations for these settings, which you should decide if your environment should accept
the same settings.
12)how the policy are applied in ADthe levels?
GPO Priorities
Local GPOs are applied in the following order, with later policies overriding conflicting settings in
earlier policies:
1. local computer policy;
2. administrators and non-administrators policies;
3. user-specific policies.
For example, if you set the desktop to blue in the local computer policy but set it to red in the

administrators policy, it will appear red when an administrator logs on. If you set the desktop to
green in the user-specific policy, that setting would override all other local GPOs.
If the computer is a member of an Active Directory domain, domain GPOs always override
conflicting settings in local GPOs. If you want to completely disable local GPOs, enable the
following setting in a domain GPO:
computer configuration\administrative templates\system\group policy\turn off local group policy
objects processing
With Group Policy objects, you can change hundreds of default settings in Microsoft Windows
from color schemes to desktop security and create a complex hierarchy of GPOs to
configure settings based on the user and the computers location, organization and purpose
in Active Directory environments.
Heres how to define, edit and prioritize multiple local GPOs.
First, not all computers can join a domain. For example, public computers (such as a kiosk in a
library) are frequently attacked and could put the entire domain at risk. Windows XP and earlier
versions of Windows had a single local GPO that applied settings to the client computer and all
users that logged on to the computer. Therefore, if you needed to lock down the desktop
environment to prevent guests from opening the Start menu, you also made it impossible to
manage the computer when logged on as an administrator.
Windows Vista now supports multiple local Group Policy objects (MLGPOs) so that you can apply
different settings to administrators, non-administrators and specific users.
MLGPO Types
Windows Vista supports the following local GPOs:
Local Computer Policy: Just like earlier versions of Windows, Vista supports local computer
policy that always applies, regardless of which user is logged on. This policy contains both the
Computer Configuration and User Configuration nodes. All other local GPOs contain only the
User Configuration node.
Administrators Policy: Settings configured in this policy apply only to users who are
members of the local Administrators group.
Non-administrators Policy: Settings apply to all users who are not members of the local
Administrators group.
User-Specific Policies: You can configure GPOs that apply to only a specific user account.
Any user who logs on will have, at most, three local GPOs: the local computer policy, a userspecific policy, and either the administrators or non-administrators policy. Oddly, you cannot
create local GPOs that apply to local groups, such as backup operators or
guests.
Troubleshooting Local GPOs
You can troubleshoot problems with local GPOs using most of the same tools you use for Active
Directory GPOs, including:

 Resultant Set of Policy: A Microsoft Management Console snap-in that analyzes all Group
Policy settings, displays the effective settings, and allows you to isolate the Group Policy objects
that define any setting.
GPResult: A command-line tool that provides a list of active GPOs, including both domain
and local GPOs, among other useful information.
Event Viewer: Vista adds an event to the System Event Log when policies are applied, and
stores detailed processing information in the applications and service
logs\microsoft\windows\group policy\operational event log. The Operational Event Log replaces
the userenv.log file used in earlier versions of Windows.
Group Policy Log View: A tool that exports Group Policy event data into a text file. You can
download GPLogView at go.microsoft.com/fwlink/?LinkId=75004.
13)what are the difference between windows 2003 and windows 2008?
2008 is combination of vista and windows 2003r2. Some new services are introduced in it
1. RODC one new domain controller introduced in it
[Read-only Domain controllers.]
2. WDS (windows deployment services) instead of RIS in 2003 server
3. shadow copy for each and every folders
4.boot sequence is changed
5.installation is 32 bit where as 2003 it is 16 as well as 32 bit, thats why installation of 2008
is faster
6.services are known as role in it
7. Group policy editor is a separate option in ads
2) The main difference between 2003 and 2008 is Virtualization, management.
2008 has more inbuilt components and updated third party drivers Microsoft introduces new
feature with 2k8 that is Hyper-V Windows Server 2008 introduces Hyper-V (V for Virtualization)
but only on 64bit versions. More and more companies are seeing this as a way of reducing
hardware costs by running several 'virtual' servers on one physical machine. If you like this
exciting technology, make sure that you buy an edition of Windows Server 2008 that includes
Hyper-V, then launch the Server Manger, add Roles.
3) In Windows Server 2008, Microsoft is introducing new features and technologies, some of
which were not available in Windows Server 2003 with Service Pack 1 (SP1), that will help to
reduce the power consumption of server and client operating systems, minimize environmental
byproducts, and increase server efficiency.
Microsoft Windows Server 2008 has been designed with energy efficiency in mind, to provide
customers with ready and convenient access to a number of new power-saving features. It
includes updated support for Advanced Configuration and Power Interface (ACPI) processor
power management (PPM) features, including support for processor performance states (Pstates) and processor idle sleep states on multiprocessor systems. These features simplify power

management in Windows Server 2008 (WS08) and can be managed easily across servers and
clients using Group Policies.
14)how the change management is done in our work?
Change Management
Change Management aims to ensure that standardised methods and procedures are used for
efficient handling of all changes,
Main article: Change Management (ITSM)
A change is an event that results in a new status of one or more configuration items
(CI's)[citation needed] approved by management, cost effective, enhances business process
changes (fixes) - with a minimum risk to IT infrastructure.
The main aims of Change Management include:
Minimal disruption of services
Reduction in back-out activities
Economic utilization of resources involved in the change
[edit] Change Management Terminology
Change: the addition, modification or removal of CIs
Change Request (CR): form used to record details of a request for a change and is sent as
an input to Change Management by the Change Requestor
Forward Schedule of Changes (FSC): schedule that contains details of all forthcoming
Changes..
Management details with practical details
The Service Desk
Practical Case
As an essential step in implementing the ITIL methodology in the company, the management of
"Cater Matters" decided to set up a service desk centralising all the IT organisation's contacts
with customers and suppliers.
To do so, the following decisions were made:
A manager was appointed to be in charge of the Service Desk.
After a careful analysis of the needs of the organisation and users, the main functions of the
service desk were defined:
o Managing the first line of support for Incident Management.
o Monitoring the quality of service offered with respect to the SLAs.
o Providing sales-related information about the services offered.
o Conducting regular surveys on the level of customer satisfaction.
o Drawing up periodic reports with the information gathered.
Running a small promotion to present the new services to existing and potential customers.
Setting web space so as to channel user interaction through the web as much as possible,
by means of:
o Forms for queries and reporting incidents.

o Remote querying (by means of the associated web services) of the state of active incidents,
incident history and compliance with SLAs.
o Up-to-date FAQs allowing users to run their own queries on the services provided, known
errors, etc.
Drawing up a "Customer Care Manual" describing the different protocols for interaction with
users, depending on the situation in question.
Choosing a software tool to help record and manage all the Service Desk's information
flows.
Giving specific training:
o To staff responsible for dealing directly with users and customers on applying the "Customer
Care Manual".
o On the software tools used.
Creating a detailed plan for the progressive implementation of the Service Desk
Incident Management
Practical Case
The "Cater Matters" Service Desk has just received a call from the person in charge of supplies
at one of its customer's canteens.
He says that although he had ordered a new batch of ice-creams a few days ago over the web,
they had not yet arrived and the stock in the fridge was running low.
The Service Desk operator looks in the orders database and confirms that the order was made
several days ago, but he also notices that it was incorrectly stored.
He tries to repeat the order on his computer, but the system continues to malfunction.
Following the established protocols, the operator then takes the following decisions:
He evaluates its priority: although the impact is low, the incident is urgent as the customer
needs the delivery urgently.
He logs the details of the incident.
He consults the Knowledge Base to investigate whether the incident is the result of a known
error, and if there are any possible work-arounds.
A temporary solution is proposed to the customer: he is pointed in the direction of a reserved
area of the website where he can place "urgent" orders by email.
He contacts the systems department to warn that the incident may be repeated throughout
the morning.
Using the application that monitors warehouse stock, he checks the availability of the icecreams ordered.
He reassures the customer that he will receive the ice-creams before midday via the
company's express service.
Meanwhile, the systems department:
Runs a series of tests and confirms that, in general, the system is functioning correctly.
Are unable to identify the cause of the incident.
They contact Service Desk and suggest that the problem be forwarded to Problem

Management with a preliminary classification of low priority.

Service Desk receives the information and decides that:
Given the low impact of the incident and the fact that the customer has been given a
satisfactory work-around, it does not need to be escalated.
They log the work-around for the incident together with the information provided by the
systems department.
The incident is closed.
Problem Management
Practical Case
The Service Desk of "Cater Matters" has informed Problem Management about an incident which
could not be associated with a known error and which caused a low impact interruption to
service.
Problem Management decided to analyse the problem following the established protocol, which
is based on the Kepner-Tregoe method:
Identifying the problem.
Classifying of the problem.
Establishing the possible causes.
Checking the most likely cause.
Confirming the actual cause.
Identification: In the case with which we are concerned, the problem is easy to define:
The online orders application produces unpredictable errors when recording certain orders.
There is no apparent relationship between the error and other hardware/software components.
Classification: The problem may be classified according to the following parameters:
Identification: Problems recording orders.
Source: Online orders module.
Frequency: the problem is not recurrent, this is the first time it has been detected.
Impact: slight. The incident was resolved without a serious interruption to service.
Possible causes: The most likely causes include:
Errors in programming on the client side of the application.
Errors in the web server recording modules.
Database configuration errors.
The analysts decide that the most likely origin of the problem is in the application's recording
modules.
Checking the most likely cause: with the help of the information recorded by Incident
Management:
Problem management tries to reproduce the problem.
They find that the error is only reproduced with a particular brand of ice-cream.
They notice that the brand of ice-cream has an apostrophe in its name and that if this is
removed the order is recorded without problems.
Verification:

 A test environment is set up reproducing the module of interest on the live environment.
The necessary programming changes are made.
They confirm that the order is recorded correctly.
The problem has been converted into a known error. It is now the task of Error Control to:
Raise an RFC with the proposed solution.
Carry out the post-implementation review if Change Management considers it appropriate to
implement the RFC.
Configuration Management
Practical Case
Although configuration management is vitally important, it can easily turn into a devourer of
resources if excessively ambitious criteria are laid down. Therefore, the management of "Cater
Matters" initially decided to limit the scope of the configuration database to the systems it felt to
be critical:
LAN servers.
Internet servers.
Service Centre computing infrastructure.
SLAs
To simplify management yet further, they decided to harmonise their configurations in a series of
"reference configurations" applicable to the CIs described above.
Although this was a significant initial investment, it was felt that its had clear advantages:
Medium-to-long term reduction in the associated costs.
Improving the consistency of the services delivered.
Simplification of all the processes associated with service support: Incidents, problems,
changes, versions, etc.
Opting for a series of standard configurations allows a high level of detail to be achieved without
the effort involved's being excessive. The following items were therefore entered on the
database:
Software configurations:
o Operating Systems:
o Installed applications.
o Interdependencies: parent-child relationships, owners, etc.
o Associated documentation.
Hardware configurations:
o Servers and work stations.
o Sub-components, with their interrelations: parent-child relationships, interdependencies, etc.
o Associated documentation and controllers.
Associated SLAs and monitoring reports.
At the same time, management tools were installed to allow all these configurations to be
monitored remotely and periodic automatic audits to be carried out.
Change Management

Practical Case
The customers and suppliers of "Cater Matters" are making increasing use of the company's
online services to manage ordering and the supply chain.
Although it basically meets the needs of the business, the currently implemented system was not
designed to support a high level of activity. Both Availability Management and Capacity
Management have reported inadequacies in the process and the risk of future bottlenecks if the
current rate of growth continues.
Moreover, the company's management has decided to bolster its online presence and offer
customers higher levels of service in order to build its market share.
This all requires a substantial change in both the hardware and software driving the company's
online services, and the connection with the organisation's internal management software (ERP).
The company's management therefore raised an RFC and submitted it to Change Management.
The objectives of the RFC were:
To increase the capacity of the company's web servers in order to enhance connectivity and
response capacity.
To develop a series of WebServices permitting:
o Direct integration of the online ordering system with the company's ERP system.
o Tracking of the whole ordering process.
o Management of the whole supply chain remotely in conjunction with suppliers.
To redesign the website to enhance usability and optimise it for search engine indexing.
After recording the RFC:
The request is given the "accepted" status and provisionally assigned normal priority and
high impact.
A meeting of the CAB is called, and the people in charge of e-commerce and web
programming are asked to attend.
A preliminary evaluation of the project is requested from the outside consultant who
supervised the whole implementation process for the current system.
Prior to the CAB's meeting the Change Manager, in close coordination with Capacity, Availability,
Financial and Service Level Management, and top management and project management,
prepares:
An initial evaluation of the costs and necessary resources.
An evaluation of the impact of the changes on the IT infrastructure.
A preliminary Gantt chart of the process.
A survey so that the Service Desk can sound out customers' opinions about the possible
changes.
After weighing up the documentation submitted and the organisation's business strategy, the
CAB approves the change, and:
Finalises the schedule for the change.
Assigns the internal and external resources needed.
Develops a plan allowing for the temporary coexistence of both online systems to ensure

continuity of service. This will involve:

o Duplication of the whole web structure: new servers will be bought so that the old ones can
continue providing continuous service and are immediately available for a possible back-out.
o "Translation" applications will be developed so as to enable the old databases to be kept up-todate in order to avoid the loss of data in the event of a back-out.
Configuration Management is informed about all the CIs affected by the change.
The same consultancy that implemented the current system is asked to perform an external
audit on the whole process.
All the information necessary for Version Management to be able to start the testing and
implementation process is prepared.
After the change is implemented, in conjunction with "Service Support" and "Service Delivery",
Change Management:
Confirms the change is successful:
o The new system has sufficient capacity to provide the envisaged levels of service and
availability.
o The new system works without apparent errors.
o Customers and suppliers perceive the change as an improvement in service delivery.
o Productivity has improved.
A check is made to ensure everything has been recorded in the CMDB correctly.
The process is evaluated.
The change is closed.
Release Management
Practical Case
Change Management has approved (see the practical case in the previous chapter) an RFC
having as its main objectives:
Increasing the capacity of the company's web servers in order to enhance connectivity and
response capacity.
Developing a series of WebServices permitting:
o Direct integration of the online ordering system with the company's ERP system.
o Tracking the ordering process from end to end.
o Remotely managing the whole supply chain jointly with suppliers.
Redesigning the website to enhance usability and optimise it for search engine indexing.
Release Management is in charge of the process of developing, buying, testing and distributing
the new versions of hardware and software concerned. For this purpose:
The new hardware needs are assessed in collaboration with Capacity Management and
Availability Management and the hardware is bought and configured.
They contact their usual web development suppliers to define the specifications of the new
software precisely and to draw up a schedule for development.
The web structure is duplicated, i.e. new servers are bought so that the old ones can
continue providing continuous service and are immediately available for a possible back-out.

 Translation scripts are written allowing the new data to be saved on the old version to avoid
data being lost in the event of a back-out.
A schedule is set for testing by real users so they can give their approval to the new service.
A two-stage deployment is planned:
I. The whole web structure, excluding the data, is incorporated directly onto the company's ERP.
II. The process is completed with the integration of web orders using WebServices on the ERP.
A user manual is written describing the new release and a FAQ page is created on the web
that includes the queries users raised most frequently during the testing phase.
Users are informed about the new release and warned of possible short interruptions to
service during installation.
The new release is installed.
A master copy of all the software is stored in the DSL.
The CMDB is updated.
Service Level Management
Practical Case
The management of "Cater Matters" has decided to implement Service Level Management
adapting the ITIL principles and recommendations to the needs of its organisation.
To carry out this task as efficiently as possible, a series of initial actions have been defined.
These are basically:
Appointing someone to manage the process.
Drawing up a catalogue of services.
Developing a comprehensive service quality plan.
Defining templates from which to create SLAs associated with the main services.
Service Level Manager
The management has appointed one of its more experienced executives accustomed to dealing
with customer relations to take the role of Service Level Manager.
His main function is to negotiate and agree on service delivery with customers, as the
representative of "Cater Matters".
His specific responsibilities include:
Preparing and maintaining an up-to-date catalogue of the services offered by "Cater
Matters".
Determining the general structure of the SLAs, OLAs and UCs.
Negotiating SLAs, OLAs and UCs with customers and suppliers
Supervising fulfillment of the service delivery agreements with customers and suppliers.
Keeping the top management and IT organisation informed about the performance of the
process.
Defining the service improvement plans resolving deficiencies in the quality of the services
delivered and/or adapting these services to new customer needs and the latest technological
advances.
Interacting with other IT processes to ensure that they all receive and contribution the

necessary information for the optimal functioning of the organisation.

Drawing up the Service Catalogue
"Cater Matters" decided to subdivide its service catalogue according to the different types of
customer contracting its services.
Private individuals.
Small businesses.
Large corporations and institutions and public bodies.
The purpose of the catalogue is not just to publicise the various services but also to show
(potential) customers clearly what the differences are between the options available on top of the
basic service.
To do this, an online catalogue is developed allowing different versions to be compared and
giving an initial estimate of costs based on the different options selected.
The description of each service includes additional information about:
Delivery times.
Availability of the service (holidays, night hours, etc.)
Auxiliary services.
Associated WebServices.
Applicable legislation.
Loyalty programmes.
Online support.
Service Quality Plan
To ensure the quality of the service a SQP is developed, which defines:
The responsibility of each of the departments in the service delivery process.
Contingency plans in the event of serious deterioration of the quality of service.
Key indicators of performance and customer satisfaction.
Methods of supervision and real-time monitoring of the processes involved in delivering the
service, such as, for example, deliveries and supplying the goods.
Protocols for the Service Desk's interaction with customers and users.
The levels of security, availability, capacity and redundancy necessary to ensure the correct
provision of the service in cooperation with the people in charge of these processes.
Prototype SLAs
In order to avoid the task of preparing SLAs becoming too complex and tedious, templates are
drawn up for different types of service and customer.
Each prototype SLA includes:
General, non-technical description of the services agreed.
People responsible for the agreement on both the customer's and the supplier's side.
Deadlines for delivery of the service.
Duration of the agreement and conditions for its renewal and/or cancellation.
Conditions of availability of the service.
Support and maintenance work associated.

 Response times.
Recovery times in the event of incidents.
Contingency plans if applicable.
Charging and collection methods.
Criteria for evaluating the quality of the service.
IT Service Financial Management
Practical Case
The "Cater Matters" IT organisation has for several years been providing essential services both
for the organisation of the company and for external customers of its catering services.
However, to date, IT spending has not been registered on the accounts and budgeted specifically,
and with the data currently available, it is impossible to know what impact IT services have on the
cost of each of the catering services provided.
The management of "Cater Matters" wants to develop a pricing policy for IT services that allows it
to pass on its costs to end users of the company's catering service, in the same way that it
passes on the cost of transport, raw materials, etc.
A senior manager from the IT department and a member of the company's finance department
have been appointed to manage this process.
The work plan for the near term includes:
In collaboration with Configuration Management, drawing up a list of all the CIs involved in
providing direct services to customers.
Evaluate the costs associated with their use, and sharing them out among the different
services if necessary, on a pro rata basis: depreciation, maintenance, consumables, etc.
Evaluating the cost of staff and operating costs.
Estimating costs associated with IT services that are hidden or difficult to assign.
Evaluating indirect costs: installations, administrative costs, etc.
Establishing strict accounting criteria for the administration of IT costs.
Establishing a cost+margin pricing policy.
All these activities aim to define precisely the costs associated with the IT services already being
delivered and to propose rates that can be passed on to customers, either directly or as a part of
general items.
However, the objectives of proactiveFinancial Management go further, and include the proper
planning of future expenses and investments. For this purpose, in collaboration with Service
Level Management, Capacity Management and Availability Management, the following points
have been studied:
Customer requirements and market trends.
The impact on costs and Service Improvement Programmes (SIP).
Forecasts and future IT capacity needs.
The information compiled will be used as the basis for the preparation of the first "annual IT
budgets" prepared by Financial Management.
Capacity Management

Practical Case
Up until now, Capacity Management at "Cater Matters" has been reactive, or in other words,
capacity was increased or redistributed only when problems appeared.
With the increasing importance of IT services, both for the internal organisation of "Cater Matters"
and for its customers, the management has decided to implement ITIL best practice for Capacity
Management.
They have therefore appointed a Capacity Manager with the following main responsibilities:
Monitoring the performance of the IT infrastructure, paying special attention to online
services, as these are particularly important in providing a good service to customers.
Analysing, in conjunction with Configuration Management, the impact of the various CIs on
the system's capacity.
Evaluating, in conjunction with Service Level Management, the process, storage and
bandwidth loads the current and envisaged SLAs imply.
Evaluating, in conjunction with Financial Management, the real cost of each service.
Producing regular reports on the state of the relevant technology available for the services
offered.
Analysing trends and statistics on the use and load on the system.
The results of this work should allow:
The preparation of an annual Capacity Plan which will be reviewed quarterly against the real
data obtained from monitoring of the system, together with the business forecasts.
The Capacity Database (CDB) to be populated so that it contains all the information relating
to capacity.
Improvements to the service to be proposed.
With the aim of:
Minimising the number and impact of future incidents degrading the quality of service.
Rationalising the use of IT infrastructure capacity.
Reducing the cost of the IT infrastructure.
Increasing productivity and customer satisfaction.
IT Service Continuity Management
Practical Case
The IT organisation of "Cater Matters" currently lacks any IT Service Continuity Management
worthy of the name.
The management of "Cater Matters" is aware of the importance that IT services have today for its
production and distribution and aims to rectify this situation.
The company's management considers that the IT services associated with stock management,
given that the stock consists of perishable products, and online ordering, are those of greatest
strategic importance. In the first instance they therefore decide that the ITSCM should guarantee
the continuity of these services within not more than 8 hours. Less ambitious targets are set for
other services.
A senior executive from the IT department is given the role of managing the process and charged

with coordinating all the activities involved with Business Continuity Management.
Business Continuity Management has signed cooperation agreements with other catering
companies for emergency supplies to cover the company's most important customers:
Catering services for schools and hospitals.
Conferences and other large events.
In these cases, coordination requires the development of special modules allowing order
databases to be exported in standard data exchange formats so they can be processed by the
other organisation.
Additionally, an emergency stock management application has been developed to allow supplier
orders to be handled and ensure the integrity of existing stock is maintained, according to its
expiry information and the impact of the business interruption on the stock.
The following are also established:
A regular calendar of trials of the recovery plans.
A calendar of training courses on action protocols in emergency situations.
However, IT Service Continuity Management not only has to apply reactive measures to mitigate
the impact of a possible interruption to service. Its obligations also include the drafting of
prevention plans to avoid these situations arising.
To avoid interruptions to its online services the ITSCM:
Contracts collocation web hosting services with a provider that has connections through
various operators to the Internet backbone and can ensure an uninterrupted power supply.
Replicates critical systems at different geographical locations.
Supervises the policy of back-ups of the data servers.
Installs perimeter protection systems.
Availability Management
Practical Case
Availability 12/7 is a feature on which the customers of "Cater Matters" place great importance.
IT services play a small, although important, part in the services the organisation provides to its
customers and availability problems usually arise from processes that are not directly technology
related. However, an interruption to online services can represent a serious problem given the
large volume of orders received via this channel (almost all orders), and its importance for
managing stocks of raw materials.
Availability Management, in collaboration with the people responsible for the other IT processes
has been charged with drawing up new availability plans that take the rapid growth of the
business into account, which may entail 24/7 availability being needed for certain business lines.
Drawing up this new plan requires:
Revision of the UCs in effect with Internet service providers.
Definition of levels of availability for the new services.
Design for 24/7 availability of the IT services offered.
New management plans for maintenance requiring real interruptions to service.
Moreover, the management of "Cater Matters" has decided to regularly inform customers about

the levels of performance and availability of the various different services provided. To do so they
have charged Availability Management with implementing the procedures necessary to measure:
The time between incidents.
The time the service is down.
The time taken to respond to each incident.
The delay in service delivery.
This will be complemented by a module automatically performing statistical calculations and
generating reports on compliance with the levels of availability agreed with each customer.
In this way, "Cater Matters" hopes to build a relationship of trust with its customers and keep the
IT organisation alert to any possible degradation of the level of quality of service.
Security Management
Practical Case
The management of "Cater Matters" is aware that an approach to security based solely on the
concept of "defending against attacks" does not meet the needs of the business.
It is important that customers of "Cater Matters" have up-to-date information about their orders,
outstanding payments, etc. and this requires interaction with the company's ERP.
Clearly, this raises a number of additional security problems, as channels to the outside have to
be opened up from within the organisation's IT core.
The management of "Cater Matters" has decided to create a series of Web Services allowing
access to this information while preserving its confidentiality and integrity. This requires a review
of the Security Plan and the security sections of the SLAs in force.
As basic security measures:
The range of IPs which the service is able to access is limited. The service is only available
from authorised customer IP addresses.
Encryption protocols are implemented for the XML files exchanged.
Authentication is required in order to access the service.
Interaction with the application is monitored to detect possible outside attacks.
A log is kept of when, how and by whom the service is used.
A single input channel is authorised for the local services through the company's web
servers.
A periodic evaluation of the service is proposed in order to detect vulnerabilities and adopt
corrective measures.
The objective is to offer a quality service with high levels of security so as to build customer
loyalty at a time or rapid development when the competition is just a click away.