Professional Documents
Culture Documents
What is the main purpose of a DNS server?DNS servers are used to resolve FQDN
hostnames into IP addresses and vice versa.
What is the port no of dns ?
53.
What is a Forward Lookup?
Resolving Host Names to IP Addresses
What is Reverse Lookup?
Resolving IP Addresses to Host Names
What is a Resource Record?
It is a record provides the information about the resources available in the N/W
infrastructure.
What are the diff. DNS Roles?
Standard Primary, Standard Secondary, & AD Integrated.
What is a Zone?
Zone is a sub tree of DNS database.
Secure services in your network require reverse name resolution to make it more
difficult to launch successful attacks against the services. To set this up, you
configure a reverse lookup zone and proceed to add records. Which record types
do you need to create?
PTR Records
SOA records must be included in every zone. What are they used for?SOA records
contain a TTL value, used by default in all resource records in the zone. SOA records contain
the e-mail address of the person who is responsible for maintaining the zone. SOA records
contain the current serial number of the zone, which is used in zone transfers.
By default, if the name is not found in the cache or local hosts file, what is the first
step the client takes to resolve the FQDN name into an IP address?
Performs a recursive search through the primary DNS server based on the network interface
configuration
What is primary, Secondary, stub & AD Integrated Zone?
Primary Zone: - zone which is saved as normal text file with filename (.dns) in DBS folder.
Maintains a read, write copy of zone database.
Secondary Zone: - maintains a read only copy of zone database on another DNS server.
Provides fault tolerance and load balancing by acting as backup server to primary server.
Stub zone: - contains a copy of name server and SOA records used for reducing the DNS
search orders. Provides fault tolerance and load balancing.
Updates that are made to any domain controller are replicated to all domain controllers and
the zone information about any primary DNS server within an Active Directory integrated
zone is always replicated.
Active Directory integrated zones: Enable you to secure zones by using secure dynamic
update.
Provide increased fault tolerance. Every Active Directory integrated zone can be replicated
to all domain controllers within the Active Directory domain or forest. All DNS servers
running on these domain controllers can act as primary servers for the zone and accept
dynamic updates.
Enable replication that propagates changed data only, compresses replicated data, and
reduces network traffic. If you have an Active Directory infrastructure, you can only use
Active Directory integrated zones on Active Directory domain controllers. If you are using
Active Directory integrated zones, you must decide whether or not to store Active Directory
integrated zones in the application directory partition.
You can combine Active Directory integrated zones and file-based zones in the same design.
For example, if the DNS server that is authoritative for the private root zone is running on
an operating system other than Windows Server 2003 or Windows 2000, it cannot act as an
Active Directory domain controller. Therefore, you must use file-based zones on that server.
However, you can delegate this zone to any domain controller running either Windows
Server 2003 or Windows 2000.
You installed a new AD domain and the new (and first) DC has not registered its
SRV records in DNS. Name a few possible causes.
The machine cannot be configured with DNS client her own .
The DNS service cannot be run.
What are the benefits and scenarios of using Stub zones?
Understanding stub zones
A stub zone is a copy of a zone that contains only those resource records necessary to
identify the authoritative Domain Name System (DNS) servers for that zone.
A stub zone is used to resolve names between separate DNS namespaces. This type of
resolution may be necessary when a corporate merger requires that the DNS servers for two
separate DNS namespaces resolve names for clients in both namespaces.
A stub zone consists of:
The start of authority (SOA) resource record, name server (NS) resource records, and the
glue A resource records for the delegated zone. The IP address of one or more master
servers that can be used to update the stub zone. The master servers for a stub zone are
one or more DNS servers authoritative for the child zone, usually the DNS server hosting
the primary zone for the delegated domain name.
Use stub zones to:
The list of master servers from which the DNS server loads and updates a stub zone. A
master server may be a primary or secondary DNS server for the zone. In both cases, it will
have a complete list of the DNS servers for the zone.
The list of the authoritative DNS servers for a zone. This list is contained in the stub zone
using name server (NS) resource records. When a DNS server loads a stub zone, such as
widgets.example.com, it queries the master servers, which can be in different locations, for
the necessary resource records of the authoritative servers for the zone
widgets.example.com. The list of master servers may contain a single server or multiple
servers and can be changed anytime.
What is the "in-addr.arpa" zone used for?
In a Domain Name System (DNS) environment, it is common for a user or an application to
request a Reverse Lookup of a host name, given the IP address. This article explains this
process. The following is quoted from RFC 1035: "The Internet uses a special domain to
support gateway location and Internet address to host mapping. Other classes may employ
a similar strategy in other domains. The intent of this domain is to provide a guaranteed
method to perform host address to host name mapping, and to facilitate queries to locate all
gateways on a particular network on the Internet.
"The domain begins at IN-ADDR.ARPA and has a substructure which follows the Internet
addressing structure. "Domain names in the IN-ADDR.ARPA domain are defined to have up
to four labels in addition to the IN-ADDR.ARPA suffix. Each label represents one octet of an
Internet address, and is expressed as a character string for a decimal value in the range 0255 (with leading zeros omitted except in the case of a zero octet which is represented by a
single zero).
"Host addresses are represented by domain names that have all four labels specified."
Reverse Lookup files use the structure specified in RFC 1035.
For example, if you have a network which is 150.10.0.0, then the Reverse Lookup file for
this network would be 10.150.IN-ADDR.ARPA. Any hosts with IP addresses in the
150.10.0.0 network will have a PTR (or 'Pointer') entry in 10.150.IN- ADDR.ARPA
referencing the host name for that IP address. A single IN- ADDR.ARPA file may contain
entries for hosts in many domains. Consider the following scenario. There is a Reverse
Lookup file 10.150.IN-ADDR.ARPA with the following contents: Exp : 1.20 IN PTR
WS1.ACME.COM.
What does a zone consist of & why do we require a zone?
Zone consists of resource records and we require zone for representing sites.
WINS is windows internet name service used to resolve the NetBIOS(computer name)name
to IP address.This is proprietary for Windows.You can use in LAN.DNS is a Domain Naming
System, which resolves Host names to IP addresses. It uses fully qualified domain names.
DNS is an Internet standard used to resolve host names.
What is new in Windows Server 2003 regarding the DNS management?
When DC promotion occurs with an existing forest, the Active Directory Installation Wizard
contacts an existing DC to update the directory and replicate from the DC the required
portions of the directory.
If the wizard fails to locate a DC, it performs debugging and reports what caused the failure
and how to fix the problem. In order to be located on a network, every DC must register in
DNS DC locator DNS records. The Active Directory Installation Wizard verifies a proper
configuration of the DNS infrastructure. All DNS configuration debugging and reporting
activity is done with the Active Directory Installation Wizard.
SOA records must be included in every zone. What are they used for?
SOA records contain a TTL value, used by default in all resource records in the zone. SOA
records contain the e-mail address of the person who is responsible for maintaining the
zone. SOA records contain the current serial number of the zone, which is used in zone
transfers.
By default, if the name is not found in the cache or local hosts file, what is the first step the
client takes to resolve the FQDN name into an IP address? Performs a recursive search
through the primary DNS server based on the network interface configuration.
How do I clear the DNS cache on the DNS server?
Go to cmd prompt and type ipconfig /flushdns .
What is the main purpose of SRV records?
SRV records are used in locating hosts that provide certain network services.
What is the "." zone in my forward lookup zone?
This setting designates the Windows 2000 or Windows Server 2003 DNS server to be a root
hint server and is usually deleted. If you do not delete this setting, you may not be able to
perform external name resolution to the root hint servers on the Internet.
Do I need to configure forwarders in DNS?
No. By default, Windows 2000 DNS uses the root hint servers on the Internet; however, you
can configure forwarders to send DNS queries directly to your ISP's DNS server or other
DNS servers. Most of the time, when you configure forwarders, DNS performance and
efficiency increases, but this configuration can also introduce a point of failure if the
forwarding DNS server is experiencing problems.
The root hint server can provide a level of redundancy in exchange for slightly increased
DNS traffic on your Internet connection. Windows Server 2003 DNS will query root hints
servers if it cannot query the forwarders.
Should I point the other Windows 2000-based and Windows Server 2003-based
computers on my LAN to my ISP's DNS servers?
No. If a Windows 2000-based or Windows Server 2003-based server or workstation does
not find the domain controller in DNS, you may experience issues joining the domain or
logging on to the domain. A Windows 2000-based or Windows Server 2003-based
computer's preferred DNS setting should point to the Windows 2000 or Windows Server
2003 domain controller running DNS.
If you are using DHCP, make sure that you view scope option #15 for the correct DNS
server settings for your LAN.
Do I need to point computers that are running Windows NT 4.0 or Microsoft
Windows 95, Microsoft Windows 98, or Microsoft Windows 98 Second Edition to
the Windows 2000 or Windows Server 2003 DNS server?
Legacy operating systems continue to use NetBIOS for name resolution to find a domain
controller; however it is recommended that you point all computers to the Windows 2000 or
Windows Server 2003 DNS server for name resolution.
What if my Windows 2000 or Windows Server 2003 DNS server is behind a proxy
server or firewall?
If you are able to query the ISP's DNS servers from behind the proxy server or firewall,
Windows 2000 and Windows Server 2003 DNS server is able to query the root hint servers.
UDP and TCP Port 53 should be open on the proxy server or firewall.
What should I do if the domain controller points to itself for DNS, but the SRV
records still do not appear in the zone?
Check for a disjointed namespace, and then run Netdiag.exe /fix.
You must install Support Tools from the Windows 2000 Server or Windows Server 2003 CDROM to run Netdiag.exe.
How do I set up DNS for a child domain?
To set up DNS for a child domain, create a delegation record on the parent DNS server for
the child DNS server. Create a secondary zone on the child DNS server that transfers the
parent zone from the parent DNS server.
Note Windows Server 2003 has additional types of zones, such as Stub Zones and forestlevel integrated Active Directory zones, that may be a better fit for your environment. Set
the child domain controller to point to itself first. As soon as an additional domain controller
is available, set the child domain controller to point to this domain controller in the child
domain as its secondary.
Are you looking for a job as a system administrator? Or are you thinking about leaving your
current position for a new job as a system administrator with a new company in a Microsoft
multi-user computing environment?
If you answered yes to either of those questions, then this article is for you! Any of the
described technologies and questions below may be asked of you during an interview.
A system administrator is responsible for managing a multi-user computing environment,
such as a local area network (LAN). The responsibilities of the system administrator typically
include installing and configuring system hardware and software, establishing and managing
user accounts, upgrading software and performing backup and recovery tasks.
The main responsibilities performed by a system administrator are:
* Active Directory management (adding and configuring new workstations and setting up
user accounts to provide authorizations)
* Installing and updating system software
* OS patching/upgrades
* Preventing the spread of viruses and malicious programs
* Allocating mass storage space
* Reviewing system logs
* System security management
* Creating a backup and recovery policy
* Performance monitoring and optimization
Before facing any interview for a system administrator position, make sure that you have
enough knowledge on these technologies:
Basic Network Concepts:
* Data communication and transmission techniques
* Fundamentals of OSI and TCP/IP model
* IP address classes
* IP subnetting
* IPv6 fundamentals
* Basics of switching
Microsoft Server Functionalities:
* Active Directory Domain Controller (Read only DC , Child DC)
* Active Directory Domain Services
* DHCP Server
* DNS
* File and print server
* Database storage server
* Windows Deployment Services (WDS)
* Group Policy management
* Registry management
* Hyper V
* Schedule tasks (Backup, AD DS Backup)
resolve each others names without having to query DNS servers on the Internet, such
as in the case of a company merger, you should configure the DNS servers in each
network to forward queries for names in the other network. DNS servers in one network
will forward names for clients in the other network to a specific DNS server that will
build up a large cache of information about the other network. When forwarding in this
way, you create a direct point of contact between two networks DNS servers, reducing
the need for recursion.
Stub Zone- Stub-Zones are dynamic -A stub zone is like a secondary zone in that it
obtains its resource records from other name servers (one or more master name
servers). A stub zone is also read-only like a secondary zone, so administrators cant
manually add, remove, or modify resource records on it. But the differences end here,
as stub zones are quite different from secondary zones in a couple of significant
ways.First, while secondary zones contain copies of all the resource records in the
corresponding zone on the master name server, stub zones contain only three kinds of
resource records:
Copies of NS records for all name servers authoritative for the zone.
Copies of A records for all name servers authoritative for the zone.
Unicast
Unicast is a one-to one connection between the client and the server. Unicast uses IP
delivery methods such as Transmission Control Protocol (TCP) and User Datagram
Protocol (UDP), which are session-based protocols. When a Windows Media Player client
connects using unicast to a Windows Media server, that client has a direct relationship
to the server. Each unicast client that connects to the server takes up additional
bandwidth. For example, if you have 10 clients all playing 100-kilobits per second
(Kbps) streams, those clients as a group are taking up 1,000 Kbps. If you have only
one client playing the 100 Kbps stream, only 100 Kbps is being used.
Multicast
Multicast is a true broadcast. The multicast source relies on multicast-enabled routers
to forward the packets to all client subnets that have clients listening. There is no direct
relationship between the clients and Windows Media server. The Windows Media server
generates an .nsc (NetShow channel) file when the multicast station is first created.
Typically, the .nsc file is delivered to the client from a Web server. This file contains
information that the Windows Media Player needs to listen for the multicast. This is
similar to tuning into a station on a radio. Each client that listens to the multicast adds
no additional overhead on the server. In fact, the server sends out only one stream per
multicast station. The same load is experienced on the server whether only one client
or 1,000 clients are listening
http://support.microsoft.com/kb/291786
10) What is new in Windows 2008 AD?
Ans:Read-Only Domain Controllers
Fine-Grained Password Policies
Restartable Active Directory Service
Backup and Recovery
SYSVOL Replication with DFS-R
Auditing Improvements
UI Improvements
11) How to configure RODC to replicate password of users?
Ans:- You can add users in the PASSWORD REPLICATION POLICY tab of RODC
computer properties
12) What is the issue we face while recovering AD from VMware snapshot?
13) Difference between Authoritative and Non-authoritative restore in AD?
Ans:- http://yourcomputer.in/authoritative-vs-non-authoritative-restoration-of-activedirectory
14) What is new in Authoritative restoration in windows 2008?
15) What is new in Windows Cluster 2008?
Ans:- http://yourcomputer.in/whats-new-windows-server-2008-cluster/
16) What is Strict Replication?
Ans:Strict Replication is a mechanism developed by Microsoft developers for Active Directory
Replication. If a domain controller has the Strict Replication enabled then that domain
controller will not get Lingering Objects from a domain controller which was isolated
for more than the TombStone Life Time. TSL is 180 days by default on a Forest created
with Windows Server 2003 SP1. A domain controller shouldnt be outof sync for more
than this period. Lingering Objects may appear on other domain controllers if
replication happens with the outdated domain controllers. These domain controllers will
not replicate with the outdated domain controllers if you have set the below mentioned
registry key.You must set the following registry setting on all the domain controllers to
enable the Strict Replication:
KEY
Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Param
eters
Type: REG_DWORD
than one logical IP network is used on each physical subnet or network, such
configurations are often called multinets.
Support remote DHCP clients located on the far side of DHCP and BOOTP relay
agents (where the network on the far side of the relay agent uses multinets).
In multinet configurations, you can use DHCP superscopes to group and activate
individual scope ranges of IP addresses used on your network. In this way, the DHCP
server can activate and provide leases from more than one scope to clients on a single
physical network.
Superscopes can resolve specific types of DHCP deployment issues for multinets,
including situations in which:
The available address pool for a currently active scope is nearly depleted, and
more computers need to be added to the network. The original scope includes the
full addressable range for a single IP network of a specified address class. You
need to use another range of IP addresses to extend the address space for the
same physical network segment.
Clients must be migrated over time to a new scope (such as to renumber the
Click Start > right-click Computer and select Properties in the menu.
2.
Click Advanced > Settings > Startup and Recovery > Settings > Write
debugging information > Complete memory dump.
3.
Click OK twice.
Ans:- Host A records of replication partners (Domain Controllers), Srv Records to find
out the Domain Controllers GUID in _msdcs zone (DC Locator)
20) Tools to analyze Memory Dump?
Ans:Windows Debugger (WinDbg.exe) tool
Dumpchk,exe
21) Tools to troubleshoot Group Policy issues?
Ans:- You can use AD inbuilt features to troubleshoot group policy issue like RSOP.msc
or can run RSOP by selecting users in Active Directory users and computers, gpresult
-v, gpt.ini in sysvol under Group Policy GUID folder can be checked to find out the GPO
settings configured
22) What AD parameters can be added to enable the Monitoring for AD?
23) How to troubleshoot AD replication issues?
Ans:- It can be troubleshooted by repmon command that generates the error result in
eventvwr. DNS can be checked between two destination. Network/Firewall issue
24) Booting sequence in windows 2008?
Heres the brief description of Windows Server 2008 Boot process.
1.
System is powered on
2.
3.
4.
Through the MBR the boot sector is located and the BOOTMGR is loaded
5.
6.
BOOTMGR reads the BCD file from the \boot directory on the active partition
7.
8.
9.
Winloader loads drivers that are set to start at boot and then transfers the
control to the windows kernel.
System is powered on
2.
3.
4.
Through the MBR the boot sector is located and the BOOTMGR is loaded
5.
6.
BOOTMGR reads the BCD file from the \boot directory on the active partition
7.
8.
9.
Winloader loads drivers that are set to start at boot and then transfers the
control to the windows kernel.
A: A Group Policy Object (GPO) is a collection of settings that control the working
environment of user accounts and computer accounts. GPOs define registry-based policies,
security options, software installation and maintenance options, script options, and folder
redirection options.
There are two kinds of Group Policy objects:
* Local Group Policy objects are stored on individual computers.
* Nonlocal Group Policy objects, which are stored on a domain controller, are available only
in an Active Directory environment.
Q: What is LDAP?
A: LDAP (Light-Weight Directory Access Protocol) determines how an object in an Active
Directory should be named. LDAP is the industry standard directory access protocol, making
Active Directory widely accessible to management and query applications. Active Directory
supports LDAPv2 and LDAPv3.
Q: Where is the AD database stored?
A: The AD database is stored in C:\Windows\NTDS\NTDS.DIT.
Q: What is the SYSVOL folder?
A: The SYSVOL folder stores the server copy of the domains public files that must be
shared for common access and replication throughout a domain.
All AD databases are stored in a SYSVOL folder and its only created in an NTFS partition.
The Active Directory Database is stored in the %SYSTEM ROOT%NDTS folder.
Q: What is Garbage collection?
A: Garbage collection is the online defragmentation of the Active Directory which happens
every 12 hours.
Q: When do we use WDS?
A: Windows Deployment Services is a server role used to deploy Windows operating
systems remotely. WDS is mainly used for network-based OS installations to set up new
computers.
Q: What is DNS and which port number is used by DNS?
A: The Domain Name System (DNS) is used to resolve human-readable hostnames like
www.intenseschool.com into machine-readable IP addresses like 69.143.201.22.
DNS servers use UDP port 53 but DNS queries can also use TCP port 53 if the former is not
accepted.
Q: What are main Email Servers and which are their ports?
A: Email servers can be of two types:
Incoming Mail Server (POP3, IMAP, HTTP)
The incoming mail server is the server associated with an email address account. There
cannot be more than one incoming mail server for an email account. In order to download
your emails, you must have the correct settings configured in your email client program.
Outgoing Mail Server (SMTP)
Most outgoing mail servers use SMTP (Simple Mail Transfer Protocol) for sending emails. The
outgoing mail server can belong to your ISP or to the server where you setup your email
account.
The main email ports are:
* POP3 port 110
* IMAP port 143
* SMTP port 25
* HTTP port 80
* Secure SMTP (SSMTP) port 465
* Secure IMAP (IMAP4-SSL) port 585
* IMAP4 over SSL (IMAPS) port 993
* Secure POP3 (SSL-POP) port 995
Q: What do Forests, Trees, and Domains mean?
A: Forests, trees, and domains are the logical divisions in an Active Directory network.
A domain is defined as a logical group of network objects (computers, users, devices) that
share the same active directory database.
A tree is a collection of one or more domains and domain trees in a contiguous namespace
linked in a transitive trust hierarchy.
At the top of the structure is the forest. A forest is a collection of trees that share a common
global catalog, directory schema, logical structure, and directory configuration. The forest
represents the security boundary within which users, computers, groups, and other objects
are accessible.
Q: Why do we use DHCP?
A: Dynamic Host Configuration Protocol assigns dynamic IP addresses to network devices
allowing them to have a different IP address each time they are connected to the network.
Q: What are Lingering Objects?
A: A lingering object is a deleted AD object that still remains on the restored domain
controller in its local copy of Active Directory. They can occur when changes are made to
directories after system backups are created.
When restoring a backup file, Active Directory generally requires that the backup file be no
more than 180 days old. This can happen if, after the backup was made, the object was
deleted on another DC more than 180 days ago.
19. What is the Start of Authority (SOA) record and is its use?
Ans: It contains information like the server name where the file was created (Primary DNS
Server name), it Maintains the serial number and increments it after every change in the
DNS Zone, stores Refresh interval and Retry interval time, maintains TTL of the records as
well. Read this article for more details.
@
IN SOA
nameserver.place.dom. postmaster.place.dom. (
1
; serial number
3600
; refresh
600
; retry
[1h]
[10m]
86400
; expire
3600 )
; min TTL
[1d]
[1h]
24. How to reserve IP address?Ans: We can assign a particular IP address to the MAC
address of a machine using IP reservation in DHCP.
25. Why do we need two or more subnets?ANS: To segment or restrict/localize one
type of traffic to one segment or subnet of the network.
26. If we have two different subnets then how do I configure it in single DHCP
server?
ANS: Two different scopes are created for two subnets.
27. What is the use of relay agent?
A router drops the DHCP packet as its a broadcast packet. When we enable the relay agent
option on the router it then lets the DHCP Broadcast packets pass through. Hence the relay
agent helps in sending it over to the destined subnet.
28. What is the group policy?
Ans: It is way to provide the desirable predefined environment to all users in an Active
Directory environment and it is centrally manageable.
29. My requirement is to need disable USB port, how will you do?
Through Group policy.
30. How to take a backup of group policy?
Ans: We can use GPMC (Group Policy Management Console), right click on the GPO and
select backup and take backup on destination folder
31. You are an administrator and my requirement is to configure active directory
for four different locations. How will you plan it?
Ans: Depending on the requirement I' ll configure one parent domain and three child
domains, or One domain with four sites, or four different domains (least preferred).
32. What are the two modes a terminal server works in?
ANS: User mode and applciation mode.
33. What is the default security group, groups give explanations?
Ans:
34. You are maintaining remote servers that you can take remote but you cant
ping them, how to troubleshoot?
35. What is use of Kerberos protocol?
Ans: Kerberos protocol is an authentication protocol. When we login in an Active Directory
environment its the protocol that is used to authenticate us.
36. What is the version Kerberos protocol?
Ans: We are using Kerberos V 5.0.
37. What is the authentication protocol in Windows NT?
Ans: Windows NT supported two kinds of challenge/response authentication:
41. What are the Different between and disk mirroring and disk duplexing?
Ans:
Disk Mirroring: Disk mirroring (also known as RAID-1) is the practice of duplicating data in
separate volumes on two hard disks to make storage more fault-tolerant. Mirroring provides
data protection in the case of disk failure, because data is constantly updated to both disks.
However, since the separate disks rely upon a common controller, access to both copies of
data is threatened if the controller fails.
Disk Duplexing: Disk duplexing is a variation of disk mirroring in which each of multiple
storage disks has its own SCSI controller. Disk duplexing overcomes this problem; the use
of redundant controllers enables continued data access as long as one of the controllers
continues to function.
Since the controllers for each disk are different, one of the disks keeps working even if the
other disk fails or one of the disk controller fails. So it gives us the luxury to plan for the
downtime based on our convinience. Another benefit of disk duplexing is increased
throughput. Using a technique known as a split seek, whichever disk can deliver the
requested data more quickly responds. Multiple requests may also be split between the
disks for simultaneous processing.
42. What is the dynamic disk?Dynamic disks provide the ability to create volumes that
span multiple disks (spanned and striped volumes) and the ability to create fault-tolerant
volumes (mirrored and RAID-5 volumes).Dynamic disks offer greater flexibility for volume
management because they use a database to track information about dynamic volumes on
the disk and about other dynamic disks in the computer. Because each dynamic disk in a
computer stores a replica of the dynamic disk database, for example, a corrupted dynamic
disk database can repair one dynamic disk by using the database on another dynamic disk.
Dynamic disks are a separate form of volume management that allows volumes to have
noncontiguous extents on one or more physical disks. Dynamic disks and volumes rely on
the Logical Disk Manager (LDM) and Virtual Disk Service (VDS) and their associated
features. These features enable you to perform tasks such as converting basic disks into
dynamic disks, and creating fault-tolerant volumes. To encourage the use of dynamic disks,
multi-partition volume support was removed from basic disks, and is now exclusively
supported on dynamic disks.
The following operations can be performed only on dynamic disks:
1) Create and delete simple, spanned, striped, mirrored, and RAID-5 volumes.
2) Extend a simple or spanned volume.
3) Remove a mirror from a mirrored volume or break the mirrored volume into two
volumes.
4) Repair mirrored or RAID-5 volumes.
5) Reactivate a missing or offline disk.
but Switches multicast the data packet into the network which reduces the collision of data
packets.
50. Which layer of OSI model does the Router works in?
Ans: One layer Three (Network layer)
51. You are going to migrate the domain how to plan?
Ans: The answer is here.
52. For project requirement you going to share 20 folders what is the step you will
take?
53. What is the need of a VLAN?Ans: To divide/restrict the traffic into one segment of the
network.
54. What kind of privilege is required to transfer FSMO roles?
Ans. logged-on user should be a member of the Enterprise Administrators group to transfer
Schema master or Domain naming master roles, or a member of the Domain Administrators
group of the domain where the PDC emulator, RID master and the Infrastructure master
roles are being transferred.
55. Write down the command line to transfer all the FSMO roles to other server?
Ans: Click Start, click Run, type ntdsutil in the Open box, and then click OK
Type roles, and then press ENTER.
Type connections, and then press ENTER.
Type connect to server servername, and then press ENTER, where servername is the name
of the domain controller that you want to assign the FSMO role to.
At the server connections prompt, type q, and then press ENTER.
Type transfer role, where role is the role that you want to transfer. For example,
To transfer the RID master role, type transfer schema master
To transfer the RID master role, type transfer domain naming master
To transfer the RID master role, type transfer rid master
To transfer the RID master role, type transfer pdc
To transfer the RID master role, type transfer infrastructure master
7. At the fsmo maintenance prompt, type q, and then press ENTER to gain access to the
ntdsutil prompt.
56. Write down the command line to seize all the FSMO roles to a server?Ans:
Click Start, click Run, type ntdsutil in the Open box, and then click OK
Type roles, and then press ENTER.
Type connections, and then press ENTER.
Type connect to server servername, and then press ENTER, where servername is the name
of the domain controller that you want to assign the FSMO role to.
At the server connections prompt, type q, and then press ENTER.
Type seize role, where role is the role that you want to seize. For example,
To seize the RID master role, type seize schema master
To seize the RID master role, type seize domain naming master
To seize the RID master role, type seize rid master
To seize the RID master role, type seize pdc
To seize the RID master role, type seize infrastructure master.
7. At the fsmo maintenance prompt, type q, and then press ENTER to gain access to the
ntdsutil prompt.
57. Command for removing active directory?
Ans: dcpromo /forceremoval
58. How to test whether a domain controller is also a global catalog server:
Click Start, point to Programs, point to Administrative Tools, and then click Active Directory
Sites and Services.
Double-click Sites in the left pane, and then locate the appropriate site or click Default-firstsite-name if no other sites are available.
Open the Servers folder, and then click the domain controller.
In the domain controller's folder, double-click NTDS Settings.
On the Action menu, click Properties.
Describe how the DHCP lease is obtained.
Its a four-step process consisting of (a) IP request, (b) IP offer, IP selection and
(d) acknowledgement.
I cant seem to access the Internet, dont have any access to the corporate
network and on ipconfig my address is 169.254.*.*. What happened?
The 169.254.*.* netmask is assigned to Windows machines running 98/2000/XP if the
DHCP server is not available. The name for the technology is APIPA (Automatic Private
Internet Protocol Addressing).
Weve installed a new Windows-based DHCP server, however, the users do not
seem to be getting DHCP leases off of it.
The server must be authorized first with the Active Directory.
How can you force the client to give up the dhcp lease if you have access to the
client PC?
ipconfig /release
What authentication options do Windows 2000 Servers have for remote clients?
PAP, SPAP, CHAP, MS-CHAP and EAP.
What are the networking protocol options for the Windows clients if for some
reason you do not want to use TCP/IP?
NWLink (Novell), NetBEUI, AppleTalk (Apple).
How do cryptography-based keys ensure the validity of data transferred across the
network?
Each IP packet is assigned a checksum, so if the checksums do not match on both
receiving and transmitting ends, the data was modified or corrupted.
Whats the difference between forward lookup and reverse lookup in DNS?
Forward lookup is name-to-address, the reverse lookup is address-to-name.
specially for web services. the feature set and licensing allows customers easy deployment
of web pages, web sites, web applications and web services.
Web Edition supports 2GB of RAM and a two-way symmetric multiprocessor(SMP). It
provides unlimited anonymous web connections but only 10 inbound server message
block(SMB) connections, which should be more than enough for content
publishing. The server cannot be an internet gateway, DHCP or fax server. Although you can
remotely administer the server with Remote Desktop, the server can not be a terminal
server in the traditional sense. The server can belong to a domain, but cannot be a domain
controller. The included version of the microsoft SQL server database Engine can
support as many as 25 concurrent connections.
How to change the windows xp product key if wrongly installed with other product
key but you have original product key? What you will do to Make your os as
Genuine?
Some third party software are available for this function or reinstall this system
If 512mb Ram is there what will be the minimum and maximum Virtual memory
for the system?
To workout the total virtual memory (page file) required for windows XP you should take the
amount of ram in the system and + 25% (512MB + 25% (128MB) = 640MB total virtual
memory. by setting both the min and max to 640MB you can increase the performances of
the operating system.
What is LDAP?
LDAP, Lightweight Directory Access Protocol, is an Internet protocol that email and
other programs use to look up information from a server.
What domain services are necessary for you to deploy the Windows Deployment
Services on your network?
Windows Deployment Services requires that a DHCP server and a DNS server be installed in
the domain
A: The active Directory means a service that identifies and handles resources, making them
visible for different groups or members that are authorized. It has the role of an object
store. The Active directory sees as objects workstations, people, servers devices or
documents and they all have their own characteristics and access control list or ACL.
resolves names for DNS namespaces, thing required when names must be resolved from
two different DNS namespaces. The Stub zone contains: the master servers IP that is used
for updating the Stub zone and the SOA (Start of Authority), the NS (name server) and the
glue A delegated zone records.
5.Q: What main file is used for Active Directory backup and how it is made?
A: Active Directory backup is made using NTbackup utility. The backup is made once with
the system state and they are restored also together because they depend on each other.
The system state has different components like:
a)
The registry
b)
Boot files or startup files (files required by the operating system to start).
c)
d) The system volume or the SYSVOL folder this is a folder that contains files that are
shared on a domain.
e)
7.Q: In what way is forward lookup zone different from the reverse lookup zone in
NDS?
A: There is one difference between these two: the forward lookup means name to IP and
reverse lookup means IP to name.
8.Q: As a system administrator can you make backup and recovery of data?
A: This is a responsibility that any system administrator must have assume as a basic skill.
Of course there are many types of backup that can be made but all must be known for a
successful career.
9.Q: What is the meaning of DHCP and what is the port used by it to work?
10.Q: Can you ensure an updated system all the time and perform market
research?
A: Staying up-to-date is another strong point of a professional administrator, technology
evolves and we must keep up with the flow, otherwise we cant do our job in a professional
way. Market research is the key to an up-to date work.
15.Q: In how much time are the security changes applied on the domain
controllers?
A: Including policies for personal and public lockout, the changes apply immediately. The
changes also include passwords and LSA or Local Security Authority.
17.Q: Where is the storage place of the environmental settings and documents
from the roaming profile?
A: These documents and settings are deposited locally until the users log off, when they are
moved into the shared folder from the server so the log on at a fresh system may take a
while because of this.
18.Q: What are the classes that we can find in the Active Directory of Windows
Server 2003?
A: We can find:
a) the abstract class which can be made to look like a template and create other
templates, no matter if they are abstract, auxiliary or structural.
b) the structural class is the important type of class that is made from multiple abstract
classes or an existing structural class. They are the only ones that can make Active
Directory objects.
c) the auxiliary class is used as a replace for many attributes of a structural class, it is a
list of attributes.
d) The 88 class is used for objects classes that were defined before 1993 and it is not a
common class, it doesnt use abstract, structural or auxiliary classes.
20.Q: Can you explain to us about you experience in the past regarding windows
administration?
A: I have ten years of experience in this field, I was passionate about computers since
childhood and I installed many operating systems at home and inside organizations
including these versions of windows: 95, 98, 98 SE, NT, Millenium, 2000, 2003 Server, XP,
Seven, Vista. I also managed these systems and performed maintenance, I worked with
different applications from the windows environment.
21.Q: How can you handle a situation in which for instance if you have an
application that is not running on Windows 2003 because its older?
A: In this situation the application has to be started in the compatibility mode with a
previously windows operating system. This is made by right clicking the application icon and
choosing another Windows from the compatibility menu.
23.Q: What difference can we find in the usage of CSVDE versus LDIFDE?
A: CSVDE and LDIFDE are both commands and are used for importing and exporting objects
but they are different in the way that CSVDE uses the format CSV (Comma Separated
Value) which is an Excel file for files and LDIFDE uses LDIF (LDAP Data Interchange Format)
file type which can be viewed with a simple text editor. LDIFDE can be also used for editing
or deleting objects unlike CSVDE.
24.Q: What big differences exist between these two operating systems: Windows
2000 and Windows XP?
A: Windows 2000 has more capabilities than Windows XP especially regarding features like
DHCP, Terminal Services or DNS. It has all the advantages for server usage. Windows 2000
is a little more professional than XP, but they are both coming with different versions for
every user taste. While XP has Home version, Professional or Enterprise, Windows 2000 has
Professional and Server editions. The Home version of XP comes with minimal features
because the target clients are beginners.
25.Q: What are the things that make Unix different from Windows?
A: The code loading runtime of Unix is different from the one that Windows has. We must
become aware of how the system exactly works before we make a dynamically loading
module. Unix has the shared objects with the .so extension that encapsulate lines of code
that the programs will use and the functions names. These function names become the
references of those functions in the memory of the program when the file is combined with
the program. In Windows the .dll file (dynamic-link library file) doesnt have references and
the code of the files does not link to the memory of the program but they get through a
lookup table which points to data or functions. Unix has just one type of library file, with the
.a extension and the code of many object file is contained within with the .o extension.
When the link is created for a shared object file the definition of the identifier may not be
found, so the object code from the library will be included.
primary site if the master data center site fails for any reason. Companies running missioncritical applications will often create mirrored sites. See "Data Center Design."
3. How many types of Backups are available?
Backups are 5 Types:
1. Normal or Full
2. Daily
3. Copy
4. Incremental
5. Differential
7. We have 3 Hard disks with capacity of 2GB, 5GB and 4GB. If I implemented
RAID 5, How much space available for User ?
RAID5 takes the minimum disk space as basic so it takes 2GB from every disk so 6GB is
total disk available. In that 2GB is for Parity. So totally 4GB is available for User.
Lock Computer,
Logoff,
Shutdown,
Change Password,
Task Manager,
Cancel
13. User locked the system and forget password. If we reset the password can the
user able to logon immediately?
It is not possible in NT 4. Even if u change the password, user should restart the system.
It is possible in 2003 server. There is no need to restart the PC
14. Basic difference between between PDC and BDC?
Supports subnetting
Classless routing protocol
It supports multiple network layer protocol
It uses DUAL (Diffusion Update Algorithm) to select the best path
Route is represented by D symbol
It keeps 3 routing tables (Topology table, Neighbour table, Routing table)
Auto summarization by default, but manual summarization is also possible.
ADS is a Directory service which stores all the information in a central location.
It provides the network accessibility to users, applications and administrators.
In ADS everything is stored as an Object. It contains Class Objects and Attribute Objects
All identical objects comes under one class ex. All users comes under User class
Attributes are the properties of the Object ex. For user full name, logon name etc
Simplifies Management:
Eliminates redundant management tasks. Provides a single-point of management for
Windows user accounts, clients, servers, and applications as well as the ability to
synchronize with existing directories.
Reduces trips to the desktop. Automatically distributes software to users based on their
role in the company, reducing or eliminating multiple trips that system administrators need
to make for software installation and configuration.
Better maximizes IT resources. Securely delegates administrative functions to all levels of
an organization.
Lowers total cost of ownership (TCO). Simplifies the management and use of file and print
services by making network resources easier to find, configure, and use.
Strengthens Security:
It improves password security and management. By providing single sign-on to network
resources with integrated, high-powered security services that are transparent to end
users.
It ensures desktop functionality. By locking-down desktop configurations and preventing
access to specific client machine operations, such as software installation or registry editing,
based on the role of the end user.
It speeds e-business deployment. By providing built-in support for secure Internetstandard protocols and authentication mechanisms such as Kerberos, public key
infrastructure (PKI) and lightweight directory access protocol (LDAP) over secure sockets
layer (SSL).
It tightly controls security. By setting access control privileges on directory objects and
the individual data elements that make them up.
Extends Interoperability:
Takes advantage of existing investments and ensures flexibility. Standards-based
interfaces to all features make use of investments and ensure flexibility for future
replica stores attributes most frequently used in search operations (such as a user's first
and last names, logon name, and so on). Object attributes replicated to the global catalog
inherit the same permissions as in source domains, ensuring that data in the global catalog
is secure.
The global catalog performs two key directory roles:
It enables network logon by providing universal group membership information to a
domain controller when a logon process is initiated.
It enables finding directory information regardless of which domain in the forest actually
contains the data.
27. If the Laptop is not displaying when u boot it, what is solution?
Check for the Power Loose connections
Remove Laptop battery and put it again and connect the power cable
Wait for 2 minutes and Start the Laptop.
28. If the system performance is slow, how can u speed it?
34. If 2 DHCP servers are available, from which server the client takes IP?
The client machine typically repeats the discover message several times to make sure it
hears from all the servers, then eventually chooses the "best" server, where what is "best"
is up to the client. It may mean that the addresses the DHCP server has available offer the
longest lease time. Or the client might prefer a server that provides WINS servers over one
that doesn't
35. What are the FSMO Roles (Master Operations) and explain?
structure.
38. Where is Group Policy located physically? What is the use of GPO?
C:/Winnt/SYSVOL/sysvol/ap.ttsl.com/policies
RAID
RAID
RAID
RAID
RAID