InterviewFAQ

No:1 Source to prepare for job interviews.

(http://interviewfaq.co.in/)

InterviewFAQ

(http://interviewfaq.co.in/)

Menu

Windows Active directory .

(http://interviewfaq.co.in/author/ifaqadmin) Interview Questions
User Submitted Part 10
(http://interviewfaq.co.in/windows-activedirectory-interview-questions-user-submittedpart-10.html)
21. Sep / Active Directory (http://interviewfaq.co.in/windows/active-directory) /
No Comments (http://interviewfaq.co.in/windows-active-directory-interview-questions-usersubmitted-part-10.html#comments)

What is sites ? What are they used for ?

One or more well-connected (highly reliable and fast) TCP/IP subnets.
A site allows administrators to con gure Active Directory access and replication topology
to take advantage of the physical network.
A Site object in Active Directory represents a physical geographic location that hosts
networks. Sites contain objects called Subnets.

Sites can be used to Assign Group Policy Objects, facilitate the discovery of resources,
manage active directory replication, and manage network link traf c.
Sites can be linked to other Sites. Site-linked objects may be assigned a cost value that
represents the speed, reliability, availability, or other real property of a physical resource.
Site Links may also be assigned a schedule.
Trying to look at the Schema, how can I do that ?
register schmmgmt.dll using this command
c:windowssystem32>regsvr32 schmmgmt.dll
Open mmc > add snapin > add Active directory schema
name it as schema.msc
Open administrative tool > schema.msc
What is the port no of Kerbrose ?
88
What is the port no of Global catalog ?
3268
What is the port no of LDAP ?
389
Explain Active Directory Schema ?
Windows 2000 and Windows Server 2003 Active Directory uses a database set of rules
called Schema. The Schema is de nes as the formal de nition of all object classes, and
the attributes that make up those object classes, that can be stored in the directory. As
mentioned earlier, the Active Directory database includes a default Schema, which
de nes many object classes, such as users, groups, computers, domains, organizational
units, and so on.

These objects are also known as Classes. The Active Directory Schema can be
dynamically extensible, meaning that you can modify the schema by de ning new object
types and their attributes and by de ning new attributes for existing objects. You can do
this either with the Schema Manager snap-in tool included with Windows 2000/2003
Server, or programmatically.
How can you forcibly remove AD from a server, and what do you do later? ? Can I get
user passwords from the AD database?
Dcpromo /forceremoval , an administrator can forcibly remove Active Directory and roll
back the system without having to contact or replicate any locally held changes to
another DC in the forest. Reboot the server then After you use the dcpromo
/forceremoval command, all the remaining metadata for the demoted DC is not deleted
on the surviving domain controllers, and therefore you must manually remove it by using
the NTDSUTIL command.
In the event that the NTDS Settings object is not removed correctly you can use the
Ntdsutil.exe utility to manually remove the NTDS Settings object. You will need the
following tool: Ntdsutil.exe, Active Directory Sites and Services, Active Directory Users
and Computers
What are the FSMO roles? Who has them by default? What happens when each one
fails?
Flexible Single Master Operation (FSMO) role. Currently there are ve FSMO roles:
Schema master
Domain naming master
RID master
PDC emulator
Infrastructure master

What is domain tree ?

Domain Trees: A domain tree comprises several domains that share a common schema
and con guration, forming a contiguous namespace. Domains in a tree are also linked
together by trust relationships. Active Directory is a set of one or more trees.
Trees can be viewed two ways. One view is the trust relationships between domains. The
other view is the namespace of the domain tree.
What is forests ?
A collection of one or more domain trees with a common schema and implicit trust
relationships between them. This arrangement would be used if you have multiple root
DNS addresses.
How to Select the Appropriate Restore Method ?
You select the appropriate restore method by considering:
Circumstances and characteristics of the failure. The two major categories of failure,
From an Active Directory perspective, are Active Directory data corruption and hardware
failure.
Active Directory data corruption occurs when the directory contains corrupt data that
has been replicated to all domain controllers or when a large portion of the Active
Directory hierarchy has been changed accidentally (such as deletion of an OU) and this
change has replicated to other domain controllers.
Where are the Windows NT Primary Domain Controller (PDC) and its Backup Domain
Controller (BDC) in Server 2003?
The Active Directory replaces them. Now all domain controllers share a multimaster
peer-to-peer read and write relationship that hosts copies of the Active Directory.
What is Global Catalog?

The Global Catalog authenticates network user logons and elds inquiries about objects
across a forest or tree. Every domain has at least one GC that is hosted on a domain
controller. In Windows 2000, there was typically one GC on every site in order to prevent

user logon failures across the network.

How long does it take for security changes to be replicated among the domain controllers?

Security-related modi cations are replicated within a site immediately. These changes
include account and individual user lockout policies, changes to password policies,
changes to computer account passwords, and modi cations to the Local Security
Authority (LSA).
When should you create a forest?
Organizations that operate on radically different bases may require separate trees with
distinct namespaces. Unique trade or brand names often give rise to separate DNS
identities. Organizations merge or are acquired and naming continuity is desired.
Organizations form partnerships and joint ventures. While access to common resources is
desired, a separately de ned tree can enforce more direct administrative and security
restrictions.
Describe the process of working with an external domain name ?

If it is not possible for you to con gure your internal domain as a subdomain of your
external domain, use a stand-alone internal domain. This way, your internal and external
domain names are unrelated. For example, an organization that uses the domain name
contoso.com for their external namespace uses the name corp.internal for their internal
namespace.
The advantage to this approach is that it provides you with a unique internal domain
name. The disadvantage is that this con guration requires you to manage two separate
namespaces. Also, using a stand-alone internal domain that is unrelated to your external
domain might create confusion for users because the namespaces do not re ect a
relationship between resources within and outside of your network.
In addition, you might have to register two DNS names with an Internet name authority if
you want to make the internal domain publicly accessible.

Roll

Schedule
2003Server

ManualTesting
Acquired

Active

Availability
Roll

Answers
Schedule

Trades

Fresher

ManualTesting

Previous Page (http://interviewfaq.co.in/windows/active-directory/page/2)

(http://interviewfaq.co.in/windows/active-directory/page/2)
1 (http://interviewfaq.co.in/windows/active-directory/)
2 (http://interviewfaq.co.in/windows/active-directory/page/2)

4 (http://interviewfaq.co.in/windows/active-directory/page/4)
5 (http://interviewfaq.co.in/windows/active-directory/page/5)
(http://interviewfaq.co.in/windows/active-directory/page/4)
(http://interviewfaq.co.in/windows/active-directory/page/15)
Next Page (http://interviewfaq.co.in/windows/active-directory/page/4)

PRE-PAY FOR WP ENGINE HOSTING FOR 1 YEAR AND GET 2 MONTHS FREE! (http://www.shareasale.com/r.cfm?
b=407239&u=963842&m=41388&urllink=&afftrack=) Optimized page load times, reliability and security. Fast,
Secure and Scalable. (http://www.shareasale.com/r.cfm?b=398787&u=963842&m=41388&urllink=&afftrack=)
Optimized your page load times, reliability and security. Fast, Secure and Scalable.
(http://www.shareasale.com/r.cfm?b=398786&u=963842&m=41388&urllink=&afftrack=)

Speed up WordPress with our baked in CDN, super fast servers and amazing up-time.
(http://www.shareasale.com/r.cfm?b=398784&u=963842&m=41388&urllink=&afftrack=) Month to month
contracts and no sign-up fees! Enjoy exibility with WP Engine. (http://www.shareasale.com/r.cfm?
b=398782&u=963842&m=41388&urllink=&afftrack=) Month to month contracts and no sign-up fees! Enjoy
exibility with WPEngine. (http://www.shareasale.com/r.cfm?b=398781&u=963842&m=41388&urllink=&afftrack=)

Month to month contracts and no sign-up fees! Enjoy exibility with WPEngine. (http://www.shareasale.com/r.cfm?
b=398781&u=963842&m=41388&urllink=&afftrack=) Get 50GB of Premium Bandwidth and 10GB of storage with
WP Engine's standard hosting plan! (http://www.shareasale.com/r.cfm?

b=398777&u=963842&m=41388&urllink=&afftrack=) Speed up WordPress with our baked in CDN, super fast

servers and amazing up-time. (http://www.shareasale.com/r.cfm?
b=398776&u=963842&m=41388&urllink=&afftrack=)

Copyright 2016 Theme design by the Bluth Company www.bluth.is