What is Active Directory?
*Active Directory is a Meta Data. Active Directory is a data base which store a data base like your user information, computer information and also other network object info. It has capabilities to manage and administor the complite Network which connect with AD.
*Active Directory is a Meta Data. Active Directory is a data base which store a data base like your user information, computer information and also other network object info. It has capabilities to manage and administor the complite Network which connect with AD.
* Active Directory is a network-based object
store and service that locates and manages resources, and makes these resources
available to authorized users and groups.
What
is domain?
Domain is a collection or a group of computers, OUs, Users who are using a common security policy, rules and procedures.
Domain is a collection or a group of computers, OUs, Users who are using a common security policy, rules and procedures.
You don’t have the active directory environment but
you want to change the group policy in all the systems?
On one
local system, configure the policies you want. Now copy the group policy
frolder from the local system to all the systems with using simple batch files
using the xcopy commands.
What is a work group?
Work group is a collection or group of computers,
users and OUs which does not administer a unit and does not use a common
security policy.
What is OU (Organizational Unit)
OUs are usedas container to locally organize the directory
objects suh as Users, computers, groups. In much the same way it is like as a
folder on the hard disk
What is domain controller ?
A Domain controller (DC) is a server that responds to security authentication requests (logging in, checking permissions, etc.) within the Windows Server domain. A domain is a concept introduced in Windows NT whereby a user may be granted access to a number of computer resources with the use of a single username and password combination.
A Domain controller (DC) is a server that responds to security authentication requests (logging in, checking permissions, etc.) within the Windows Server domain. A domain is a concept introduced in Windows NT whereby a user may be granted access to a number of computer resources with the use of a single username and password combination.
Types of domain Trust
Relationship?
A domain
trust relationship is a relationship between two domains that enable user in
one domain to be authenticated by a domain controller in other domain.
·
One Way
·
Two way
·
Transitive
·
Non-transitive
What is LDAP ?
Lightweight Directory Access Protocol LDAP is the industry standard directory access protocol, making Active Directory widely accessible to management and query applications. Active Directory supports LDAPv3 and LDAPv2.
Lightweight Directory Access Protocol LDAP is the industry standard directory access protocol, making Active Directory widely accessible to management and query applications. Active Directory supports LDAPv3 and LDAPv2.
What is KCC ?
KCC ( knowledge consistency checker ) is used to generate replication topology for inter site replication and for intrasite replication.with in a site replication traffic is done via remote procedure calls over ip, while between site it is done through either RPC or SMTP.
KCC ( knowledge consistency checker ) is used to generate replication topology for inter site replication and for intrasite replication.with in a site replication traffic is done via remote procedure calls over ip, while between site it is done through either RPC or SMTP.
Where is the AD database
held? What other folders are related to AD?
The AD data base is store in c:\windows\ntds\NTDS.DIT.
The AD data base is store in c:\windows\ntds\NTDS.DIT.
What is the SYSVOL folder?
The sysVOL folder stores the server's copy of the domain's public files. The contents such as group policy, users etc of the sysvol folder are replicated to all domain controllers in the domain.
The sysVOL folder stores the server's copy of the domain's public files. The contents such as group policy, users etc of the sysvol folder are replicated to all domain controllers in the domain.
Where are the Windows NT Primary Domain Controller (PDC) and its Backup Domain Controller (BDC) in Server 2003 ?
The Active Directory replaces them. Now all domain controllers share a multimaster peer-to-peer read and write relationship that hosts copies of the Active Directory.
I am trying to create a
new universal user group. Why can’t I ?
Universal groups are allowed only in native-mode Windows Server 2003 environments. Native mode requires that all domain controllers be promoted to Windows Server 2003 Active Directory.
Universal groups are allowed only in native-mode Windows Server 2003 environments. Native mode requires that all domain controllers be promoted to Windows Server 2003 Active Directory.
What is LSDOU ?
It’s group policy inheritance model, where the policies are applied toLocal machines, Sites, Domains and Organizational Units.
It’s group policy inheritance model, where the policies are applied toLocal machines, Sites, Domains and Organizational Units.
Why doesn’t LSDOU work
under Windows NT ?
If the NTConfig.pol file exist, it has the highest priority among the numerous policies.
If the NTConfig.pol file exist, it has the highest priority among the numerous policies.
What’s the number of
permitted unsuccessful logons on Administrator account? Unlimited. Remember, though, that it’s the
Administrator account, not any account that’s part of the Administrators group.
What’s the difference
between guest accounts in Server 2003 and other editions?
More restrictive in Windows Server 2003.
More restrictive in Windows Server 2003.
How many passwords by
default are remembered when you check "Enforce Password History
Remembered"?
User’s last 6 passwords.
User’s last 6 passwords.
Can GC Server and
Infrastructure place in single server If not explain why ?
No, As Infrastructure master does the same job as the GC. It does not work together.
No, As Infrastructure master does the same job as the GC. It does not work together.
Which is service in
your windows is responsible for replication of Domain controller to another
domain controller.
KCC generates the replication topology.
Use SMTP / RPC to replicate changes.
KCC generates the replication topology.
Use SMTP / RPC to replicate changes.
What Intrasite and
Intersite Replication ?
Intrasite is the replication with in the same site & intersite the replication between sites.
Intrasite is the replication with in the same site & intersite the replication between sites.
What is lost &
found folder in ADS ?
It’s the folder where you can find the objects missed due to conflict.
Ex: you created a user in OU which is deleted in other DC & when replication happed ADS didn’t find the OU then it will put that in Lost & Found Folder.
It’s the folder where you can find the objects missed due to conflict.
Ex: you created a user in OU which is deleted in other DC & when replication happed ADS didn’t find the OU then it will put that in Lost & Found Folder.
What is Garbage
collection ?
Garbage collection is the process of the online defragmentation of active directory. It happens every 12 Hours.
Garbage collection is the process of the online defragmentation of active directory. It happens every 12 Hours.
What System State data
contains ?
Contains Startup files,
Registry
Com + Registration Database
Memory Page file
System files
AD information
Cluster Service information
SYSVOL Folder
Contains Startup files,
Registry
Com + Registration Database
Memory Page file
System files
AD information
Cluster Service information
SYSVOL Folder
How long does it take for security changes to be replicated among the
domain controllers?
Security-related modifications are replicated within a site immediately. These changes include account and individual user lockout policies, changes to password policies, changes to computer account passwords, and modifications to the Local Security Authority (LSA)
Security-related modifications are replicated within a site immediately. These changes include account and individual user lockout policies, changes to password policies, changes to computer account passwords, and modifications to the Local Security Authority (LSA)
How can you authenticate between forests?
Four types of authentication are used across forests: (1) Kerberos and NTLM network logon for remote access to a server in another forest; (2) Kerberos and NTLM interactive logon for physical logon outside the user’s home forest; (3) Kerberos delegation to N-tier application in another forest; and (4) user principal name (UPN) credentials.
Four types of authentication are used across forests: (1) Kerberos and NTLM network logon for remote access to a server in another forest; (2) Kerberos and NTLM interactive logon for physical logon outside the user’s home forest; (3) Kerberos delegation to N-tier application in another forest; and (4) user principal name (UPN) credentials.
No comments:
Post a Comment