Windows Sys Admin Questions

7/29/2019 Windows Sys Admin Questions

1/57

What is RAID? And its Levels?

RAID (REDUNDANT ARRY OF INDEPENDENT DISKS) is a set of technology

standards for teaming disk drives to improve fault tolerance and performance.

RAID LEVELS:

RAID Levels

Level Name

0 Striping

1 Mirroring

2 Parallel Access with Specialized Disks

3 Synchronous Access with Dedicated Parity Disk

4 Independent Access with Dedicated Parity Disk

5 Independent Access with Distributed Parity

6 Independent Access with Double Parity

RAID 0 -- Optimized for Performance

RAID 0 uses striping to write data across multiple drives simultaneously. This means thatwhen you write a 5GB file across 5 drives, 1GB of data is written to each drive. Parallelreading of data from multiple drives can have a significant positive impact onperformance.

The trade-off with RAID 0 is that if one of those drives fail, all of your data is lost andyou must restore from backup.

RAID 0 is an excellent choice for cache servers, where the actual data being stored is oflittle value, but performance is very important.

Striping is the automated process of writing data across multiple drives simultaneously.

Striping is used to increase the performance of disk reads.

When using striping, if you write a 5GB file across 5 drives, 1GB of data is written toeach drive. Parallel reading of data from multiple disks can have a significant positive

impact on performance, because the physical disk drive is most often the performance

bottleneck.

Striping is used inRAID Level 0.

RAID 1 -- Optimized for Redundancy
http://www.tech-faq.com/striping.shtmlhttp://www.tech-faq.com/raid.shtml##http://www.tech-faq.com/raid.shtml##http://www.tech-faq.com/striping.shtml##http://www.tech-faq.com/striping.shtml##http://www.tech-faq.com/raid.shtmlhttp://www.tech-faq.com/raid.shtmlhttp://www.tech-faq.com/striping.shtml##http://www.tech-faq.com/striping.shtml##http://www.tech-faq.com/raid.shtml##http://www.tech-faq.com/raid.shtml##http://www.tech-faq.com/striping.shtml


2/57

RAID 1 uses mirroring to write data to multiple drives. This means that when you write afile, the file is actually written to two disks. If one of the disks fails, you simply replace itand rebuild the mirror.

The tradeoff with RAID 1 is cost. With RAID 1, you must purchase double the amount of

storage space that your data requires.

Mirroring is the automated process of writing data to two drives simultaneously.

Mirroring is used to provide redundancy.

If one drive fails, the redundant drive will continue to store the data and provide access

to it. The failed drive can then be replaced and the drive set can be re-mirrored.

Mirroring is used inRAID Level 1.

Software Mirroring vs. Hardware Mirroring

Disk mirroring can be implemented entirely in software. Software mirroring can be less

expensive, but it is also slower. Software mirroring requires the hostcomputer to write

the mirrored data twice.

Disk mirroring can be implemented in hardware on the host I/O controller. The burden

of writing each bit of data twice is placed upon the I/O controller, which is specifically

designed for it.

Disk mirroring can also be implemented in hardware on an external storage device, such

as a RAID array. In this case, mirroring is completely removed from the hosts

responsibility.

Hot Swappable Hardware

If the hardware is hot swappable, it is possible to replace a failed disk without powering

off the computer. You take out the old drive and put in the new drive with no service

outage.

If the hardware does not support hot-swap, you must schedule a service outage, shut

down and power-off the system, and then replace the drive.

Mirroring vs. Duplexing

Mirroring is the technique of using redundant disks. Duplexing is mirroring, with the

addition of redundant host I/O controllers.

If you are using mirroring and your host I/O controller fails, you will not be able to

access your data until you replace the host I/O controller. With Duplexing, your data will

still be available through the redundant controller.
http://www.tech-faq.com/mirroring.shtmlhttp://www.tech-faq.com/raid.shtml##http://www.tech-faq.com/mirroring.shtml##http://www.tech-faq.com/raid.shtmlhttp://www.tech-faq.com/mirroring.shtml##http://www.tech-faq.com/mirroring.shtml##http://www.tech-faq.com/mirroring.shtml##http://www.tech-faq.com/mirroring.shtml##http://www.tech-faq.com/mirroring.shtml##http://www.tech-faq.com/mirroring.shtml##http://www.tech-faq.com/raid.shtmlhttp://www.tech-faq.com/mirroring.shtml##http://www.tech-faq.com/raid.shtml##http://www.tech-faq.com/mirroring.shtml


3/57

RAID 5 -- A Good Compromise

RAID 5 stripes data across multiple disks. RAID 5, however, adds a parity check bit tothe data. This slightly reduces available disk capacity, but it also means that the RAIDarray continues to function if a single disk fails. In the event of a disk failure, you simply

replace the failed disk and keep going.

The tradeoffs with RAID 5 are a small performance penalty in write operations and aslight decrease in usabable storage space.

RAID 0+1 -- Optimize for Performance and Redundancy

RAID 0+1 combines the performance of RAID 0 with the redundancy of RAID 1.

To build a RAID 0+1 array, you first build a set of RAID 1 mirrored disks and you thencombine these disk sets in a RAID 0 striped array.

A RAID 0+1 array can survive the loss of one disk from each mirrored pair. RAID 0+1cannot survive the loss of two disks in the same mirrored pair.

1. What is DHCP? How we configure DHCP?

Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables aDHCP server to automatically assign an IP address to an individual computer's TCP/IPstack software. DHCP assigns a number dynamically from a defined range of numbers(i.e., a scope) configured for a given network.

Client computers configured to use DHCP for IP assignment do not need to have astatically assigned IP address. In addition, they generally do not need to have addressesconfigured for DNS servers or WINS servers, as these are also set by the DHCP server.

DHCP assigns a TCP/IP address when a system is started. Typically, it works like this:

1. A user turns on a computer with a DHCP client.

2. The client computer sends a broadcast request (called a DISCOVER orDHCPDISCOVER), looking for a DHCP server to answer.

3. The router directs the DISCOVER packet to the correct DHCP server.

4. The server receives the DISCOVER packet. Based on availability and usage policiesset on the server, the server determines an appropriate address (if any) to give to theclient. The server then temporarily reserves that address for the client and sends back tothe client an OFFER (or DHCPOFFER) packet, with that address information. The serveralso configures the client's DNS servers, WINS servers, NTP servers, and sometimesother services as well.


4/57

5. The client sends a REQUEST (or DHCPREQUEST) packet, letting the server knowthat it intends to use the address.

6. The server sends an ACK (or DHCPACK) packet, confirming that the client has a been

given a lease on the address for a server-specified period of time.

When a computer uses a static IP address, it means that the computer is manuallyconfigured to use a specific IP address. One problem with static assignment, which canresult from user error or inattention to detail, occurs when two computers are configuredwith the same IP address. This creates a conflict that results in loss of service. UsingDHCP to dynamically assign IP addresses minimizes these conflicts.

2. What are the ways to configure DNS & Zones?

Domain Name System is the full form of the abbreviation DNS. It can be configured

by clicking the Start button, pointing to the Programs, pointing to Administrative

Tools and clicking DNS Manager (which has two zones, namely the Forward LookupZone and t he Reverse Lookup Zone). When the DNS Server Configuration Wizard

starts, click Next. If it does not auto-start, it can be started by right- clicking theusers server name object in the DNS Manager console and choosing the Configure

Your Server option.

The next step is to choose to add a forward lookup zone, click Next and ensurewhether the new forward lookup zone is a primary zone or not. It can only accept

dynamic updates if it is a primary zone. Click Primary, and then click Next. It must

be ensured that the zone name must either be the same as the users ActiveDirectory Domain name or the same as the suffix for all the computers on the

network wh ich are to be registered wit h t he DNS server (in case of a stand- alone or

workgroup environment). Type the name of the zone and then click Next. The defaultname is accepted for the new zone file. Then click Next . Choose to add a r everse

lookup zone now and click Next.

Click Prim ary and t hen click Next. Type the name of t he zone and th en click Next.

The zone name should be t he same as the Network I D of your local subnet. Acceptthe default nam e for th e new zone file and click Next . Then click Finish to complete

the Server Configuration Wizard.

3. What are the types of backup? Explain each?

There are thr ee types of backup. They are full backup, increm ental backup and

differential backup. Full backup is defined as a complete set of all t he files which theuser wishes to back up. I t is considered to be t he reference set for the user. A full

backup is performed only occasionally. An incremental backup is a backup of allthose files which have changed since the last tim e any t ime of backup was

perform ed. A differential backup is a backup of t hose files which have changed sincethe last time a full backup was performed. It should be performed at regular

intervals


5/57

4. What are FMSO Roles? List them.

FSMO is the acronym for t he term flexible single master operation, which is also

called floating single m aster operation .There are two m ain ty pes of FSMO roles,namely forest-wide FSMO roles and domain-wide FSMO roles. Forest-wide FSMO

roles include Schema Master and Domain Naming Master. Domain-wide FSMO roles

include Relative I D Master, I nfrastructure Master and PDC Emulator.

5. What is scope & super scope?

If you understand the purpose of a superscope explicitlyit will make it clear when to use Superscopes.

First, a mental trick: Every time you hear the word superscope,mentally (out loud at first) add the word "GROUP" so it becomes"superscopeGROUP" - scopeGroup would have been a muchbetter name for this but that's not what the RFCs chose.

A superscope(group) is used when you have a MULTINET--more than one 'logical subnet' on the same 'physical subnet orsegment of wire'.

You want the DHCP server to service both subnets -- a scopeis related to ONE Subnet.

So create each scope (per logical subnet) and create a superscopeGROUPbecause you have a multinet -- add the scopes to the superscope...togroup them.

It's just a scopegroup.

Takeaway: If your organization is growing faster than you can supply IP addresses, youdon't have to fear that you might soon be running on empty--a superscope can come tothe rescue. A superscope is a versatile, cost-effective, and easy-to-use solution whenyoure running out of IP addresses on a network. This walk-through will show you howto set up a superscope and configure it to assign IP addresses.

The growth of the young company you work for as network administrator has surpassedall expectations. Everyone--especially the bosses--has every reason to celebrate. But theIT crowd isn't in the same celebratory mood. The reason? They're running on empty (or,more precisely: the DHCP server is).

The problem is that the DHCP server is fast running out of IP addresses to dish out to allthe new computers being added to serve your company's growing staff complement.There's an exclamation mark hanging like an ill omen over the DHCP server icon(Figure A), an indication that you're dangerously close to the end of the available addresspool.


6/57

Figure A

The exclamation mark next to the DHCP server name is a warning that the IP addresses from the scopehave nearly been depleted.

When the company started out as a small business with 50 PCs three years ago, the 254

IP addresses a Class C subnet offered seemed more than enough for a long time. But nowit's a different story. There are just eight unassigned IP addresses left. As the responsiblenetwork admin, what are your options?

You could lobby for another physical LAN (and thus another subnet), but that wouldmean you'd have to convince the boss to buy a router (or another one if you already havemore than one physical LAN) and (maybe) another DHCP server. But suppose there'sreally no need for a separate physical LAN, apart from your IP address problem?

Changing to another IP address class--maybe Class B, which will provide you with moreaddresses--is another possibility, but again not a very attractive one. This time you'll have

to justify purchasing this address range from your ISP and then face the prospect ofmigrating from the existing address range (scope) to the new one.

Enter: Superscope

Thankfully, there's a much simpler solution--using a superscope. What's a superscope? Akind of mother of all scopes. It allows you to add more than one scope (called childscopes, or member scopes) under one umbrella.

Note

Microsoft introduced the superscope feature with NT4 SP2.

Let's go ahead and create a superscope for the scenario described above. We'll assumeDHCP is set up to use the scope 192.168.0.0. We want to add another scope from the


7/57

same class (Class C), so let's use 192.168.1.0. But first we need to create a superscope.Here's how:

1. Open DHCP.2. Right-click on the DHCP server.

3. From the drop-down list, choose New Superscope (Figure B) to launch the NewSuperscope Wizard.4. The wizard prompts you to enter a name for the superscope. We'll just call it

MySuperscope.5. On the next screen, you'll be asked to select a scope(s) to add to the superscope.

You'll see the list of available scopes--in our example, just 192.168.0.0 (FigureC) Select it and click Next.

Figure B

The first step in creating a superscope.


8/57

Figure C

Adding scopes to the superscope

The final screen of the wizard informs you that you have successfully completed the NewSuperscope wizard and gives you the details (Figure D). If you go back into DHCP,you'll see that the new superscope has been created.


9/57

Figure D

The last screen of the wizard showing the details of the new superscope.

Adopting another child

Now we're ready to create our brand new child scope that will be watched over by our

superscope.

1. Open DHCP.2. Right-click on the DHCP server.3. Select New scope (Figure E) to launch the New scope wizard.4. Choose a name and description for the new scope. As our first scope in this

example was called Scope1, we'll just call this one Scope2.5. The wizard will prompt you to add an IP address range. We'll choose a range

from the Class C range 192.168.1.0. (We could also have chosen 192.168.2.0,192.168.3.0, etc., but we'll stick to ... 1.0, as it follows logically on our firstrange). As for start and end address, we'll select all available addresses, starting

with 192.168.1.1 and ending with 192.168.1.254. Note that the wizard willautomatically complete the Length and Subnet Mask fields (Figure F).

6. On the next screen, you can choose which range of addresses you want toexclude, if any.

7. Now, you get to select the duration of IP address leases. The default is eight days.8. The wizard then gives you the opportunity to configure DHCP options. You can

choose to do it now or wait until later. Note, however, that you have to configurethe most common options (like DNS server address and default gateway) before


10/57

clients can use the scope, so now is as good a time as ever to do it. Just use thesame options as your existing scope.

9. After configuring the DHCP options, you are asked whether you want to activatethe scope now or later. Once activated, you're done.

Figure E

The New scope wizard will walk you through the steps of creating a scope.


11/57

Figure F

The address details of the new scope, with a little help from the wizard.

Figure G shows our superscope and two child scopes. Notice the red downward pointing

arrow to the right of the toolbar. Don't worry--it doesn't mean your superscope is down.You click on the arrow to deactivate a scope or superscope. Warning: Do not deactivate asuperscope unless you want to get rid of all its member scopes!

Figure G

The new scope and the two child scopes.


12/57

One last step

You now have what is termed a multinet--multiple subnets on a single physical network.But you're not quite there yet. Yes, you have an additional scope; yes, you have asuperscope. But your superscope won't assign IP addresses from the new scope. And

even if you add a static address from the pool to a client machine, you'll notice that youcan't browse the network.

You still need to add the route to your DHCP server's network adaptor, and if you have arouter, you'll want to add the IP address to it as well. Here's how to add that new addressto your NIC:

1. Open your Local Area Connection and click on Properties.2. Highlight Internet Protocol (TCP/IP) and click on the Properties tab to open the

properties screen shown in Figure H.3. Click on Advanced which will take you to Advanced TCP/IP settings.

4. Select Add. A window will open where you have to add the new IP address(Figure I). Enter the address and click Add.

5. The next window will show both your IP addresses. Click OK, OK again on thenext screen, and Close and you're done.


13/57

Figure H

The TCP/IP properties screen.

Figure I

Here, you add the address of your new subnet.

Now, if you add an address from the new subnet as a static IP address to a client machine,you should be able to browse the network.

I won't go into the details of adding the new IP address range to a router's Ethernetinterface, but if you're Cisco certified, you'll find it to be a simple procedure. (If you don'tknow your way around a router, though, steer clear.)


14/57

The commands to add an IP address to an interface look something like this (dependingon the interface and address):

int e 0/0

ip address 192.168.1.0 255.255.255.0

But you're adding a second address to the same interface, so you have to add the keywordsecondary to the command. So to add the address range from our new child scope, thecommand would be:

int e 0/0

ip address 192.168.1.0 255.255.255.0 secondary

Help for remote subnets

So far, we have assumed you have a single physical subnet. But what if you have anotherone (let's call it physical subnet B) and you're running out of IP addresses there? We'reassuming that your DHCP server on subnet A supplies addresses to subnet B. Asuperscope will also come to your rescue in a scenario like this--with a little help from arelay agent.

Note

A relay agent is a program that relays DHCP/BOOTP messages between clients andservers on different subnets.

Warning: Do not attempt to set up your DHCP server as a relay agent--it won't work as aDHCP server any longer. Instead, try to relay any DHCP requests from clients to"another" DHCP server.

To supply IP addresses from a DHCP server located on subnet A to clients on anotherphysical network--subnet B--you'll set up a superscope on subnet A. To this superscope,

you'll add one or more child scopes, which will supply IP addresses to clients on subnetB.

Because you're concerned only with creating additional scopes to support clients onsubnet B, you don't need to include the scope for subnet A as part of the superscope.

As most--probably all--modern routers have DHCP/BOOTP relay agent support, asdescribed in RFC 1542, you probably won't need to set up another server as a DHCP


15/57

relay agent. So all you'll need to do is configure the router (or have it configured) with itsrelay agent set to point to the IP address of the DHCP server.

Note

Although you could set up an NT server or workstation as a DHCP relay agent, you cando this only on a server with Windows 2000 server and Windows Server 2003.

6. Differences between Win 2000 Server & Advanced Server?7. Logical Diagram of Active Directory? What is the difference between child

domain & additional domain server?8. FTP, NNTP, SMTP, KERBEROS, DNS, DHCP, POP3 port numbers?9. What is Kerberos? Which version is currently used by Windows? How does

Kerberos work?

10.boot process in windows nt/xp/2000/200311. how do you configure memory dump if c:,d:,e: & paging file is configured so andso way?

12.backups ? which is better, why and which to use when?

13. disaster recovery plan?

14. DHCP lease process

15. DNS zones, chronicle records what are they?

16. DHCP relay agent where to place it?

17. what is active directory compared to SAM?

18. what is GC? how many required for A Tree?

19. what is forest?

20. Group policies?

21. FSMO Roles?

22.What is Active Directory schema?23.What are the domain functional level in Windows Server 2003?24.What are the forest functional level in Windows Server 2003?25.What is global catalog server?26.How we can raise domain functional & forest functional level in Windows Server

2003?27.Which is the deafult protocol used in directory services?28.What is IPv6?


16/57

29.What is the default domain functional level in Windows Server 2003?W30.What are the physical & logical components of ADS31.In which domain functional level, we can rename domain name?32.What is multimaster replication?33.What is a site?

34.Which is the command used to remove active directory from a domain controler?35.How we can create console, which contain schema?36.What is trust?37.What is the file thats responsible for keep all Active Directory database?

Technical Interview Questions Active Directory

What is Active Directory?

What is LDAP?

Can you connect Active Directory to other 3rd-party Directory Services? Name a few options.

Where is the AD database held? What other folders are related to AD?

What is the SYSVOL folder?

The sysVOL folder stores the server's copy of the domain's public files. The contentssuch as group policy, users etc of the sysvol folder are replicated to all domain controllersin the domain. The sysvol folder must be located on an NTFS volume.

Name the AD NCs and replication issues for each NC

What are application partitions? When do I use them

Application Directory Partition is a partition space in Active Directory which anapplication can use to store that application specific data. This partition is then replicatedonly to some specific domain controllers.

The application directory partition can contain any type of data except security principles(users, computers, groups).

How do you create a new application partition

The DnsCmd command is used to create a new application directory partition. Ex. tocreate a partition named NewPartition on the domain controller DC1.contoso.com, logon to the domain controller and type following command.

DnsCmd DC1/createdirectorypartition NewPartition.contoso.com

How do you view replication properties for AD partitions and DCs?

What is the Global Catalog?

How do you view all the GCs in the forest?

Why not make all DCs in a large forest as GCs?

Trying to look at the Schema, how can I do that?


17/57

What are the Support Tools? Why do I need them?

What is LDP? What is REPLMON? What is ADSIEDIT? What is NETDOM? What isREPADMIN?

What are sites? What are they used for?

What's the difference between a site link's schedule and interval?

What is the KCC?

What is the ISTG? Who has that role by default? What are the requirements for installing AD on a new server?

What can you do to promote a server to DC if you're in a remote location with slow WAN link?

How can you forcibly remove AD from a server, and what do you do later? Can I get userpasswords from the AD database?

What tool would I use to try to grab security related packets from the wire?

Name some OU design considerations.

What is tombstone lifetime attribute?

What do you do to install a new Windows 2003 DC in a Windows 2000 AD?

What do you do to install a new Windows 2003 R2 DC in a Windows 2003 AD?

How would you find all users that have not logged on since last month?

What are the DS* commands?

What's the difference between LDIFDE and CSVDE? Usage considerations?

What are the FSMO roles? Who has them by default? What happens when each one fails?

What FSMO placement considerations do you know of?

I want to look at the RID allocation table for a DC. What do I do?

What's the difference between transferring a FSMO role and seizing one? Which one should youNOT seize? Why?

How do you configure a "stand-by operation master" for any of the roles?

How do you backup AD?

How do you restore AD?

How do you change the DS Restore admin password?

Why can't you restore a DC that was backed up 4 months ago?

What are GPOs?

What is the order in which GPOs are applied?

Name a few benefits of using GPMC. What are the GPC and the GPT? Where can I find them?

What are GPO links? What special things can I do to them?

What can I do to prevent inheritance from above?

How can I override blocking of inheritance?

How can you determine what GPO was and was not applied for a user? Name a few ways to dothat.

A user claims he did not receive a GPO, yet his user and computer accounts are in the right OU,and everyone else there gets the GPO. What will you look for?

Name a few differences in Vista GPOs

Name some GPO settings in the computer and user parts.

What are administrative templates?

What's the difference between software publishing and assigning?

Can I deploy non-MSI software with GPO? You want to standardize the desktop environments (wallpaper, My Documents, Start menu,

printers etc.) on the computers in one department. How would you do that?

Add Ques t ion

What are the required components of Windows Server 2003 for installing Exchange 2003? ( 1 )

What must be done to an AD forest before Exchange can be deployed? ( 1 )
http://faiqs.com/faiqs_repo/1935.phphttp://faiqs.com/faiqs_repo/1936.phphttp://faiqs.com/faiqs_repo/1936.phphttp://faiqs.com/faiqs_repo/1935.phphttp://faiqs.com/faiqs_repo/1935.php


18/57

What Exchange process is responsible for communication with AD? ( 1)

What 3 types of domain controller does Exchange access? ( 1 )

What connector type would you use to connect to the Internet, and what are the two methods of sending

mail over that connector? ( 1 )

How would you optimise Exchange 2003 memory usage on a Windows Server 2003 server with more than

1Gb of memory? ( 1 )

What would a rise in remote queue length generally indicate? ( 1 )

What would a rise in the Local Delivery queue generally mean? ( 1 )

What are the standard port numbers for SMTP, POP3, IMAP4, RPC, LDAP and Global Catalog? ( 1 )

Name the process names for the following: System Attendant ( 1 )

What is the maximum amount of databases that can be hosted on Exchange 2003 Enterprise? ( 1 )

What are the disadvantages of circular logging? ( 1 )

Describe how the DHCP lease is obtained ( 1 )

I cant seem to access the Internet, dont have any access to the corporate network and on ipconfig myaddress is 169.254.*.*. What happened? ( 1 )

Weve installed a new Windows-based DHCP server, however, the users do not seem to be getting DHCP

leases off of it. ( 1 )

How can you force the client to give up the dhcp lease if you have access to the client PC? ( 1 )

What authentication options do Windows 2000 Servers have for remote clients? ( 1 )

What are the networking protocol options for the Windows clients if for some reason you do not want to use

TCP/IP? ( 1 )

What is data link layer in the OSI reference model responsible for? Data link layer is located above the

physical layer, but below the network layer. ( 1 )

What is binding order? ( 1 )

How do cryptography-based keys ensure the validity of data transferred across the network? ( 1 )

Should we deploy IPSEC-based security or certificate-based security? ( 1 )

What is LMHOSTS file? ( 1 )

Whats the difference between forward lookup and reverse lookup in DNS? ( 1 )

How can you recover a file encrypted using EFS? ( 1 )

Explain hidden shares. ( 1 )

How do the permissions work in Windows 2000? What permissions does folder inherit from the parent?( 1 )

Why cant I encrypt a compressed file on Windows 2000? ( 1 )

If I rename an account, what must I do to make sure the renamed account has the same permissions as the

original one? ( 1 )

Whats the most powerful group on a Windows system? ( 1 )

What are the accessibility features in Windows 2000? ( 1 )

Why cant I get to the Fax Service Management console? ( 1 )
http://faiqs.com/faiqs_repo/1937.phphttp://faiqs.com/faiqs_repo/1956.phphttp://faiqs.com/faiqs_repo/1958.phphttp://faiqs.com/faiqs_repo/1938.phphttp://faiqs.com/faiqs_repo/1944.phphttp://faiqs.com/faiqs_repo/1942.phphttp://faiqs.com/faiqs_repo/1939.phphttp://faiqs.com/faiqs_repo/1939.phphttp://faiqs.com/faiqs_repo/1940.phphttp://faiqs.com/faiqs_repo/1940.phphttp://faiqs.com/faiqs_repo/1941.phphttp://faiqs.com/faiqs_repo/1942.phphttp://faiqs.com/faiqs_repo/1943.phphttp://faiqs.com/faiqs_repo/1944.phphttp://faiqs.com/faiqs_repo/1945.phphttp://faiqs.com/faiqs_repo/1946.phphttp://faiqs.com/faiqs_repo/1947.phphttp://faiqs.com/faiqs_repo/1948.phphttp://faiqs.com/faiqs_repo/1948.phphttp://faiqs.com/faiqs_repo/1949.phphttp://faiqs.com/faiqs_repo/1949.phphttp://faiqs.com/faiqs_repo/1950.phphttp://faiqs.com/faiqs_repo/1951.phphttp://faiqs.com/faiqs_repo/1952.phphttp://faiqs.com/faiqs_repo/1952.phphttp://faiqs.com/faiqs_repo/1953.phphttp://faiqs.com/faiqs_repo/1953.phphttp://faiqs.com/faiqs_repo/1954.phphttp://faiqs.com/faiqs_repo/1955.phphttp://faiqs.com/faiqs_repo/1956.phphttp://faiqs.com/faiqs_repo/1957.phphttp://faiqs.com/faiqs_repo/1958.phphttp://faiqs.com/faiqs_repo/1959.phphttp://faiqs.com/faiqs_repo/1960.phphttp://faiqs.com/faiqs_repo/1961.phphttp://faiqs.com/faiqs_repo/1962.phphttp://faiqs.com/faiqs_repo/1963.phphttp://faiqs.com/faiqs_repo/1963.phphttp://faiqs.com/faiqs_repo/1964.phphttp://faiqs.com/faiqs_repo/1965.phphttp://faiqs.com/faiqs_repo/1966.phphttp://faiqs.com/faiqs_repo/1966.phphttp://faiqs.com/faiqs_repo/1965.phphttp://faiqs.com/faiqs_repo/1964.phphttp://faiqs.com/faiqs_repo/1963.phphttp://faiqs.com/faiqs_repo/1963.phphttp://faiqs.com/faiqs_repo/1962.phphttp://faiqs.com/faiqs_repo/1961.phphttp://faiqs.com/faiqs_repo/1960.phphttp://faiqs.com/faiqs_repo/1959.phphttp://faiqs.com/faiqs_repo/1958.phphttp://faiqs.com/faiqs_repo/1957.phphttp://faiqs.com/faiqs_repo/1956.phphttp://faiqs.com/faiqs_repo/1955.phphttp://faiqs.com/faiqs_repo/1954.phphttp://faiqs.com/faiqs_repo/1953.phphttp://faiqs.com/faiqs_repo/1953.phphttp://faiqs.com/faiqs_repo/1952.phphttp://faiqs.com/faiqs_repo/1952.phphttp://faiqs.com/faiqs_repo/1951.phphttp://faiqs.com/faiqs_repo/1950.phphttp://faiqs.com/faiqs_repo/1949.phphttp://faiqs.com/faiqs_repo/1949.phphttp://faiqs.com/faiqs_repo/1948.phphttp://faiqs.com/faiqs_repo/1948.phphttp://faiqs.com/faiqs_repo/1947.phphttp://faiqs.com/faiqs_repo/1946.phphttp://faiqs.com/faiqs_repo/1945.phphttp://faiqs.com/faiqs_repo/1944.phphttp://faiqs.com/faiqs_repo/1943.phphttp://faiqs.com/faiqs_repo/1942.phphttp://faiqs.com/faiqs_repo/1941.phphttp://faiqs.com/faiqs_repo/1940.phphttp://faiqs.com/faiqs_repo/1940.phphttp://faiqs.com/faiqs_repo/1939.phphttp://faiqs.com/faiqs_repo/1939.phphttp://faiqs.com/faiqs_repo/1938.phphttp://faiqs.com/faiqs_repo/1937.phphttp://faiqs.com/faiqs_repo/1966.phphttp://faiqs.com/faiqs_repo/1965.phphttp://faiqs.com/faiqs_repo/1964.phphttp://faiqs.com/faiqs_repo/1963.phphttp://faiqs.com/faiqs_repo/1962.phphttp://faiqs.com/faiqs_repo/1961.phphttp://faiqs.com/faiqs_repo/1960.phphttp://faiqs.com/faiqs_repo/1959.phphttp://faiqs.com/faiqs_repo/1958.phphttp://faiqs.com/faiqs_repo/1957.phphttp://faiqs.com/faiqs_repo/1956.phphttp://faiqs.com/faiqs_repo/1955.phphttp://faiqs.com/faiqs_repo/1954.phphttp://faiqs.com/faiqs_repo/1953.phphttp://faiqs.com/faiqs_repo/1952.phphttp://faiqs.com/faiqs_repo/1951.phphttp://faiqs.com/faiqs_repo/1950.phphttp://faiqs.com/faiqs_repo/1949.phphttp://faiqs.com/faiqs_repo/1948.phphttp://faiqs.com/faiqs_repo/1947.phphttp://faiqs.com/faiqs_repo/1946.phphttp://faiqs.com/faiqs_repo/1945.phphttp://faiqs.com/faiqs_repo/1944.phphttp://faiqs.com/faiqs_repo/1943.phphttp://faiqs.com/faiqs_repo/1942.phphttp://faiqs.com/faiqs_repo/1941.phphttp://faiqs.com/faiqs_repo/1940.phphttp://faiqs.com/faiqs_repo/1939.phphttp://faiqs.com/faiqs_repo/1938.phphttp://faiqs.com/faiqs_repo/1937.php


19/57

What do I need to ensure before deploying an application via a Group Policy? ( 1 )

How do you configure mandatory profiles? ( 1 )

I cant get multiple displays to work in Windows 2000. ( 1 )

Whats a maximum number of processors Win2k supports? ( 1 )

I had some NTFS volumes under my Windows NT installation. What happened to NTFS after Win 2kinstallation? ( 1 )

How do you convert a drive from FAT/FAT32 to NTFS from the command line? ( 1 )

Explain APIPA. ( 1 )

How does Internet Connection Sharing work on Windows 2000? ( 1 )

Posted in:Networking, Windows |

Windows sysadmin interview questions

1. Aneesh Says:March 29th, 2006 at 11:49 pm

What is Active Directory Schema?

The Active Directory schema contains formal definitions of every object classthat can be created in an Active Directory forest it also contains formal definitionsof every attribute that can exist in an Active Directory object. Active Directorystores and retrieves information from a wide variety of applications and services.So that it can store and replicate data from a potentially infinite variety of sources,Active Directory standardizes how data is stored in the directory. By

standardizing how data is stored, the directory service can retrieve, update, andreplicate data while ensuring that the integrity of the data is maintained.

2. kiran Says:May 15th, 2006 at 11:46 pm

What is Schema Master?

1) Schema master is a set of rules which is used to define the structure of activedirectory. It contains definitions of all the objects which are stored in AD. Itmaintains information and detail information of objects.

What is Domain Level Policy?

2) If there are many organizational units and to implement policy on all OUs weuse Domain level policy.
http://faiqs.com/faiqs_repo/1967.phphttp://faiqs.com/faiqs_repo/1968.phphttp://faiqs.com/faiqs_repo/1969.phphttp://faiqs.com/faiqs_repo/1970.phphttp://faiqs.com/faiqs_repo/1971.phphttp://faiqs.com/faiqs_repo/1971.phphttp://faiqs.com/faiqs_repo/1972.phphttp://faiqs.com/faiqs_repo/1972.phphttp://faiqs.com/faiqs_repo/1973.phphttp://faiqs.com/faiqs_repo/1974.phphttp://www.techinterviews.com/?cat=5http://www.techinterviews.com/?cat=6http://www.techinterviews.com/?p=273#comment-23298#comment-23298http://www.techinterviews.com/?p=273#comment-25654#comment-25654http://www.techinterviews.com/?p=273#comment-25654#comment-25654http://www.techinterviews.com/?p=273#comment-23298#comment-23298http://www.techinterviews.com/?cat=6http://www.techinterviews.com/?cat=5http://faiqs.com/faiqs_repo/1974.phphttp://faiqs.com/faiqs_repo/1973.phphttp://faiqs.com/faiqs_repo/1972.phphttp://faiqs.com/faiqs_repo/1971.phphttp://faiqs.com/faiqs_repo/1971.phphttp://faiqs.com/faiqs_repo/1970.phphttp://faiqs.com/faiqs_repo/1969.phphttp://faiqs.com/faiqs_repo/1968.phphttp://faiqs.com/faiqs_repo/1967.phphttp://faiqs.com/faiqs_repo/1974.phphttp://faiqs.com/faiqs_repo/1973.phphttp://faiqs.com/faiqs_repo/1972.phphttp://faiqs.com/faiqs_repo/1971.phphttp://faiqs.com/faiqs_repo/1970.phphttp://faiqs.com/faiqs_repo/1969.phphttp://faiqs.com/faiqs_repo/1968.phphttp://faiqs.com/faiqs_repo/1967.php


20/57

What is Global Catalog Server?

3) Global Catalog Server maintains full information about its own domain andpartial information about other domains. It is a forest wide role.

What is Site?

4) Sites: one or more well-connected highly reliable and fast TCP/IP subnets. Asite allows administrator to configure active directory access and replicationtopology to take advantage of the physical network.

What is the command for running AD?

5) dcpromo to add/remove active directory but first ADC should be removed

before DC if we want to remove DC first then check this server is last domaincontroller in domain.

Can you explain us briefly Architecture of Windows 2000/2003?

What are main differences in Windows NT and Windows 2000 Architecture?

3. SUVENDUSays:August 15th, 2006 at 11:08 pm

A).What is global catalog server?

A global catalog server is a domain controller it is a master searchable databasethat contains information about every object in everydomain in a forest. The global catalog contains a complete replica of allobjects in Active Directory for its host domain, and contains a partial replicaof all objects in Active Directory for every other domain in the forest.It have two important functions:i)Provides group membership information during logon and authenticationii)Helps users locate resources in Active Directory

B) Which is the command used to remove active directory from a domaincontroler?

ANS DCPROMO in command prompt
http://www.techinterviews.com/http://www.techinterviews.com/?p=273#comment-30698#comment-30698http://www.techinterviews.com/?p=273#comment-30698#comment-30698http://www.techinterviews.com/


21/57

4. SUVENDUSays:August 15th, 2006 at 11:29 pm

In which domain functional level, we can rename domain name?

All domain controllers must be running Windows Server 2003, and the ActiveDirectory functional level must be at the Windows Server 2003.Yes u can rename the domain in windows server 2003

5. irfan Says:September 1st, 2006 at 1:19 am

User(s) are complaining of delays when using the network. What would you do?

6. shaikSays:September 3rd, 2006 at 12:24 pm

hi

NTDS.DIT

We have to open the register to see the schema master fsmo role

regsvr 32 schmamgmt.

Light wait directory Access Protocal (ldap)

What ever changes done in D.C will effect at A.D, we can call it as multi-master

replication.

7. Kumar Ken Says:September 13th, 2006 at 3:53 pm

To allow users in one domain to access resources in another, AD uses trust.Trust is automatically produced when domains are created. The forest sets thedefault boundaries of trust, not the domain, and implicit trust is automatic. Aswell as two-way transitive trust, AD trusts can be shortcut (joins two domains indifferent trees, transitive, one- or two-way), forest (transitive, one- or two-way),realm (transitive or nontransitive, one- or two-way), or external (non-transitive,

one- or two-way) in order to connect to other forests or non-AD domains. ADuses the Kerberos V5 protocol, although NTLM is also supported and webclients use SSL/TLS.

Multi-master replication is a method of replication employed by databases totransfer data or changes to data across multiple computers within a group.Multi-master replication can be contrasted with a master-slave method (alsoknown as single-master replication).
http://www.techinterviews.com/http://www.techinterviews.com/?p=273#comment-30701#comment-30701http://techinterview/http://www.techinterviews.com/?p=273#comment-31607#comment-31607http://www.techinterviews.com/?p=273#comment-32006#comment-32006http://www.techinterviews.com/?p=273#comment-33752#comment-33752http://www.techinterviews.com/?p=273#comment-33752#comment-33752http://www.techinterviews.com/?p=273#comment-32006#comment-32006http://www.techinterviews.com/?p=273#comment-31607#comment-31607http://techinterview/http://www.techinterviews.com/?p=273#comment-30701#comment-30701http://www.techinterviews.com/


22/57

Internet Protocol version 6 (IPv6) is a network layer IP standard used byelectronic devices to exchange data across a packet-switched internet work. Itfollows IPv4 as the second version of the Internet Protocol to be formallyadopted for general use.

What are the domain functional levels in Windows Server 2003?

http://technet2.microsoft.com/WindowsServer/en/library/b3674c9b-fab9-4c1e-a8f6-7871264712711033.mspx?mfr=true

8. Naresh Nimmagadda Says:October 13th, 2006 at 9:06 am

ip v6it ia a 128 bit size addresshere we can see total 8 octants each octets size is 16 bits separated with :

it is in hexa decimal formatthese 3 types1.unicast address2.multicast address3.anycast addressloopback address of ip v6 is ::1

9. RamanandSays:November 27th, 2006 at 5:00 am

What is mean by dns,dhcp.?what is maen different between hub and switch ?what is meam by brodcast id?what is mean by loop back id?what is mean by schema ?what is mean by master searchable directory

10.Srikanth Says:December 8th, 2006 at 6:08 am

10. In which domain functional level, we can rename domain name?

The System Properties dialog box can also be used to rename a domain controller,

and it does not require the functional level to be raised to Windows Server 2003.

11.Renga Raju Says:December 13th, 2006 at 11:43 pm

What is Rsop ?Resultant set of policy provides to make policy modification and trouble shootingeasier. Rsop is the query object it has two mode
http://www.techinterviews.com/?p=273#comment-39776#comment-39776http://www.techinterviews.com/?p=273#comment-50021#comment-50021http://www.techinterviews.com/?p=273#comment-52174#comment-52174http://www.techinterviews.com/?p=273#comment-52934#comment-52934http://www.techinterviews.com/?p=273#comment-52934#comment-52934http://www.techinterviews.com/?p=273#comment-52174#comment-52174http://www.techinterviews.com/?p=273#comment-50021#comment-50021http://www.techinterviews.com/?p=273#comment-39776#comment-39776


23/57

1. logging mode: Polls existing policies and the reports the result of the query.

2. Planning mode: The questions ask about the planned policy and the report theresult of the query.

Whatis the concept for authoritative and non-authoritative restoration?

1. Non-authoriative restore: which accept the entries from other domain controllerafter restored the data.2. Authoritative: Not accept the entries from other domain controller.

What is the ntds.tit file default size?40 mb

What is multimaster replication?Ans. It is also known as single-master replication. Multi-master replication is amethod of replication employed by databases to transfer data or changes to dataacross multiple computers within a group. Multi-master replication can be contrastedwith a master-slave method.

What is Integrated DSN

In addition to storing primary zone information in Dns we can also store it inactive directory as active directory object. This integrates Dns with activedirectory in order to take advantage of active directory features

The benefits are:Zone can be modified from any domain controller within the domain and thisinformation is automatically updated or replicated to all the other domaincontrollers along with the active directory replication. This replication is said tobe multimaster replication.

We no longer face the standard DNS server drawbacks.

In standard DNS server only the primary server can modify the zone and thenreplicate the changes to other domain controllers(It was in windows NT4 before).

But when DNS gets integrated with AD .Zone can be modified and replicatedfrom any domain controller.

Fault tolerance

Security


24/57

You can prevent access to any updates to zone or individual record preventinginsecure dynamic updates.

What is DFS?

The two technologies in DFS are as follows:

DFS Replication. New state-based, multimaster replication engine that isoptimized for WAN environments. DFS Replication supports replicationscheduling, bandwidth throttling, and a new byte-level compression algorithmknown as remote differential compression (RDC).

DFS Namespaces. Technology that helps administrators group shared folderslocated on different servers and present them to users as a virtual tree of foldersknown as a namespace. DFS Namespaces was formerly known as Distributed FileSystem in Windows 2000 Server and Windows Server 2003.

What is system boot process in windows 2000

The Windows 2000 boot process differs slightly between the Intel and RISC platforms. In this article,we look at the differences between these two platforms.

Preboot and Boot Sequences

On Intel-based systems, the boot process is made up of a preboot sequence and boot sequence. Thepreboot sequence consists of the following steps:

1. Power-On Self Tests (POST) are run.

2. The boot device is found, the Master Boot Record (MBR) is loaded into memory, and its

program is run.

3. The active partition is located, and the boot sector is loaded.

4. The Windows 2000 loader (NTLDR) is then loaded.

The boot sequence executes the following steps:

1. The Windows 2000 loader switches the processor to the 32-bit flat memory model.

2. The Windows 2000 loader starts a mini-file system.

3. The Windows 2000 loader reads the BOOT.INI file and displays the operating system

selections (boot loader menu).


25/57

4. The Windows 2000 loader loads the operating system selected by the user. If Windows 2000

is selected, NTLDR runs NTDETECT.COM. For other operating systems, NTLDR loads

BOOTSECT.DOS and gives it control.

5. NTDETECT.COM scans the hardware installed in the computer, and reports the list to NTLDR

for inclusion in the Registry under the HKEY_LOCAL_MACHINE_HARDWARE hive.

6. NTLDR then loads the NTOSKRNL.EXE, and gives it the hardware information collected by

NTDETECT.COM. Windows NT enters the Windows load phases.

What is paging.

When a program is selected for execution, the system brings it into virtual storage,

divides it into pages of four kilobytes, transfers the pages into central storage forexecution. To the programmer, the entire program appears to occupy contiguous

space in storage at all times. Actually, not all pages of a program are necessarily incentral storage, and the pages that are in central storage do not necessarily occupy

contiguous space.

The pieces of a program executing in virtual storage must be moved between realand auxiliary storage. To allow this, z/OS manages storage in units, or b locks, of

four kilobytes. The following blocks are defined:

A block of central storage is a f r a m e.

A block of virtual storage is a page.

A block of auxiliary storage is a s lot .

A page, a frame, and a slot are all the same size: Four kilobytes. An active virtualstorage page resides in a central storage frame. A virtual storage page that becomes

inactive resides in an auxiliary storage slot (in a paging data set). Figure 1 shows therelationship of pages, frames, and slots.

In Figure 1, z/OS is performing paging for a program running in virtual storage. The

lettered boxes represent parts of the program. In this simplified view, program parts

A, E, F, and H are active and running in central storage frames, while parts B, C, D,and G are inactive and have been moved to auxiliary storage slots. All of theprogram parts, however, reside in virtual storage and have virtual storage

addresses.
http://publib.boulder.ibm.com/infocenter/zoslnctr/v1r7/topic/com.ibm.zconcepts.doc/zconcepts_90.html#zconcepts_90__frpgslot#zconcepts_90__frpgslothttp://publib.boulder.ibm.com/infocenter/zoslnctr/v1r7/topic/com.ibm.zconcepts.doc/zconcepts_90.html#zconcepts_90__frpgslot#zconcepts_90__frpgslothttp://publib.boulder.ibm.com/infocenter/zoslnctr/v1r7/topic/com.ibm.zconcepts.doc/zconcepts_90.html#zconcepts_90__frpgslot#zconcepts_90__frpgslothttp://publib.boulder.ibm.com/infocenter/zoslnctr/v1r7/topic/com.ibm.zconcepts.doc/zconcepts_90.html#zconcepts_90__frpgslot#zconcepts_90__frpgslot


26/57

Figure 1. Frames, pages, and slots

z/OS uses a series of tables to determine whether a page is in real or auxiliarystorage, and where. To find a page of a program, z/OS checks the table for the

virtual address of the page, rather than searching through all of physical storage forit. z/OS then transfers the page into central storage or out to auxiliary storage as

needed. This movement of pages between auxiliary storage slots and central storage

frames is called pag ing . Paging is key to understanding the use of virtual storage inz/OS.

z/OS paging is transparent to the user. During job execution, only those pieces of

the application that are required are brought in, or paged in , to central storage. Thepages remain in central storage until no longer needed, or until another page is

required by the same application or a higher-priority application and no emptycentral storage is available. To select pages for paging out to auxiliary storage, z/OS

follows a "Least Used" algorithm. That is, z/OS assumes that a page that has not

been used for some time will probably not be used in the near future.

What is the default Functional level in windows server 2003, we can rename domain?

The default domain functional level in Windows Server 2003 is Windows 2000 Mixed.

We can rename domain name in Windows Server 2003 functional level

What is the command for removing active directory the command line?

dcpromo /forceremoval

Removing Active Directory:If we want to remove Active Directory then we willuse commandDCPROMOIf some one deleted parent domain and we want to

remove from child domain then we will use commandDCPROMO /FORCEREMOVALNote: - we should not remove parent domain first. Weshould start from bottom means child domainand after that its parent and so on.

1. DNS(Domain Name Service):


27/57

Its mainly used to resolve from host name(FQDN-Fully Qualified DomainName) to IP address and IP address to host name.DNS mainly used in Internet.DNS devide in form of hierarchical.

2. DHCP (Dynamic Host Configuration Protocol):

DHCP use for provide IP address dynamically to client machine. If that client notable to find DHCP server then client machine will go for APIPA (We have rangefor APIPA which is 169.254.0.1-169.254.255.254).

3. HUB and SWITCH:

Switch is expencive than hub. If more then one user try to send packet at a timecollision will occure but in switch we can send. Switch is full duplex. Maximumbandwidth is 100 Mhz and that bandwidth is shared by all of the PCs connected

to the hub. Data can be sent in both directions simultaneously, the maximumavailable bandwidth is 200 Mbps, 100 Mbps each way, and there are no otherPCs with which the bandwidth must be shared.

1. Difference between Router and Routing: -

Router: -

Router is a device which is used to connect different network. A device or setupthat finds the best route between any two networks, even if there are several

networks to traverse. Like bridges, remote sites can be connected using routersover dedicated or switched lines to create WANs.Routing: --Process of delivering a message across one or more networks via the mostappropriate path.

2. Dynamic Routing and Static Routing: -

Dynamic routing performs the same function as static routing except it is morerobust. Static routing allows routing tables in specific routers to be set up in astatic manner so network routes for packets are set. If a router on the route goesdown the destination may become unreachable. Dynamic routing allows routingtables in routers to change as the possible routes change. There are severalprotocols used to support dynamic routing including RIP and OSPF

12.ZahedSays:April 18th, 2007 at 1:45 pm
http://www.techinterviews.com/?p=273#comment-84568#comment-84568http://www.techinterviews.com/?p=273#comment-84568#comment-84568


28/57

Hi, i want to know to total process to migrate from Windows NT server toWindows 2000 server.

What are all the process will done when we start server tell me briefly which filework for which process.

May 25th, 2007 at 7:22 am

The four domain functional levels are:

Windows 2000 MixedWindows 2000 NativeWindows Server 2003 InterimWindows Server 2003

Windows 2000 Mixed

When you configure a new Windows Server 2003 domain, the default domainfunctional level is Windows 2000 mixed.Under this domain functional level, Windows NT, 2000, and 2003 domaincontrollers are supported. However,certain features such as group nesting, universal groups, and so on are notavailable.

Windows 2000 NativeUpgrading the functional level of a domain to Windows 2000 Native should onlybe done if there areno Windows NT domain controllers remaining on the network. By upgrading toWindows 2000 Native functional level,additional features become available including: group nesting, universal groups,SIDHistory, and the ability to convertsecurity groups and distribution groups.

Windows Server 2003 InterimThe third functional level is Windows Server 2003 Interim and it is often usedwhen upgrading fromWindows NT to Windows Server 2003. Upgrading to this domain functional levelprovides support forWindows NT and Windows Server 2003 domain controllers. However, likeWindows 2000 Mixed, it does not provide new features.

Windows Server 2003The last functional level is Windows Server 2003. This domain functional levelonly provides support forWindows Server 2003 domain controllers. If you want to take advantage of all the


29/57

features included withWindows Server 2003, you must implement this functional level. One of the mostimportant features introducedat this functional level is the ability to rename domain controllers

13.Annveer N. HalkoodSays:July 29th, 2007 at 10:58 pm

what are the types of name resolution?

how name resolution will take place?

what are the Groups?

what is DHCP Relay agent?

14.Thyagu Says:September 18th, 2007 at 7:48 pm

1. Active Directory schema is collection of object class and attributes. Eg user isan object and its having a lot attributes such as first name ,last name etcIt present in only one domain in a forest, schema master is having the ability toupdate the changes in the Active directory schema.Schema Administrator only can access and edit the schema.

You cannot see the AD schema when you installed AD (dcpromo).

You need to run the registry file for schema in cmd mode :regsvr32.dll schmmgmt

Then you can see the Add -snap in wizard in mmc console ,there you can..

2. The domain functional level in Windows Server 2003

Domain functional level support only the windows domain controllers not clientlevel o/s.

They are four:windows 2000 mixed(by default) supports- win nt, win 2000,win2003.Windows 2000 native- supports- win 2000 ,win 2003

Windows 2003 interim- supports ->win NT, win 2003Windows 2003 - supports-win 2003 only

3. Forest functional level in Windows Server 2003There are threewindows 2000 mixed supports- win nt, win 2000,win2003.Windows 2000 native- supports- win 2000,win 2003Windows 2003 - supports-win 2003 only
http://www.techinterviews.com/?p=273#comment-113721#comment-113721http://www.techinterviews.com/?p=273#comment-123656#comment-123656http://www.techinterviews.com/?p=273#comment-123656#comment-123656http://www.techinterviews.com/?p=273#comment-113721#comment-113721


30/57

4. Global Catalogit is a searchable database Engine. It is used to search the objects in a forest. In2003, Universal Group caching membership is available for speedy logon acrossdomain. Port no: 3268, 3269it is also taking part of AD replication.

15.Thyagu Says:September 19th, 2007 at 5:04 pm

5.How we can raise domain functional & forest functional level in WindowsServer 2003?

AD users and computers>domain functional level->choose DFL as per yourenvironment.

AD Domain and Trust>Forest functional level>choose FFL as would yourenvironment.

Note: once you have change the DFL and FFL, cannot be revert.

6. The default protocol used in directory services?LDAP.

7. What are the physical & logical components of ADS

Physical->sites,domain controller

Logical ->Forest,domain,tree,ou

8. In which domain functional level, we can rename domain name

Windows 2003 dfl, you can rename the domain.

Note: Not recommended to rename the domain by Microsoft itself. You need tofollow up the proper procedure to prevent the further issue. Renaming is simple,but forecast issue is lot.

11.Multi-master replication

Whenever a change occurs to any object within an Active Directory domain, that

change is replicated automatically to all domain controllers within the domain.

This process is called multi-master replication. Multi-master replication does not

happen instantly across all servers simultaneously. Rather, it is a controlled

process where each domain controller peer is updated and validated in a

logically controlled procedure.


31/57

12. Site:

Site is one or more IP subnets. It contains connection objects and computerobjects and mainly used for AD replication.

15.Trust is relationship,between forest,domain.

16 NTDS.dit is the file thats responsible for keep all Active Directory database.

Hi,Can you pleas answer my query1.How to Export the Ad data in Excel. Specially Tabs Like (General,Account,Exchange Advance, Security, Members of )Without any 3rd partysoftware.

2. Suppose i have deleted any object from Ad but after 2-3 days i want back that

object..What is the process to restore the deleted Ad object.

16.Raj Narayan Says:November 22nd, 2007 at 4:55 am

Hi,Can anyone give me the answer of the mention Questions:1. Windows server 2008 is actual which version of Windows server ?2. Explain NAP in Windows Server 20083. How 1 can implement IP verison 6 using Windows Server 2008?4. What are the enhancements in Terminal server which comes with Win2k8 ?5. Which version of IIS comes with Windows server 2008?6. What is the new feature included in Windows Server 2008 which can lockentire hard disk drive?7. How easy it is to combine Windows Server 2008 os with physical networking& security appliances?8. What are the certifications available for Windows 2008 track?9. What is MCP member site and whats advantage of it ?10. What is TechNet subscription and what indivisual get by subscribing toTechNet?

What is DHCP relay agent?

If you have two or more subnet,you need to configure more DHCP server in eachsubnet instead of place DHCP server ,we can configure DHCP relay angentwherever you want.

Note:Minimum one DHCP server on your network


32/57

What is mean by dns,dhcp ?

DNS : it is Domain name system ,this is used to reslove the IP address to sitename and, site name to IP address

DHCP: It is dynamic host configuration protocol,It is using to distribute the IP toall client systems in a network.

It is layer two device(Data Link Layer)

What is meam by brodcast id?

It will forward the message to all system in a network (255.255.255.255).

Example : This is my Ip address 192.168.1.1/30let we find out the subnet,host address,broadcast address ?

Subnet will be 255.255.255.252My valued host address is 192.168.1.5 to 192.168.1.6My broadcast address will 192.168.1.7

What is mean by loop back id?

It is local host address using this we can check the TCP/IP protocol stack ,specialto check the network card (127.0.0.1).

17.Prasath Jayabal Says:March 3rd, 2008 at 6:24 am

What is mean by schema ?

Windows Server 2000/2003 Active Directory uses a database set of rules is calledSchema

What is the diffence between SD-RAM and DD-RAM ?

1. shaikSays:June 29th, 2006 at 2:25 am

Can Ichange my DC IP( dns, pref dns, gateway) while dc is working.and can i give another ip.

(what happend if i give that ip and what happend about the replication of ther dcwhen i am in suspend mode) ?
http://www.techinterviews.com/?p=273#comment-168849#comment-168849http://www.techinterviews.com/?p=229#comment-28781#comment-28781http://www.techinterviews.com/?p=229#comment-28781#comment-28781http://www.techinterviews.com/?p=273#comment-168849#comment-168849


33/57

2. mohd.sameerSays:August 3rd, 2006 at 1:30 am

i have been asked if there is set of 30 harddisk configured for raid 5 if twoharddisk failed what about data

3. Tech Says:September 17th, 2006 at 3:40 am

i have been asked if there is set of 30 harddisk configured for raid 5 if twoharddisk failed what about data

Tech Interviews comment by mohd.sameer

4. Raj Narayan Says:September 23rd, 2006 at 12:51 am

Hi,Can anybody give me the answer of the mention questions.

1.How Can i Deploy the Latest Patched in Pc through G.P. wihtout having theAdmin Right in Pc.2.How to remove the $sharing through G.P. in 1000 PCs.3.In Raid 5,Suppose i have 5 HDD of 10-10 GB, After configuring the Raid howmuch space do i have for utilise.4.How Can i Resolve the Svr name through Nslookup.

Thanks & Regards,

Raj Narayan

5. Debabrata Swain Says:October 17th, 2006 at 7:49 am

What is difference between scope and superscope ?

6. Aarif Shaikh Says:November 26th, 2006 at 10:13 am

Q) Can I changed password if my machinces connectivity to DC who holds PDC

emulator role has been fails?A) No You cant the password.

Q) i have been asked if there is set of 30 harddisk configured for raid 5 if twoharddisk failed what about dataA) It depends how u had configured ur RAID its only Raid5 or with with spare ifits only raid 5 then in raid5 if ur 2 nos of HDD goes then ur raid is gone.
http://www.techinterviews.com/?p=229#comment-30353#comment-30353http://www.techinterviews.com/?p=229#comment-34522#comment-34522http://www.techinterviews.com/?p=229#comment-35701#comment-35701http://www.ortelcom.com/http://www.techinterviews.com/?p=229#comment-40648#comment-40648http://www.techinterviews.com/?p=229#comment-49874#comment-49874http://www.techinterviews.com/?p=229#comment-49874#comment-49874http://www.techinterviews.com/?p=229#comment-40648#comment-40648http://www.ortelcom.com/http://www.techinterviews.com/?p=229#comment-35701#comment-35701http://www.techinterviews.com/?p=229#comment-34522#comment-34522http://www.techinterviews.com/?p=229#comment-30353#comment-30353


34/57

Q) How Can i Deploy the Latest Patched in Pc through G.P. wihtout having theAdmin Right in Pc.A) Create a batch file and place all the patches in the Netlogon, and deploy thebatch file through GP to all the pcs so the same should take affect after restartingthe pc.

Q) In Raid 5,Suppose i have 5 HDD of 10-10 GB, After configuring the Raid howmuch space do i have for utilise.A) -1 out of the total (eg- if u r using 5 u will get only 4 because 1 goes forparity).

Q) How Can i Resolve the Svr name through NslookupA) what exactly u want to do, nslookup command will let u know through whichserver u r getting routed, (eg- c:\nslookup then u will get ur domain name towhich u r getting routed. and if u want to get the name of the pc/server with the ipaddress then u have to give the command c:\nbtstat -a ip xx-xx-xx-xx)

7. bartSays:November 29th, 2006 at 12:27 am

How Can i Deploy the Latest Patched in Pc through G.P. wihtout having theAdmin Right in Pc.A) Create a batch file and place all the patches in the Netlogon, and deploy thebatch file through GP to all the pcs so the same should take affect after restartingthe pc.

the answer to the above question is incorrect.

you cannot deploy a batch file using group policy.

you can only publish or assign msi packages or Zap files. They are the only twovalid file formats allowable when using intellimirror. in active directory.

8. Rehamn Shaikh Says:January 5th, 2007 at 8:35 am

What are FMSO Roles? List themANS:Fsmo roles are server roles in a ForestThere are five types of FSMO roles

1-Scheema master2-Domain naming master3-Rid master4-PDC Emullator5-Infrastructure master

9. Imran Khan Says:January 11th, 2007 at 1:13 am
http://www.techinterviews.com/?p=229#comment-50517#comment-50517http://www.techinterviews.com/?p=229#comment-56219#comment-56219http://www.techinterviews.com/?p=229#comment-57645#comment-57645http://www.techinterviews.com/?p=229#comment-57645#comment-57645http://www.techinterviews.com/?p=229#comment-56219#comment-56219http://www.techinterviews.com/?p=229#comment-50517#comment-50517


35/57

What is Kerberos? Which version is currently used by Windows? How doesKerberos work?

10.vamsi Says:January 30th, 2007 at 8:25 am

what is the difference between 2k and 2k3?

what is the difference between dns and wins?

what is sysprep?

what is netlogon?

11.akshaya Says:February 2nd, 2007 at 9:07 am

how many types of server?(2) what is hotfrix.(3)what is the difrences btwen 2k , 2k3 and xp?(4)how many types DNS(5)hOW MANY TYPES NET ADDRES?(1)WHAT IS T-VOLI.(7) WHICH PROTOCOL USED FOR SENDING MESSAGE.(8) TELL ME WHY WE R USEING EXCHANGE SERVER?(9) WHAT IS THE FUNCTION OF DHCP?(10) HOW DHCP CONFIGURE?PLEASE SEND ALL ANS I NEED YOUR HELP .

12.usha Says:February 18th, 2007 at 2:38 am

what is hotfrix.

It is hotfix, which microsoft realese whenever there is a bug or for updation ofOperating system.(3)what is the difrences btwen 2k , 2k3 and xp?Xp is a client operating system it cannot act as a server, 2k domain name cannotbe renamed, no shadow copying, 2k3 domain name can be renamed, shadow

copying is possible(4)how many types DNSI think there are about 7 types(1)WHAT IS T-VOLI.Tivoli is montiroing tool(7) WHICH PROTOCOL USED FOR SENDING MESSAGE.SNMP


36/57

(9) WHAT IS THE FUNCTION OF DHCP?for providing ip address dynamically

13.Varadarajam Says:March 26th, 2007 at 3:48 pm

*** What is the difference between Win2k Server and Win2k3?

1. We cant rename domain in Win2k,u can rename in Win2k3

2. IIS 5.0 in Win2k and IIS 6.0 in Win2k3

3. No Volume Shadow Copying in Win2k, its available in Win2k3

4. Active Directory Federation Systems in Win2k3

Like that some other security features added in Win2k3, main features are above

***WHICH PROTOCOL USED FOR SENDING MAIL?

SMTP Simple Mail Transfer Protocal is used to Sending mails.

***TELL ME WHY WE R USEING EXCHANGE SERVER?

This is a mail server.. we can use this Server to send mails in Intranet as well asoutside.

*** What is DHCP?

To assign ip addresses automatically.

*** DHCP relay agent where to place it?

DHCP Relay agent u need to place in Software Router.

*** what is forest?

Is a collection of trees. Tree is nothing but collection domains which is havingsame name space.domain contains domain controllers..forest Tree Domain

Dont get confused.. Understand carefully.

*** what is GC? how many required for A Tree?


37/57

Global Catalog server is a Searchable Index book. With this we can find out anyobject in the Active Directory.

Also it works as logon authentication for Group memberships.

We can have each domain controller in domain or only first domain controller in adomain..

*** DNS zones, chronicle records what are they?

In Windows 2000 there are mainly 3 zones

Standard Primary zone information writes in Txt fileStandard Secondary copy of PrimaryActive Directory Integrated Information stores in Active Directory

in win2k3 one more zone is added that is Stub zone

Stub is like secondary but it contains only copy of SOA records, copy of NSrecords, copy of A records for that zone. No copy of MX, SRV records etc.,With this Stub zone DNS traffic will be low

*** FSMO Roles?

Flexible Single Master Operation Roles

1. Domain Naming Master Forest Wide Roles

2. Schema Master Forest Wide Roles3. RID Master Domain Wide Roles4. PDC Emulator Domain Wide Roles5. Infrastructure Master Domain Wide Roles

RID Master It assigns RID and SID to the newly created object like Users andcomputers. If RID master is down (u can create security objects upto RID poolsare avialable in DCs) else u cant create any object one its down

PDC emulator : It works as a PDC to any NT Bdcs in your environment

It works as Time Server (to maintain same time in your network)

It works to change the passwords, lockout etc.,

Infrastructure Master: This works when we are renaming any group member shipobject this role takes care.


38/57

Domain Naming Master : Adding / Changing / Deleting any Domain in a forest ittakes care

Schema Master : It maintains structure of the Active Directory in a forest.

*** FTP, NNTP, SMTP, KERBEROS, DNS, DHCP, POP3 port numbers?

FTP : 20, 21(20 is for controlling, 21 is Transmitting)

NNTP : 119

SMTP : 25

Kerberos : 88

DNS : 53

DHCP : 67, 68

Pop3 : 110

*** What is Kerberos? Which version is currently used by Windows? How doesKerberos work?

Kerberos is the user uthentication used in Win2000 and Win2003 ActiveDirectory servers

Kerberos version in 5.0

Port is : 88

Its more secure and encrypted than NTLM (NT authentication)

14.Sunit Suri Says:May 21st, 2007 at 11:03 am

What is the new major feature introduced in Exchange 2003, which was notincluded in Exchange 2000?

How can you recover a deleted mail box ?

what is the use of ESUtil.exe ?

What are the port Numbers for pop3, imap, smtp port, smtp over ssl, pop3 overssl, imap over ssl ?


39/57

Difference between Exchance 2003 and 2007?

what is RPC over Http ?

What is required for using RPC over Https with MS Outlook ?

If you have deleted the user, after you recreated the same user. How you will givethe access of previous mail box ?

What are the prequisite for installation of Exchange Server ?

What is the use of NNTP with exchange ?

If NNTP service get stoped, what features of exchange will be effected ?

Which protocol is used for Public Folder ?

How will take backup of Active Directory ?

What are the content of System State backup ?

there r more. ill update soon.

15.Harish P Says:June 1st, 2007 at 2:42 pm

Describe the lease process of the DHCP server.

Ans : A DHCP lease is the amount of time that the DHCP server grants to theDHCP client permission to use a particular IP address. A typical server allows itsadministrator to set the lease time.

16.Harish P Says:June 1st, 2007 at 3:43 pm

7. Disaster Recovery Plan?

Ans: Deals with the restoration of computer system with all attendent softwareand connections to full functionality under a variety of damaging or interferingexternal condtions.

17.shan Says:June 22nd, 2007 at 9:57 am

Which protocol is used for Public Folder ?

ANS: SMTP


40/57

What is the use of NNTP with exchange ?

ANS: This protocol is used the news group in exchange.

18.shan Says:June 22nd, 2007 at 10:11 am

How will take backup of Active Directory ?

Ans: Take the system state data backup. This will backup the active directorydatabase. Microsoft recomend only Full backup of system state database

What are the content of System State backup ?

The cotents areBoot fles,system filesActive directory (if its done on DC)Sysvol folder(if it done on DC)Cerficate service ( on a CA server)Cluster database ( on a clsture server)registryPerformance couter configuration inormationCoponet services class registration database

19.shan Says:June 22nd, 2007 at 9:41 pm

What are the prequisite for installation of Exchange Server ?

The pre requsite are

IISSMTPWWW serviceNNTP.NET FrameworkASP.NETThen run ForestprepThe run domainprep

20.Brian Says:June 25th, 2007 at 9:44 am

bart said,How Can i Deploy the Latest Patched in Pc through G.P. wihtout having theAdmin Right in Pc.A) Create a batch file and place all the patches in the Netlogon, and deploy the


41/57

batch file through GP to all the pcs so the same should take affect after restartingthe pc.

the answer to the above question is incorrect.

you cannot deploy a batch file using group policy.

you can only publish or assign msi packages or Zap files. They are the only twovalid file formats allowable when using intellimirror. in active directory.

Actually you are incorrect as well. If you create a script and assign it to theSTARTUP script in a GPO applied to the COMPUTER and not the USER, then itruns as a local administrator on the computer.

21.Shahnawaz Mulla Says:September 12th, 2007 at 10:42 pm

Where is active directory stored?

22.Khan Says:October 1st, 2007 at 12:45 am

What is difference between scope and superscope ?

Scope in dhcp, where u can specify a range of IP Address which will be leased tothe dhcp clients.Superscope is the combination of multiple scopes.


Describe the lease process of the DHCP server.

DHCP Server leases the IP addresses to the clients as follows :DORAD (Discover) : DHCP Client sends a broadcast packets to identify the dhcp server,this packet will contain the source MAC.O (Offer) : Once the packet is recieved by the DHCP server, the server will sendthe packet containing Source IP and Source MAC.

R (Request) : Client will now contact the DHCP server directly and request forthe IP address.A (Acknowledge) : DHCP server will send an ack packet which contains the IPaddress.The default lease period is 8 days.



42/57

What is the new major feature introduced in Exchange 2003, which was notincluded in Exchange 2000?

1) RPC over HTTPS.2) Volume Shadow Copy for backup.

3) Super upgrade tools like ExDeploy.4) Improved security, including all those of IIS v 6.0.

Pl let me know if u still find more differnces.


What are the port Numbers for pop3, imap, smtp port, smtp over ssl, pop3 overssl, imap over ssl ?

POP3 : 110Standard IMAP4 : 143SMTP : 25pop3 over ssl : 992imap over ssl : 993


What are the prequisite for installation of Exchange Server 2003?

* IIS

* SMTP services* NNTP services* ASP.NET* www services* .net framework

27.Josh Says:November 28th, 2007 at 11:10 am

What is a smarthost?

A Exchange server is having bandwidth issues, explain how you would look atfixing the issue?

28.Jitendra Singh ThakurSays:December 8th, 2007 at 10:41 am

What is Blue Screen Error? and when it comes?What is clean Booting?


43/57

What is warm and cold booting?Difference between clean Boot and safe mode?

29.Anthony Says:December 19th, 2007 at 7:06 am

What is warm and cold booting?

ans:A warm boot, accomplished by pressing the CTRL+ALT+DEL keycombination, restarts the computer through the INT19h ROM BIOS routine. Thiswarm-boot procedure usually does not go through the complete boot process;generally, it skips the power-on self test (POST) to save time. In addition, a warmboot frequently fails to reset all adapters in the computers adapter slots.

If you use the Reset button to cold boot the computer, it generally restarts the bootprocess, including the POST. However, this procedure does not necessarilydiscontinue power to the motherboard. If the power is not interrupted, the coldboot may fail to reset all adapters in the computers adapter slots.

if u want any other clarification let me know

30.MANIRASU.R Says:January 4th, 2008 at 5:18 am

Differents between server 2k and 2k3advandags inserver 2k31.domain renname.2.domain controller rename

3.multi user propertis selet4.administrator deleted and rename5.IP v6 supported6.Default APIPA7.maximum group option disable8.task manager extra two options.9.security purpose (shutdow time and restart time ask question)10.forest trust11.IIS v612.shadow copy

31.MahmoodSays:January 16th, 2008 at 12:34 pm

About the new features in Exchange 2003:

1.Updated Outlook Web Access.

2.Updated VSAPI (Virus Scanning Application Programming Interface)


44/57

but in Exchange Server 2003 Enterprise, there are Specific Features which :

1.Eight-node Clustering using the Windows Clustering service in WindowsServer (Ent.&Datacenter)

2.Multiple storage groups.

3.X.400 connectors which supports both TCP/IP and X.25.

1. How do you double-boot a Win 2003 server box? The Boot.ini file is set asread-only, system, and hidden to prevent unwanted editing. To change theBoot.ini timeout and default settings, use the System option in Control Panel from

the Advanced tab and select Startup.2. What do you do if earlier application doesnt run on Windows Server 2003?When an application that ran on an earlier legacy version of Windows cannot beloaded during the setup function or if it later malfunctions, you must run thecompatibility mode function. This is accomplished by right-clicking theapplication or setup program and selecting Properties > Compatibility >selecting the previously supported operating system.

3. If you uninstall Windows Server 2003, which operating systems can yourevert to? Win ME, Win 98, 2000, XP. Note, however, that you cannot upgradefrom ME and 98 to Windows Server 2003.

4. How do you get to Internet Firewall settings? Start > Control Panel >

Network and Internet Connections > Network Connections.5. What are the Windows Server 2003 keyboard shortcuts? Winkey opens orcloses the Start menu. Winkey + BREAK displays the System Properties dialogbox. Winkey + TAB moves the focus to the next application in the taskbar.Winkey + SHIFT + TAB moves the focus to the previous application in thetaskbar. Winkey + B moves the focus to the notification area. Winkey + D showsthe desktop. Winkey + E opens Windows Explorer showing My Computer.Winkey + F opens the Search panel. Winkey + CTRL + F opens the Search panelwith Search for Computers module selected. Winkey + F1 opens Help. Winkey +M minimizes all. Winkey + SHIFT+ M undoes minimization. Winkey + R opensRun dialog. Winkey + U opens the Utility Manager. Winkey + L locks thecomputer.

6. What is Active Directory? Active Directory is a network-based object store andservice that locates and manages resources, and makes these resources availableto authorized users and groups. An underlying principle of the Active Directory isthat everything is considered an objectpeople, servers, workstations, printers,documents, and devices. Each object has certain attributes and its own securityaccess control list (ACL).
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/8b42cf90-1e72-4579-b0ad-2e2b948ce31c.mspxhttp://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/8b42cf90-1e72-4579-b0ad-2e2b948ce31c.mspxhttp://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/8b42cf90-1e72-4579-b0ad-2e2b948ce31c.mspxhttp://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/8b42cf90-1e72-4579-b0ad-2e2b948ce31c.mspx


45/57

7. Where are the Windows NT Primary Domain Controller (PDC) and itsBackup Domain Controller (BDC) in Server 2003? The Active Directoryreplaces them. Now all domain controllers share a multimaster peer-to-peer readand write relationship that hosts copies of the Active Directory.

8. How long does it take for security changes to be replicated among the

domain controllers? Security-related modifications are replicated within a siteimmediately. These changes include account and individual user lockout policies,changes to password policies, changes to computer account passwords, andmodifications to the Local Security Authority (LSA).

9. Whats new in Windows Server 2003 regarding the DNS management? WhenDC promotion occurs with an existing forest, the Active Directory InstallationWizard contacts an existing DC to update the directory and replicate from the DCthe required portions of the directory. If the wizard fails to locate a DC, itperforms debugging and reports what caused the failure and how to fix theproblem. In order to be located on a network, every DC must register in DNS DClocator DNS records. The Active Directory Installation Wizard verifies a proper

configuration of the DNS infrastructure. All DNS configuration debugging andreporting activity is done with the Active Directory Installation Wizard.10.When should you create a forest? Organizations that operate on radically

different bases may require separate trees with distinct namespaces. Unique tradeor brand names often give rise to separate DNS identities. Organizations merge orare acquired and naming continuity is desired. Organizations form partnershipsand joint ventures. While access to common resources is desired, a separatelydefined tree can enforce more direct administrative and security restrictions.

11.How can you authenticate between forests? Four types of authentication areused across forests: (1) Kerberos and NTLM network logon for remote access to aserver in another forest; (2) Kerberos and NTLM interactive logon for physicallogon outside the users home forest; (3) Kerberos delegation to N-tier applicationin another forest; and (4) user principal name (UPN) credentials.

12.What snap-in administrative tools are available for Active Directory? ActiveDirectory Domains and Trusts Manager, Active Directory Sites and ServicesManager, Active Directory Users and Group Manager, Active DirectoryReplication (optional, availa