Directory Interview Questions Wit

Active Directory Interview questions with answers
Page 1 of 11

By Ravi Chopra | August 1, 2014
7 Comments

Learn about basic Active directory functionality. Happy learning!!!
Below are the Active Directory Interview Questions and answers. However there are more Interview question:
Wintel /AD Interview Questions:-http://yourcomputer.in/wintel-interview-questions-and-answers
Windows Cluster Interview questions :-http://yourcomputer.in/windows-cluster-interview-questions-and-answers
Personal Interview Questions:-http://yourcomputer.in/personal-interview-questions-answers
What is Global Catalog and its function?

The global catalog is a distributed data repository that contains a searchable, partial representation of every object in every domain in a multidomain ActiveDirectory
Domain Services (ADDS) forest. The global catalog is stored on domain controllers that have been designated as global catalog servers and is distributed through
multimaster replication. Searches that are directed to the global catalog are faster because they do not involve referrals to different domain controllers.
The global catalog provides the ability to locate objects from any domain without having to know the domain name. A global catalog server is a domain controller that, in
addition to its full, writable domain directory partition replica, also stores a partial, read-only replica of all other domain directory partitions in the forest.
Forest-wide searches. The global catalog provides a resource for searching an ADDS forest. Forest-wide searches are identified by the LDAP port that they use. If
the search query uses port3268, the query is sent to a global catalog server.
User logon. In a forest that has more than one domain, two conditions require the global catalog during user authentication: Universal Group Membership Caching:
In a forest that has more than one domain, in sites that have domain users but no global catalog server, Universal Group Membership Caching can be used to enable
caching of logon credentials so that the global catalog does not have to be contacted for subsequent user logons. This feature eliminates the need to retrieve
universal group memberships across a WAN link from a global catalog server in a different site.
In a domain that operates at the Windows2000 native domain functional level or higher, domain controllers must request universal group membership
enumeration from a global catalog server.
When a user principal name (UPN) is used at logon and the forest has more than one domain, a global catalog server is required to resolve the name.
Exchange Address Book lookups. Servers running Microsoft ExchangeServer rely on access to the global catalog for address information. Users use global catalog
servers to access the global address list (GAL).
What are the components of Logical AD?

The logical parts of Active Directory include forests, trees, domains, OUs and global catalogs.
Domain It is still a logical group of users and computers that share the characteristics of centralized security and administration. A domain is still a boundary for security
this means that an administrator of a domain is an administrator for only that domain, and no others, by default.
Tree a tree is a collection of Active Directory domains that share a contiguous namespace.
Forest a forest is the largest unit in Active Directory and is a collection of trees that share a common Schema. In a forest all trees are connected by transitive two-way
trust relationships, thus allowing users in any tree access to resources in another for which they have been given appropriate permissions and rights. By default the first
domain created in a forest is referred to as the root domain.
http://yourcomputer.in/active-directory-interview-questions-with-answers/
30-10-2014
Page 2 of 11
What are the different Partition in AD and explain all?

The Active Directory database is logically separated into directory partitions:
Schema partition
Configuration partition
Domain partition
Application partition
Each partition is a unit of replication, and each partition has its own replication topology. Replication occurs between replicas of directory partition. Minimum two directory
partitions are common among all domain controllers in the same forest: the schema and configuration partitions. All domain controllers which are in the same domain, in
addition, share a common domain partition.
Schema Partition
Only one schema partition exists per forest. The schema partition is stored on all domain controllers in a forest. The schema partition contains definitions of all objects and
attributes that you can create in the directory, and the rules for creating and manipulating them. Schema information is replicated to all domain controllers in the attribute
definitions.
Configuration Partition
There is only one configuration partition per forest. Second on all domain controllers in a forest, the configuration partition contains information about the forest-wide
active directory structure including what domains and sites exist, which domain controllers exist in each forest, and which services are available. Configuration information
is replicated to all domain controllers in a forest.
Domain Partition
Many domain partitions can exist per forest. Domain partitions are stored on each domain controller in a given domain. A domain partition contains information about
users, groups, computers and organizational units. The domain partition is replicated to all domain controllers of that domain. All objects in every domain partition in a
forest are stored in the global catalog with only a subset of their attribute values.
Application Partition
Application partitions store information about application in Active Directory. Each application determines how it stores, categorizes, and uses application specific
information. To prevent unnecessary replication to specific application partitions, you can designate which domain controllers in a forest host specific application
partitions. Unlike a domain partitions, an application partition cannot store security principal objects, such as user accounts. In addition, the data in an application partition
is not stored in the global catalog.
As an example of application partition, if you use a Domain Name System (DNS) that is integrated with Active Directory you have two application partitions for DNS zones
ForestDNSZones and DomainDNSZones:
ForestDNSZones is part of a forest. All domain controllers and DNS servers in a forest receive a replica of this partition. A forest-wide application partition stores the
forest zone data.
DomainDNSZones is unique for each domain. All domain controllers that are DNS servers in that domain receive a replica of this partition. The application partitions
store the domain DNS zone in the DomainDNSZones<domain name>.
Each domain has a DomainDNSZones partition, but there is only one ForestDNSZones partition. No DNS data is replicated to the global catalog server.
Different types of Disk partition?

How many types of RAID and explain any 3 advantage and disadvantage?
http://yourcomputer.in/what-is-raid-configuration-in-windows/
RAID Levels and Types
RAID, an acronym of Redundant Array of Independent (Inexpensive) Disks is the talk of the day. These are an array of disk to give more power, performance, fault
tolerance and accessibility to the data, as a single storage system. Its not mere combination of disks but all the disks are combined providing standard MTBF (mean time
30-10-2014
Page 3 of 11
before failure) reliability scheme; otherwise chances are performance would be affected drastically if disks are not combined as a single storage unit.
RAID Levels
All the RAID types and models are commonly classified as RAID levels, since RAID represented by a higher number is regarded to be superior, more efficient, high-performance
array than the low numbered RAID. Hence, high security feature of RAID also depends on the RAID level you are using. RAID arrays, not only, provide the users with maximum
security and reliability but also make sure that if a disk fails no data is lost. The in-depth knowledge about RAID levels would help you through buying of RAID servers.Lets
briefly discuss here the main RAID levels and classes:
RAID 0 Striping:
It is the Stripped Disk Array with no fault tolerance and it requires at least 2 drives to be implemented. Due to no redundancy feature, RAID 0 is considered to be the
lowest ranked RAID level. Striped data mapping technique is implemented for high performance at low cost. The I/O performance is also improved as it is loaded across
many channels. Regeneration, Rebuilding and functional redundancy are some salient features of RAID 0.
RAID 1 Mirroring:
It is the Mirroring (Shadowing) Array meant to provide high performance. RAID 1 controller is able to perform 2 separate parallel reads or writes per mirrored pair. It also
requires at least 2 drives to implement a non-redundant disk array. High level of availability, access and reliability can be achieved by entry-level RAID 1 array. With full
redundancy feature available, need of readability is almost negligible. Controller configurations and storage subsystem design is the easiest and simplest amongst all RAID
levels.
RAID 0+1:
It is the RAID array providing high data transference performance with at least 4 disks needed to implement the RAID 0+1 level. Its a unique combination of stripping and
mirroring with all the best features of RAID 0 and RAID 1 included such as fast data access and fault tolerance at single drive level. The multiple stripe segments have
added high I/O rates to the RAID performance and it is the best solution for maximum reliability.
RAID 2 (ECC):
It is the combination of Inherently Parallel Mapping and Protection RAID array. Its also known as ECC RAID because each data word bit is written to data disk which is
verified for correct data or correct disk error when the RAID disk is read. Due to special disk features required, RAID 2 is not very popular among the corporate data
storage masses, despite the extremely high data transference rates.
RAID 3:
RAID 3 works on the Parallel Transfer with Parity technique. The least number of disks required to implement the RAID array is 3 disks. In the RAID 3, data blocks are
striped and written on data drives and then the stripe parity is generated, saved and afterwards used to verify the disk reads. Read and write data transfer rate is very high
in RAID 3 array and disk failure causes insignificant effects on the overall performance of the RAID.
RAID 4:
RAID 4 requires a minimum of 3 drives to be implemented. It is composed of independent disks with shared parity to protect the data. Data transaction rate for Read is
exceptionally high and highly aggregated. Similarly, the low ratio of parity disks to data disks indicates high efficiency.
RAID 5:
RAIDS 5 is Independent Distributed parity block of data disks with a minimum requirement of at least 3 drives to be implemented and N-1 array capacity. It helps in
reducing the write inherence found in RAID 4. RAID 5 array offers highest data transaction Read rate, medium data transaction Write rate and good cumulative transfer
rate.
RAID 6:
RAIDS 6 is Independent Data Disk array with Independent Distributed parity. It is known to be an extension of RAID level 5 with extra fault tolerance and distributed
parity scheme added. RAID 6 is the best available RAID array for mission critical applications and data storage needs, though the controller design is very complex and
overheads are extremely high.
RAID 7:
RAID 7 is the Optimized Asynchrony array for high I/O and data transfer rates and is considered to be the most manageable RAID controller available. The overall write
performance is also known to be 50% to 90% better and improved than the single spindle array levels with no extra data transference required for parity handling. RAID 7
is registered as a standard trademark of Storage Computer Corporation.
RAID 10:
RAID 10 is classified as the futuristic RAID controller with extremely high Reliability and performance embedded in a single RAID controller. The minimum requirement to
form a RAID level 10 controller is 4 data disks. The implementation of RAID 10 is based on a striped array of RAID 1 array segments, with almost the same fault tolerance
level as RAID 1. RAID 10 controllers and arrays are suitable for uncompromising availability and extremely high throughput required systems and environment.
With all the significant RAID levels discussed here briefly, another important point to add is that whichever level of RAID is used regular and consistent data backup
maintenance using tape storage is must as the regular tape storage is best media to recover from lost data scene.
What is FSMO Roles?
Click here to know about FSMO in detail
How to find which server hold which role?
Netdom query FSMO
How we can replication monitoring?
The Active Directory Replication Monitor, replmon.exe, is part of the Windows 2000 Support Utilities available on the Windows 2000 Server CD in the \SUPPORT\TOOLS
folder. Primary uses of replmon :
Check for replication errors
Run the KCC Knowledge Consistency Checker to check replication topology
30-10-2014
Page 4 of 11
Synchronize each directory partition with all servers

Generate status reports on replication info on servers
List domain controllers
Check Group Policy Object status
Choose performance counters to be monitored
List server hosting Global Catalog
List bridgehead servers
Display trust relationships List AD meta-data info
How we can diagnosis any issue related to ad replication?
What is intersite and Intra site replication explain?

http://technet.microsoft.com/en-us/library/cc755994(WS.10).aspx
What is Authoritative and Non authorities restoration?
Active Directory is backed up as part of system state, a collection of system components that depend on each other. You must back up and restore system state
components together.
Components that comprise the system state on a domain controller include:
System Start-up Files (boot files). These are the files required for Windows 2000 Server to start.
System registry.
Class registration database of Component Services. The Component Object Model (COM) is a binary standard for writing component software in a distributed
systems environment.
SYSVOL. The system volume provides a default Active Directory location for files that must be shared for common access throughout a domain. The SYSVOL folder
on a domain controller contains:
NETLOGON shared folders. These usually host user logon scripts and Group Policy objects (GPOs) for non-Windows 2000based network clients.
User logon scripts for Windows 2000 Professionalbased clients and clients that are running Windows 95, Windows 98, or Windows NT 4.0.
Windows 2000 GPOs.
File system junctions.
File Replication service (FRS) staging directories and files that are required to be available and synchronized between domain controllers.
Active Directory. Active Directory includes:
Ntds.dit: The Active Directory database.
Edb.chk: The checkpoint file.
Edb*.log: The transaction logs, each 10 megabytes (MB) in size.
Res1.log and Res2.log: Reserved transaction logs.
Note: If you use Active Directory-integrated DNS, then the zone data is backed up as part of the Active Directory database. If you do not use Active Directory-integrated
DNS, you must explicitly back up the zone files. However, if you back up the system disk along with the system state, zone data is backed up as part of the system disk.If
you installed Windows Clustering or Certificate Services on your domain controller, they are also backed up as part of system state.
Non-authoritative restore of Active Directory
A non-authoritative restore returns the domain controller to its state at the time of backup, then allows normal replication to overwrite that state with any changes that
have occurred after the backup was taken. After you restore the system state, the domain controller queries its replication partners. The replication partners replicate any
changes to the restored domain controller, ensuring that the domain controller has an accurate and updated copy of the Active Directory database.
Non-authoritative restore is the default method for restoring Active Directory, and you will use it in most situations that result from Active Directory data loss or
corruption. To perform a non-authoritative restore, you must be able to start the domain controller in Directory Services Restore Mode.
Non-authoritative restore of SYSVOL
When you non-authoritatively restore the SYSVOL, the local copy of SYSVOL on the restored domain controller is compared with that of its replication partners. After the
domain controller restarts, it contacts its replication partners, compares SYSVOL information, and replicate the any necessary changes, bringing it up-to-date with the
other domain controllers within the domain.
Perform a non-authoritative restore of SYSVOL if at least one other functioning domain controller exists in the domain. This is the default method for restoring SYSVOL
and occurs automatically if you perform a non-authoritative restore of the Active Directory.
If no other functioning domain controller exists in the domain, then perform a primary restore of the SYSVOL. A primary restore builds a new File Replication service (FRS)
database by loading the data present under SYSVOL on the local domain controller. This method is the same as a non-authoritative restore, except that the SYSVOL is
marked primary.
Authoritative restore of Active Directory
An authoritative restore is an extension of the non-authoritative restore process. You must perform the steps of a non-authoritative restore before you can perform an
authoritative restore. The main difference is that an authoritative restore has the ability to increment the version number of the attributes of all objects in an entire
30-10-2014
Page 5 of 11
directory, all objects in a subtree, or an individual object (provided that it is a leaf object) to make it authoritative in the directory. Restore the smallest unit necessary, for
example, do not restore the entire directory in order to restore a single subtree.
As with a non-authoritative restore, after a domain controller is back online, it will contact its replication partners to determine any changes since the time of the last
backup. However, because the version number of the object attributes that you want to be authoritative will be higher than the existing version numbers of the attribute
held on replication partners, the object on the restored domain controller will appear to be more recent and therefore will be replicated out to the rest of the domain
controllers within the environment.
Unlike a non-authoritative restore, an authoritative restore requires the use of a separate tool, Ntdsutil.exe. No backup utilities including the Windows 2000 Server
system tools can perform an authoritative restore.
An authoritative restore will not overwrite new objects that have been created after the backup was taken. You can authoritatively restore only objects from the
configuration and domain-naming contexts. Authoritative restores of schema-naming contexts are not supported.
Perform an authoritative restore when human error is involved, such as when an administrator accidentally deletes a number of objects and that change replicates to the
other domain controllers and you cannot easily recreate the objects. To perform an authoritative restore, you must start the domain controller in Directory Services
Restore Mode.
Authoritative restore of SYSVOL
By authoritatively restoring the SYSVOL, you are specifying that the copy of SYSVOL that is restored from backup is authoritative for the domain. After the necessary
configurations have been made, Active Directory marks the local SYSVOL as authoritative and it is replicated to the other domain controllers within the domain.
The authoritative restore of SYSVOL does not occur automatically after an authoritative restore of Active Directory. Additional steps are required.
As with Active Directory authoritative restore, you typically perform an authoritative restore of SYSVOL when human error is involved and the error has replicated to other
domain controllers. For example, you might perform an authoritative restore of SYSVOL if an administrator has accidentally deleted an object that resides in SYSVOL, such
as a Group Policy object.
http://yourcomputer.in/authoritative-vs-non-authoritative-restoration-of-active-directory
http://technet.microsoft.com/en-us/library/bb727048.aspx
How to restore the AD
What is Tombstone period?
The tombstone lifetime in an ActiveDirectory forest determines how long a deleted object (called a tombstone) is retained in ActiveDirectory Domain Services (ADDS).
The tombstone lifetime is determined by the value of the tombstoneLifetime attribute on the Directory Service object in the configuration directory partition.
In Microsoft Windows Server 2003 R2, the default tombstone lifetime (TSL) value remains at 60 days.
Note In Windows Server 2003 Service Pack 1, the default TSL value has increased from 60 days to 180 days.
What are Lingering Objects?
Lingering objects can occur if a domain controller does not replicate for an interval of time that is longer than the tombstone lifetime (TSL). The domain controller then
reconnects to the replication topology. Objects that are deleted from the Active Directory directory service when the domain controller is offline can remain on the
domain controller as lingering objects.
What is the difference between 2003 and 2008?
http://yourcomputer.in/difference-between-windows-2003-and-2008/
2008 is combination of vista and windows 2003r2.Some new services are introduced in it
1. RODC one new domain controller introduced in it
[Read-only Domain controllers.]
2. WDS (windows deployment services) instead of RIS in 2003 server
3. shadow copy for each and every folders
4.boot sequence is changed
5.installation is 32 bit where as 2003 it is 16 as well as 32 bit, thats why installation of 2008 is faster
6.services are known as role in it
7. Group policy editor is a separate option in ads
2) The main difference between 2003 and 2008 is Virtualization, management.

2008 has more inbuilt components and updated third party drivers Microsoft introduces new feature with 2k8 that is Hyper-V Windows Server 2008 introduces Hyper-V (V
for Virtualization) but only on 64bit versions. More and more companies are seeing this as a way of reducing hardware costs by running several virtual servers on one
physical machine. If you like this exciting technology, make sure that you buy an edition of Windows Server 2008 that includes Hyper-V, then launch the Server Manger, add
Roles.
30-10-2014
Page 6 of 11
3) In Windows Server 2008, Microsoft is introducing new features and technologies, some of which were not available in Windows Server 2003 with Service Pack 1 (SP1),
that will help to reduce the power consumption of server and client operating systems, minimize environmental byproducts, and increase server efficiency.
Microsoft Windows Server 2008 has been designed with energy efficiency in mind, to provide customers with ready and convenient access to a number of new powersaving features. It includes updated support for Advanced Configuration and Power Interface (ACPI) processor power management (PPM) features, including support for
processor performance states (P-states) and processor idle sleep states on multiprocessor systems. These features simplify power management in Windows Server 2008
(WS08) and can be managed easily across servers and clients using Group Policies.
What Is Strict Replication and How Do You Enable?

Strict Replication is a mechanism developed by Microsoft developers for Active Directory Replication. If a domain controller has the Strict Replication enabled then that
domain controller will not get Lingering Objects from a domain controller which was isolated for more than the TombStone Life Time. TSL is 180 days by default on a
Forest created with Windows Server 2003 SP1. A domain controller shouldnt be outof sync for more than this period. Lingering Objects may appear on other domain
controllers if replication happens with the outdated domain controllers. These domain controllers will not replicate with the outdated domain controllers if you have set
the below mentioned registry key.You must set the following registry setting on all the domain controllers to enable the Strict Replication:
KEY Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters
Registry Entry: Strict Replication Consistency
Value: 1 (enabled), 0 (disabled)
Type: REG_DWORD
What are the new feature of Win2008?

How many flavours of Wink2k8?
Supersedes
Windows Server 2008 Web
Windows Server 2008
Windows Server 2008
Windows Server 2008
Edition
Standard Edition
Enterprise Edition
Datacenter Edition
Windows Server 2003 Web
Windows Server 2003 R2
Windows Server 2003R2
Edition
Standard Edition
Enterprise Edition
Datacenter Edition
Standard x64 Edition
Enterprise x64 Edition
Datacenter x64 Edition
Not included
Included1
Included1
Included1
OS instances permitted per
One instance (physical or
One physical instance plus one
One physical instance and up to 4
Unlimited number of OS
server license
virtual)
virtual instance2
virtual instances2
instances
Maximum server RAM
32-bit: 4GB
32-bit: 4GB
32-bit: 64GB
32-bit: 64GB
Hyper-V virtualization
technology
supported3
64-bit: 32GB
64-bit: 32GB
64-bit: 2TB
64-bit: 2TB
Maximum number of CPUs
64
Hot swap RAM and CPUs
No
No
No4
Yes
Cluster Service (failover)
No
No
Yes, up to 16 nodes per cluster
Yes, up to 16 nodes per cluster
Terminal Server
No
Yes 5
Yes
Yes
30-10-2014
Page 7 of 11
Network Access Protection
No
Yes 6
Yes
Yes
U.S. estimated retail price7
US$470 per server ( available
US$800 per server
US$3,000 per server
US$3,000 per processor
only without Hyper-V)

(US$772 without Hyper-V)
(US$2,972 without Hyper-V)
(US$2,972 per processor without

Hyper-V)
CALs or External Connector
No
Yes
Yes
Yes
required8
How you find the server hold DHCP?

How to configure the DHCP server?
If user are not getting IP from the DHCP servers what step you take to fix the issue?
What is the process of user getting IP from DHCP Server?
DORA PROCESS
DISCOVER:When a client is configured with the ip setting to obtain Ip address automatically. Then the client will search for DHCP server and the UDP Broadcast to
the server about the DHCP discover
OFFER: DHCP Server will offers a scope of ip address available in the pool.
REQUEST: In response to the offer, the Client will requests for an ip address.
ACKNOWLEDGE:In response to the request, server will responds with all Ip address, Mask, Gty, Dns and wins info along with the acknowledgment packet.
DHCP Message Types
DHCPDISCOVER
This DHCP message type is used by the DHCP client to discover DHCP servers.
DHCPOFFER
This DHCP message type is used by the DHCP server to respond to a received DHCPDISCOVER message and also offers configuration details at that time.
DHCPREQUEST
This message comes from a client and to the DHCP server to convey three various messages. The first is to request configuration details from one specific DHCP
server and specifically rejecting offers from any other potential DHCP servers. Secondly it can be used for verification of previously used IP address after a system
has undergone a reboot. Lastly, it can be used to extend the lease of a specific IP address.
How we can seize roles?

How we can transfers roles from one DC to another?
What is kerbores and its process?

What contain system state backup?
Following system components as System State data:
Registry
COM+ class registration database
Boot files, including the system files
Certificate services database
Active Directory
The system volume
If the workstation is a domain controller, the following components are backed up:
Active directory (NTDS)
The system volume (SYSVOL)
If the workstation is a certificate server, then the related data is also backed up. Many security and other disasters can be fixed by restoring System State to a good
configuration.
How you can take the backup of DC?
Did you aware of ITIL Process?
30-10-2014
Page 8 of 11
Expain the process in ITIL like Incident Managemnt, Change Management and Problem Mgmt?
How you do the pactching?
Did you know SCOM and its configuration?
What is the ticketing tool used?
How to upgrade the O/S?
What are all the different mode of O/S?
Kernel Mode
In Kernel mode, the executing code has complete and unrestricted access to the underlying hardware. It can execute any CPU instruction and reference any memory
address. Kernel mode is generally reserved for the lowest-level, most trusted functions of the operating system. Crashes in kernel mode are catastrophic; they will halt the
entire PC.
User Mode
In User mode, the executing code has no ability to directly access hardware or reference memory. Code running in user mode must delegate to system APIs to access
hardware or memory. Due to the protection afforded by this sort of isolation, crashes in user mode are always recoverable. Most of the code running on your computer will
execute in user mode.
What are all the files contain AD Database?
Windows 2000 Active Directory data store, the actual database file, is %SystemRoot%\ntds\NTDS.DIT. The ntds.dit file is the heart of Active Directory including user
accounts. Active Directorys database engine is the Extensible Storage Engine ( ESE ) which is based on the Jet database used by Exchange 5.5 and WINS. The ESE has the
capability to grow to 16 terabytes which would be large enough for 10 million objects. Back to the real world. Only the Jet database can maniuplate information within the
AD datastore.
For information on domain controller configuration to optimize Active Directory, see Optimize Active Directory Disk Performance
The Active Directory ESE database, NTDS.DIT, consists of the following tables:
Schema table
the types of objects that can be created in the Active Directory, relationships between them, and the optional and mandatory attributes on each type of object. This table
is fairly static and much smaller than the data table.
Link table
contains linked attributes, which contain values referring to other objects in the Active Directory. Take the MemberOf attribute on a user object. That attribute contains
values that reference groups to which the user belongs. This is also far smaller than the data table.
Data table
users, groups, application-specific data, and any other data stored in the Active Directory. The data table can be thought of as having rows where each row represents an
instance of an object such as a user, and columns where each column represents an attribute in the schema such as GivenName.
Any idea about virtualization technology?

What is virtual memory?
The purpose of virtual memory is to enlarge the address space, the set of addresses a program can utilize. For example, virtual memory might contain twice as many
addresses as main memory. A program using all of virtual memory, therefore, would not be able to fit in main memory all at once. Nevertheless, the computer could
execute such a program by copying into main memory those portions of the program needed at any given point during execution.
To facilitate copying virtual memory into real memory, the operating system divides virtual memory into pages, each of which contains a fixed number of addresses. Each
page is stored on a disk until it is needed. When the page is needed, the operating system copies it from disk to main memory, translating the virtual addresses into real
addresses.
Important port nos like FTP, Talnet, RDP and DNS?

What is heart beat?
What is the difference between NTFS and share permissions? What is VSS?
Are you aware of Volume shadow copy please expaing?
Can we use a Linux DNS Sever in 2000 Domain?
GPMC & RSOP in windows 2003?
30-10-2014
Page 9 of 11
How to use recovery console?

How to take DNS and WINS, DHCP backup ? What is the use of terminal services?
And its mode How is Active Directory scalable?
What is multimaster replication?
Multimaster Replication
Active Directory uses multimaster replication to accomplish the synchronization of directory information. True multimaster replication can be contrasted with other
directory services that use a master-slave approach to updates wherein all updates must be made to the master copy of the directory and then be replicated to the slave
copies. This system is adequate for a directory that has a small number of copies and for an environment where all of the changes can be applied centrally. But this
approach does not scale beyond small-sized organizations nor does it address the needs of decentralized organizations. With Active Directory, no one domain controller is
the master. Instead, all domain controllers within a domain are equivalent. Changes can be made to any domain controller, unlike a single-master system, where changes
must be made to one server. In the single-master system, the primary server replicates the updated information to all other directory servers in the domain.
With multimaster replication, it is not necessary for every domain controller to replicate with every other domain controller. Instead, the system implements a robust set
of connections that determines which domain controllers replicate to which other domain controllers to ensure that networks are not overloaded with replication traffic
and that replication latency is not so long that it causes inconvenience to users. The set of connections through which changes are replicated to domain controllers in an
enterprise is called the replication topology .
Multimaster update capability provides high availability of write access to directory objects because several servers can contain writable copies of an object. Each domain
controller in the domain can accept updates independently, without communicating with other domain controllers. The system resolves any conflicts in updates to a
specific directory object. If updates cease and replication continues, all copies of an object eventually reach the same value.
The manner in which a directory service stores information directly determines the performance and scalability of the directory service. Directory services must handle a
large number of queries compared to the number of updates they must process. A typical ratio of queries to updates is99:1. By creating multiple copies of the directory
and keeping the copies consistent, the directory service can handle more queries per second.
Multimaster replication provides the following advantages over single-master replication:
If one domain controller becomes inoperable, other domain controllers can continue to update the directory. In single-master replication, if the primary domain
controller becomes inoperable, directory updates cannot take place. For example, if the failed server holds your password and your password has expired, you
cannot reset your password and therefore you cannot log on to the domain.
Servers that are capable of making changes to the directory, which in Windows2000 are domain controllers, can be distributed across the network and can be
located in multiple physical sites.
Define each of the following names: DN, RDN, GUID, UPN. What is the primary reason for defining an OU?
What is the difference between a site link and a connection object?
What is the booting process?
1. First is the POST, this stands for Power On Self Test, for the computer. This process tests memory as well as a number of other subsystems. You can usually monitor
this as it runs each test. After that is complete the system will run POST for any device that has a BIOS (Basic Input-Output System). An AGP has its own BIOS, as do
some network cards and various other devices.
2. Once the POST is complete and the BIOS is sure that everything is working properly, the BIOS will then attempt to read the MBR (Master Boot Record). This is the
first sector of the first hard drive (called the Master or HD0). When the MBR takes over it means that Windows is now in control.
3. The MBR looks at the BOOT SECTOR (the first sector of the active partition). That is where NTLDR is located, NTLDR is the BOOT LOADER for Windows XP. NTLDR
will allow memory addressing, initiate the file system, read the boot.ini and load the boot menu. NTLDR has to be in the root of the active partition as do
NTDETECT.COM, BOOT.INI, BOOTSECT.DOS (for multi-OS booting) and NTBOOTDD.SYS (if you have SCSI adapters)
4. Once XP is selected from the Boot Menu, NTLDR will run NTDETECT.COM, BOOT.INI and BOOTSECT.DOS to get the proper OS selected and loaded. The system
starts in 16-bit real mode and then moves into 32-bit protected mode.
5. NTLDR will then load NTOSKRNL.EXE and HAL.DLL. Effectively, these two files are windows XP. They must be located in %SystemRoot%System32.
6. NTLDR reads the registry, chooses a hardware profile and authorizes device drivers, in that exact order.
7. At this point NTOSKRNL.EXE takes over. It starts WINLOGON.EXE that in turn starts LSASS.EXE, this is the program that display the Logon screen so that you can
logon.
Which command use to create the application directory partition?

DnsCmd ServerName /EnlistDirectoryPartition FQDN of partition
Default settings for password policy
What will we be the next action plan if we get a hardware alert?
30-10-2014
Page 10 of 11
What will be the next action plan if a customer reports that a server is down?
What is Loopback Group Policy?

Ans:-Group Policy applies to the user or computer in a manner that depends on where both the user and the computer objects are located in Active Directory. However, in
some cases, users may need policy applied to them based on the location of the computer object alone. You can use the Group Policy loopback feature to apply Group
Policy Objects (GPOs) that depend only on which computer the user logs on to.
TCP/UDP ports used in Windows?
Ans:-http://yourcomputer.in/list-port-numbers-windows/
Also click this link for more AD questionshttp://yourcomputer.in/wintel-interview-questions-and-answers
Please Rate & Comment !

Rating: 4.4/5 (14 votes cast)
Active Directory Interview questions with answers, 4.4 out of 5 based on 14 ratings
SEARCH
Share
Related Posts
Wintel Interview
Questions and
Answers
Exchange
Interview
questions with
Answers
Authoritative vs
Vmware interview
Non-Authoritative questions
Restoration of
Active Directory
Windows Cluster
Interview
Questions and
Answers
Category: Active Directory Interview Questions Tags: Active Directory , Interview questions
About Ravi Chopra

I am an IT professional working in the industry for the last 10 years. I am here to share my Technical experience and knowledge with all of you.
View all posts by Ravi Chopra
Iconic One Theme | Powered by Wordpress
30-10-2014
Page 11 of 11
30-10-2014

Directory Interview Questions Wit

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Directory Interview Questions Wit

Hochgeladen von

Copyright:

Verfügbare Formate

Active Directory Interview questions with answers

Active Directory Interview questions with answers

Active Directory Interview questions with answers

What is Global Catalog and its function?

What are the components of Logical AD?

Active Directory Interview questions with answers

What are the different Partition in AD and explain all?

Different types of Disk partition?

Active Directory Interview questions with answers

Active Directory Interview questions with answers

Synchronize each directory partition with all servers

How we can diagnosis any issue related to ad replication?

What is intersite and Intra site replication explain?

Active Directory Interview questions with answers

2) The main difference between 2003 and 2008 is Virtualization, management.

Active Directory Interview questions with answers

What Is Strict Replication and How Do You Enable?

KEY Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters

Registry Entry: Strict Replication Consistency

Value: 1 (enabled), 0 (disabled)

What are the new feature of Win2008?

Windows Server 2008 Web

Windows Server 2008

Windows Server 2008

Windows Server 2008

Windows Server 2003 Web

Windows Server 2003 R2

Windows Server 2003R2

Windows Server 2003 R2

Windows Server 2003 R2

Windows Server 2003 R2

Windows Server 2003 R2

Standard x64 Edition

Enterprise x64 Edition

Datacenter x64 Edition

OS instances permitted per

One instance (physical or

One physical instance plus one

One physical instance and up to 4

Maximum server RAM

Maximum number of CPUs

Hot swap RAM and CPUs

Cluster Service (failover)

Yes, up to 16 nodes per cluster

Yes, up to 16 nodes per cluster

Active Directory Interview questions with answers

Network Access Protection

U.S. estimated retail price7

US$470 per server ( available

US$800 per server

US$3,000 per server

US$3,000 per processor

only without Hyper-V)

(US$2,972 without Hyper-V)

(US$2,972 per processor without

CALs or External Connector

How you find the server hold DHCP?

How we can seize roles?

What is kerbores and its process?

Active Directory Interview questions with answers

Any idea about virtualization technology?

Important port nos like FTP, Talnet, RDP and DNS?

Active Directory Interview questions with answers

How to use recovery console?