Important Questions

1) What are the different port nos. in Windows 2000?

Ans: LDAP – 389, LDAP – 636(SSL), RPC over IP(Replication) – 135, Net
Logon – 137, Kerberos – 88, DNS – 53, RDP – 3389, GC – 3268, SMTP – 25,
Telnet – 23, FTP – 21, SSL – 443, DHCP – 67, DNS – 53, WINS – 42,
2) What is Registry?
Ans: This is the central repository which contains the computer
configuration. It has 5 hives and each hives contains the keys and they
contain the key values.
3) What are the processes involved in the FRS?
Ans: FRS is File replication service which is responsible for replicating
Sysvol folder and the DFS information.
4) Which protocol does FRS uses for directory replication?
Ans: RPC over IP for inter-site and intra-site and uses port no 135.
5) What are the groups in Windows 2003 server?
Ans: Security group and Distribution group.
6) What is Distribution group in windows server 2003?
Ans: It is used for sending e-mails. Administrator group can also perform
this task but this group is compatible with third party software.
7) What is LDAP?
Ans: Light weight Directory Access Protocol. It is directory structure based
on X.500 protocol.
8) What is WINS?
Ans: It is Windows internet Name server. It is used for name resolution to
the IP address. It has a flat structured database. WINS files are in
SystemRoot\System32\Wins\wins.mdb.
9) Which is the tool to recover the corrupted WINS database?
Ans: Jetpack.exe
10) What is PUSH and PULL partners in WINS?
Ans: Push partners send update notices when a database change is made.
A pull partner asks push partners for database entries more recent than
their current listings. Only changes are replicated. Pull servers are used
across slow links since pull requests can be set for specific times.
11) What are the services which registers the NetBIOS name of the
client in WINS Data base?
Ans: Workstation (00h), Messenger (03h), Server (20h) services

12) What is the BOOT UP process in Windows NT/2000?

Ans: POST(Checks all the computer hardware), Choose the OS(NTLDR,
Boot.ini, bootdd.sys, bootsec.dos) , Kernel load (Collects the H/W
configuration from NTLDR with hall.dll and loads in to the registry),
Service Load(loads Session manager(smss.exe) then winlogon.exe which
starts Local security administrator(Lsass.exe)) , Logon (Takes the user
credentials and after successfully logon it copies clone control set to Last
good known configuration).
13) What is KCC?
 Ans: It maintains the AD replication topology. And the replication can be
scheduled in sites and services console.
14) What is KDC?
Ans: Key Distribution Center which is responsible for issuing credentials to
the clients for getting the resource access.
15) What is DDNS?
Ans: It dynamically registers m/c name in the AD integrated DNS
database. It is also used to dynamically register domain controllers name
in the DNS at the time of installing AD.
16) What are Resource records in DNS?
Ans: RR in DNS are MX, PTR, A, SOA, SRV, CNAME, NS.
17) What is SOA record?
Ans: SOA (Start of Authority) record stores the IP address of the primary
Name Server (DNS) for the zone.
18) What are SRV records?
Ans: These are the records which maps the AD service with the location of
the service i.e. GC, Kerberos and Ldap with their port nos.
19) What are the types of DNS?
Ans: Primary, Secondary, Stub only.
20) What are different DNS queries?
Ans: Recursive and iterative.
21) What are stub zones?
Ans: It contains only NS (Naming Service), SOA & possible give a records
which are used on locate name servers.
22) What is conditional forwarding?
Ans: Conditional Forwarding
23) What is NTFS 5.0 file system?
Ans:
24) What are FSMO role in windows 2003?
Ans: Schema master, Domain Naming Master, PDC Emulator, RID Master,
Infrastructure Master.

25) What is FRS and which port it uses for replication?

Ans: IP Over RPC and port no.135.
26) What is the difference between Windows 2000 and
Windows 2003?
Ans: It has extra features such as, Domain Renaming, incremental AD
replication, Catching credential for the GC, Shadow copy, Restoration of
AD through CD media, installs IIS 6.0 as default web server, Multiple DFS
root.
27) What is Active directory?
Ans: It is a directory service which contains the network resources (object)
such as computers, users, printers, scripts and policies and provides a
single console to administer them.
28) What are the functional domain levels of Windows 2003 Active
Directory?
Ans: Windows 2000 Mixed, Windows 2000 native, Windows 2003 Interim,
Windows 2003,
29) What is the difference between GC and Schema?
 Ans: Schema contains all the objects and their attributes of the AD and GC
contains all the objects of the AD but contains the partial attributes i.e.
user name, last name of the user but not the entire attributes.
30) What are Sites in windows 2000 AD?
Ans: Site defines the replication boundaries AD.
31) What is the default time for site replication?
Ans: For inter-site it is 3hours and for intrasite replication it is 15 seconds.
32) What is DFS?
Ans: It contains all the shares of the servers at one console and gives
easy way of administering those shares.
33) What are the modes of DFS?
Ans: Standalone and Domain modes.
34) What are the reasons of creating a domain instead of OU?
35) What is Basic Disk?
36) What is Dynamic disk?
37) What is DISKPART utility?
Ans: It is the command prompt utility used to manage disks in windows
2000, XP and 2003.
38) What is RAID and what are the different types of RAIDs?
39) What is “last good known configuration”?
Ans: The Last Known Good Configuration feature is a recovery option that
you can use to start your computer by using the most recent settings that
worked. The Last Known Good Configuration feature restores registry
information and driver settings that were in effect the last time the
computer started successfully. For example, you can use this feature if
you

cannot start it after you install a new driver for your video adapter, or if
you installed an incorrect driver and have not yet restarted your
computer.
When you start your computer by using the Last Known Good
Configuration feature, the information gets stored in the following registry
key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet
40) What is “Recovery Console”?
41) What is the order of applying group policy in the Active
Directory?
Ans: The order is --- Site, Domain, and OU.
42) What is the difference between assigning and publishing
software in Active Directory?
Ans: software can be assigned to user and computer and publishing
software can be published to user only.
43) What is DHCP?
Ans: Dynamic Host Configuration Protocol
44) What is DHCP Relay Agent?

45) Which port does DHCP uses?

Ans: UDP port 67
46) What is Rogue DHCP?
Ans: Unauthorised DHCP server in AD environment.
47) What is effective permission?
 Ans: It is the combined permission of user and group.
48) Which software RAIDs are supported by Windows 2000?
Ans: RAID 1 and RAID 5.
49) How to do you health check of a domain controller?
Ans: using NLTEST, NETDOM utility.
50) What is SMTP protocol and how it works?(port no 25)
51) What is RPC service?
Ans: Provides the endpoint mapper and other miscellaneous RPC services.
52) What is Computer Browser Service?
Ans: Maintains an updated list of computers on the network and supplies
this list to computers designated as browsers. If this service is stopped,
this list will not be updated or maintained.
53) What is Net Logon service?
Ans: This is required to give logon access for the domain.
54) What is Server service?
Ans: Supports file, print, and named-pipe sharing over the network for the
computer
55) What is EFS? (Encrypted file system)
56) What is the difference between encrypting a folder and giving
permission to the folder?
Ans: EFS gives extra security while accessed across the network.

57) What is non-authoritative restore?

Ans: Authoritative restore only restores the AD database from the backup
on the DC on which it being applied. After the restart it follows the normal
replication process.
58) How do Authoritative restore works?
Ans: It adds 100,000 USN to every change which has been made to the
AD and next time when DC boots it takes the precedence of replicating
the changes to other DC as it has the highest priority USN.
59) What is USN?
Ans: Update Sequence Number is the number assigned to each object of
AD, while they get modified.
60) What is the difference between sysvol and netlogon share?
Ans: Netlogon is the share used in NT which contains login scripts and
policies AND sysvol folder is used in Windows 2000 and which contains
scripts in scripts folder and policies in policy folder.
61) What is Domain Naming Master?
Ans: It is a DC which maintains the group to user reference in the forest
i.e. any changes made to any group on any DC, should reflects the
reference to the user which is associated to that group to all the other
DCs.
62) What is Site Links and Site Link Bridge?
Ans: Site Links are created to establish a connection between the two
sites and Site Link Bridge is created to connect two Site Links
63) What is Bridge Head server?
 Ans: Bridge Head Server is dedicated server which is used for site
replication in a large organization where there are large no of DCs in each
site. It works on the concept of SMTP which stores the replication
information at the time when links is DOWN and keeps the information
until the link comes UP and distributes the information to other DCs in
that site.
64) What is the extra feature added to windows 2003 for GC?
Ans: For cross domain authentication GC is needed, if GC is down then the
DC stores the last stored credential for the authentication.
65) What is LmRepl?
Ans: Used for Directory replication in NT.
66) What is the difference between NTLM and Kerberos?
Ans: NTLM is the authentication protocol used in Windows NT 4.0 and
Kerberos is the authentication protocol used in Windows 2000. Kerberos is
more secure as it uses two way authentication.
67) What is the default time taken by KCC to check the replication
topology?
Ans: 15 mins
68) What happens when RID master goes down?
Ans: Each domain controller is allocated 512 RIDs by the RID master.
When a domain controller has approximately 100 RIDs remaining,
it contacts the RID master and requests an additional 512 RIDs to
replenish its supply. If the RID master is unavailable and a domain
controller runs out of relative IDs, you will no longer be able to use that
computer to create new Active Directory objects.
NOTE: Immediately there will not be any effect.
69) What happens when Schema master is down?
Ans: You can not make changes to the Schema objects.

70) What happens when PDC Emulator is down?

Ans: 1. Password changes will not get replicated to the DC.
2. NT domain information (SAM Database) will not get replicated to
BDCs.
71) What happens when Domain Naming Master is down?
Ans: You can not Rename, create or delete any domain.
72) What happens when Infrastructure Master is down?
Ans: The security group membership will not get updated and the global
group permission information will be lost.
73) What are Active directory Logical partitions?

Ans: 1. Domain Directory Partition

The domain directory partition is the partition where most of the action
takes place. This partition contains all of the domain information,
including information about users, groups, computers, and contacts.
Essentially, anything that can be viewed through the Active Directory
Users and Computers administrative tool is stored in the domain directory
partition
2. Schema directory Partition
It contains the schema for the entire forest. The schema directory
partition is replicated to all domain controllers in the entire forest.
However, only one domain controller, the schema master, has a writable
copy of the schema directory partition. All changes to the schema must
be made on the schema master; the changes are then replicated to all
other domain controllers.
3. GC Partition
The GC partition is stored in the database like the other partitions, but
administrators cannot enter information directly into this partition. The GC
is a read-only partition on all GC servers, and it is built from the contents
of the domain databases.
4. Application Directory Partition
Only one type of application directory partition is created by default in
Active Directory—for the Domain Name System (DNS) server service.
Installing the first Active Directory integrated zone creates the
ForestDnsZones and the DomainDnsZones application directory
partitions. Application directory partitions can store any type of Active
Directory object except security principals. The advantage of application
directory partitions is that replication of the information in the partition
can be controlled.
74) How do you do fragmentation of Active Directory?
Ans: Fragmentation of AD rearranges the data in the Active Directory
database. This can be done using the ntdsutil.
75) What is APIPA?
Ans: It is the Automatic private IP address configuration. If DHCP is not
available and this option is enabled in the alternate configuration in the
network settings, the client automatically assigns IP address which ranges
from 169.254.0.1 to 196.254.255.254.
76) Can you remove a parent domain controller if it has child domain
controllers existing in the domain?
Ans: No. First child DCs should be demoted to member server and then
parent DC should be demoted to the member server.

77) What are the pre-requisites while installing Active directory?

Ans: 1. Domain naming master should be available.
2. File system should be NTFS 5.0, on which AD will be installed.
3. DNS should be available.
4. Non-Windows DNS servers should be configured and it should
support BIND 8.2.1 and which supports SRV records.
78) Where will you check the errors which has encountered during the
installation of AD?
 Ans: Check the errors in dcpromo.log.
79) You are unable to see any share on the server. What are the actions
you will take to fix the problem?
Ans: Check for the server service, which is responsible for providing the
share of the servers.
80) What is computer browser service?
Ans: Its maintains the list of all the computers in the n/w.
81) A client is unable to connect a domain controller. What are the
actions will you take to fix the problem?
Ans: First of all check the n/w connectivity and then check for the DNS
client service running on the client, because the computer without this
service will not be able to resolve the DNS names and locate the Active
Directory DC.
82) Which is the service required to add, remove and repairs
softwares?
Ans: Windows Installer service is required to add, remove and repair
software according to the instruction in the .MSI file
83) What is secondary logon service? OR How can you stop users login
to the desktop when domain is not available?
Ans: It enables starting processes under alternate credentials. If this
service is stopped, this type of logon access will be unavailable. Ex. RUN
AS command will not be available.
84) Can you stop the event log service?
Ans: NO
85) Can you rollback printer driver?
Ans: NO
86) What is the difference in the AD Database structure in Windows
2003 and Windows 2000?
Ans: Windows 2000 has only three partitions i.e. Schema, Configuration
and Domain partitions. Windows 2003 has additional partition i.e.
Application partition which can be customized for the application
integration with the AD.
87) How can you add, modify and delete AD objects through command
tool?
Ans: There are two command tools. CSVDE and LDIFDE.
CSVDE (comma separated value directory exchange) which can be used
to add or create multiple AD objects. It takes file which has value
separated by comma. It can not be used to modify or delete any object in
AD.
LDIFDE (Ldap Directory information file exchange) which can be used to
create, modify and deletion of AD objects. This takes file which has value
separated by line.
88) What is UPN Login?
Ans: User Principle Name login is used when login from one domain to
another domain.
The format is as below:
User name ---- user@domain
Note: Logon box gets grayed out when you type the user name in
the above format.
89) How many versions do Volume shadow copy keeps?
 Ans: It keeps 64 versions of volume or the maximum allocated space for
volume shadow copy.

90) How do you access versions of file through VSC?

Ans: You can access the versions of file only through share if VSC is
enabled.
91) What is Forest Dns Zone?
Ans: It is the Dns zone created in the application partition of the Active
Directory. This partition gets created on all the DCs in forest which has
DNS service running.
92) What is Domain Dns Zone?
Ans: It is the Dns zone created in the application partition of the Active
Directory. This partition gets created on all the DCs in a specific Domain
which has DNS service running.
93) What is DNS troubleshooting tool?
Ans: DNSLint is the resource kit tool for troubleshooting DNS related
problems.
94) What is _msdcs zone in DNS?
Ans: This zone stores the srv records of the domain.
95) What is File signature verification tool?
Ans: When installing new software on your computer, system files and
device driver files are sometimes overwritten by unsigned or incompatible
versions, causing system instability. The system files and device driver
files provided with Windows XP have a Microsoft digital signature, which
indicates that the files are original, unaltered system files or that they
have been approved by Microsoft for use with Windows. Using File
Signature Verification (sigverif.exe), you can identify unsigned files on
your computer and view the following information about them:
• The file's name
• The file's location
• The file's modification date
• The file type
• The file's version number
96) What is universal group membership caching in Windows 2003?
Ans: This is the new feature added to Windows server 2003, which
enables caching user information in the DC when user logs in to the other
domain. This is useful when global catalogue server goes down.

97) How do you upgrade windows 2000 domain/Forest to windows

2003 domain/Forest?
Ans: The above task can be performed by using adprep /domainprep
and adprep /forestprep command.
98) Why global catalogue server and infrastructure roles are not defined
on the same DC?
Ans: The infrastructure master updates the group to user reference
whenever group memberships changes and replicates these changes
across the domain. The infrastructure master compares its data with that
of a global catalog. Global catalogs receive regular updates for objects in
all domains through replication, so the global catalog data will always be
up to date. If the infrastructure master finds that its data is out of date, it
requests the updated data from a global catalog. The infrastructure
master then replicates that updated data to the other domain controllers
in the domain.