Blog
INTERVIEW QUESTION AND ANSWER
No Comments
Windows Admin Interview Questions
WINDOWS ADMIN INTERVIEW QUESTIONS
1. Describe how the DHCP lease is obtained. It’s a
four-step process consisting of (a) IP request, (b) IP offer, (c) IP selection
and (d) acknowledgement.
four-step process consisting of (a) IP request, (b) IP offer, (c) IP selection
and (d) acknowledgement.
2. I can’t seem to access the Internet, don’t have any access to the corporate
network and on ipconfig my address is 169.254.*.*. What happened? The 169.254.*.* netmask is assigned to Windows machines running 98/2000/XP
if the DHCP server is not available. The name for the technology is APIPA
(Automatic Private Internet Protocol Addressing).
network and on ipconfig my address is 169.254.*.*. What happened? The 169.254.*.* netmask is assigned to Windows machines running 98/2000/XP
if the DHCP server is not available. The name for the technology is APIPA
(Automatic Private Internet Protocol Addressing).
3. We’ve installed a new Windows-based DHCP server, however, the users do not
seem to be getting DHCP leases off of it. The
server must be authorized first with the Active Directory.
seem to be getting DHCP leases off of it. The
server must be authorized first with the Active Directory.
4. How can you force the client to give up the dhcp lease if you have access
to the client PC? ipconfig /release
to the client PC? ipconfig /release
5. What authentication options do Windows 2000 Servers have for remote
clients? PAP, SPAP, CHAP, MS-CHAP and EAP.
clients? PAP, SPAP, CHAP, MS-CHAP and EAP.
6. What are the networking protocol options for the Windows clients if for
some reason you do not want to use TCP/IP? NWLink
(Novell), NetBEUI, AppleTalk (Apple).
some reason you do not want to use TCP/IP? NWLink
(Novell), NetBEUI, AppleTalk (Apple).
7. What is data link layer in the OSI reference model responsible for? Data
link layer is located above the physical layer, but below the network layer. Taking raw data bits and packaging them into frames. The network layer
will be responsible for addressing the frames, while the physical layer is
responsible for retrieving and sending raw data bits.
link layer is located above the physical layer, but below the network layer. Taking raw data bits and packaging them into frames. The network layer
will be responsible for addressing the frames, while the physical layer is
responsible for retrieving and sending raw data bits.
8. What is binding order? The order by which the
network protocols are used for client-server communications. The most
frequently used protocols should be at the top.
network protocols are used for client-server communications. The most
frequently used protocols should be at the top.
9. How do cryptography-based keys ensure the validity of data transferred
across the network? Each IP packet is assigned a checksum,
so if the checksums do not match on both receiving and transmitting ends, the
data was modified or corrupted.
across the network? Each IP packet is assigned a checksum,
so if the checksums do not match on both receiving and transmitting ends, the
data was modified or corrupted.
10. Should we deploy IPSEC-based security or certificate-based security? They are really two different technologies. IPSec secures the TCP/IP
communication and protects the integrity of the packets. Certificate-based
security ensures the validity of authenticated clients and servers.
communication and protects the integrity of the packets. Certificate-based
security ensures the validity of authenticated clients and servers.
11. What is LMHOSTS file? It’s a file stored on a host
machine that is used to resolve NetBIOS to specific IP addresses.
machine that is used to resolve NetBIOS to specific IP addresses.
12. What’s the difference between forward lookup and reverse lookup in DNS? Forward lookup is name-to-address; the reverse lookup is address-to-name.
13. How can you recover a file encrypted using EFS? Use the domain recovery agent.
IIS QUESTIONS
This came in the mail from
the reader who recently went through a job interview process. He didn’t mention
the company name.
the reader who recently went through a job interview process. He didn’t mention
the company name.
1.
How would you remotely
administer IIS?
How would you remotely
administer IIS?
2.
What is RAID? What is it
used for?
What is RAID? What is it
used for?
3.
How would you go about
securing IIS and MS-SQL Server?
How would you go about
securing IIS and MS-SQL Server?
WINDOWS 2000 ADMINISTRATION QUESTIONS
1.
Explain hidden shares. Hidden or administrative shares are share names with
a dollar sign ($) appended to their names. Administrative shares are usually
created automatically for the root of each drive letter. They do not display in
the network browse list.
Explain hidden shares. Hidden or administrative shares are share names with
a dollar sign ($) appended to their names. Administrative shares are usually
created automatically for the root of each drive letter. They do not display in
the network browse list.
2.
How do the permissions
work in Windows 2000? What permissions does folder inherit from the parent? When you combine NTFS permissions based on users and
their group memberships, the least restrictive permissions take precedence.
However, explicit Deny entries always override Allow entries.
How do the permissions
work in Windows 2000? What permissions does folder inherit from the parent? When you combine NTFS permissions based on users and
their group memberships, the least restrictive permissions take precedence.
However, explicit Deny entries always override Allow entries.
3.
Why can’t I encrypt a
compressed file on Windows 2000? You can either compress it or encrypt it, but not both.
Why can’t I encrypt a
compressed file on Windows 2000? You can either compress it or encrypt it, but not both.
4.
If I rename an account,
what must I do to make sure the renamed account has the same permissions as the
original one? Nothing, it’s all
maintained automatically.
If I rename an account,
what must I do to make sure the renamed account has the same permissions as the
original one? Nothing, it’s all
maintained automatically.
5.
What’s the most powerful
group on a Windows system? Administrators.
What’s the most powerful
group on a Windows system? Administrators.
6.
What are the accessibility
features in Windows 2000? StickyKeys, FilterKeys Narrator, Magnifier, and
On-Screen Keyboard.
What are the accessibility
features in Windows 2000? StickyKeys, FilterKeys Narrator, Magnifier, and
On-Screen Keyboard.
7.
Why can’t I get to the Fax
Service Management console? You can only see it if a fax had been installed.
Why can’t I get to the Fax
Service Management console? You can only see it if a fax had been installed.
8.
What do I need to ensure
before deploying an application via a Group Policy? Make sure it’s either an MSI file, or contains a ZAP
file for Group Policy.
What do I need to ensure
before deploying an application via a Group Policy? Make sure it’s either an MSI file, or contains a ZAP
file for Group Policy.
9.
How do you configure
mandatory profiles? Rename ntuser.dat to ntuser.man
How do you configure
mandatory profiles? Rename ntuser.dat to ntuser.man
10.
I can’t get multiple
displays to work in Windows 2000. Multiple displays have to use peripheral connection
interface (PCI) or Accelerated Graphics Port (AGP) port devices to work
properly with Windows 2000.
I can’t get multiple
displays to work in Windows 2000. Multiple displays have to use peripheral connection
interface (PCI) or Accelerated Graphics Port (AGP) port devices to work
properly with Windows 2000.
11.
What’s a maximum number of
processors Win2k supports? 2
What’s a maximum number of
processors Win2k supports? 2
12.
I had some NTFS volumes
under my Windows NT installation. What happened to NTFS after Win 2k
installation? It got upgraded to NTFS
5.
I had some NTFS volumes
under my Windows NT installation. What happened to NTFS after Win 2k
installation? It got upgraded to NTFS
5.
13.
How do you convert a drive
from FAT/FAT32 to NTFS from the command line? convert c: /fs:ntfs
How do you convert a drive
from FAT/FAT32 to NTFS from the command line? convert c: /fs:ntfs
14.
Explain APIPA. Auto Private IP Addressing (APIPA) takes effect on
Windows 2000 Professional computers if no DHCP server can be contacted. APIPA
assigns the computer an IP address within the range of 169.254.0.0 through
169.254.255.254 with a subnet mask of 255.255.0.0.
Explain APIPA. Auto Private IP Addressing (APIPA) takes effect on
Windows 2000 Professional computers if no DHCP server can be contacted. APIPA
assigns the computer an IP address within the range of 169.254.0.0 through
169.254.255.254 with a subnet mask of 255.255.0.0.
15.
How does Internet
Connection Sharing work on Windows 2000? Internet Connection Sharing (ICS) uses the DHCP
Allocator service to assign dynamic IP addresses to clients on the LAN within
the range of 192.168.0.2 through 192.168.0.254. In addition, the DNS Proxy
service becomes enabled when you implement ICS.
How does Internet
Connection Sharing work on Windows 2000? Internet Connection Sharing (ICS) uses the DHCP
Allocator service to assign dynamic IP addresses to clients on the LAN within
the range of 192.168.0.2 through 192.168.0.254. In addition, the DNS Proxy
service becomes enabled when you implement ICS.
WHAT ARE THE DIFFERENCE IN WINDOWS NT SERVER,
2000SERVER AND 2003 SERVER AND NOW WIN SERVER2008
2000SERVER AND 2003 SERVER AND NOW WIN SERVER2008
NT SAM database is a flat database. Where as in windows 2000 active
directory database is a hierarchical database.
directory database is a hierarchical database.
In Windows NT only PDC is having writable copy of SAM database but the BDC
is only read only database. In case of
is only read only database. In case of
Windows 2000 both DC and ADC is having write copy of the database
Windows NT will not support FAT32 file system. Windows 2000 supports FAT32
Default authentication protocol in NT is NTLM (NT LAN manager). In windows
2000 default authentication protocol is Kerberos V5.
2000 default authentication protocol is Kerberos V5.
Windows 2000 depends and Integrated with DNS. NT user NetBIOS names
Active Directory can be backed up easily with System state data
Application Server mode is introduced in windows 2003
Possible to configure stub zones in windows 2003 DNS
Volume shadow copy services is introduced
Windows 2003 gives an option to replicate DNS data b/w all DNS servers in
forest or All DNS servers in the domain.
forest or All DNS servers in the domain.
PDC contains a write copy of SAM database where as BDC contains read only
copy of SAM database. It is not possible to reset a password or create objects
without PDC in Windows NT.
copy of SAM database. It is not possible to reset a password or create objects
without PDC in Windows NT.
There is no difference between in DC and ADC both contains write copy of
AD. Both can also handles FSMO roles (If transfers from DC to ADC). It is just
for identification.
AD. Both can also handles FSMO roles (If transfers from DC to ADC). It is just
for identification.
Functionality wise there is no difference windows 2008 is fully script
based software with more group policies and permissions win 2000 domain name
can’t change. But in 2003 server we can change.
based software with more group policies and permissions win 2000 domain name
can’t change. But in 2003 server we can change.
In 2003 we can able to add more than 220 group policy but in 2000 it not
possible.
possible.
54 SCREENING QUESTIONS FOR WINDOWS ADMIN
1.
What is Active Directory?
What is Active Directory?
2.
What is LDAP?
What is LDAP?
3.
Can you connect Active Directory to other 3rd-party Directory Services?
Name a few options.
Can you connect Active Directory to other 3rd-party Directory Services?
Name a few options.
4.
Where is the AD database held? What other folders are related to AD?
Where is the AD database held? What other folders are related to AD?
5.
What is the SYSVOL folder?
What is the SYSVOL folder?
6.
Name the AD NCs and replication issues for each NC
Name the AD NCs and replication issues for each NC
7.
What are application partitions? When do I use them
What are application partitions? When do I use them
8.
How do you create a new application partition
How do you create a new application partition
9.
How do you view replication properties for AD partitions and DCs?
How do you view replication properties for AD partitions and DCs?
10.
What is the Global Catalog?
What is the Global Catalog?
11.
How do you view all the GCs in the forest?
How do you view all the GCs in the forest?
12.
Why not make all DCs in a large forest as GCs?
Why not make all DCs in a large forest as GCs?
13.
Trying to look at the Schema, how can I do that?
Trying to look at the Schema, how can I do that?
14.
What are the Support Tools? Why do I need them?
What are the Support Tools? Why do I need them?
15.
What is LDP? What is REPLMON? What is ADSIEDIT? What is NETDOM? What is
REPADMIN?
What is LDP? What is REPLMON? What is ADSIEDIT? What is NETDOM? What is
REPADMIN?
16.
What are sites? What are they used for?
What are sites? What are they used for?
17.
What’s the difference between a site link’s schedule and interval?
What’s the difference between a site link’s schedule and interval?
18.
What is the KCC?
What is the KCC?
19.
What is the ISTG? Who has that role by default?
What is the ISTG? Who has that role by default?
20.
What are the requirements for installing AD on a new server?
What are the requirements for installing AD on a new server?
21.
What can you do to promote a server to DC if you’re in a remote location
with slow WAN link?
What can you do to promote a server to DC if you’re in a remote location
with slow WAN link?
22.
How can you forcibly remove AD from a server, and what do you do later? •
Can I get user passwords from the AD database?
How can you forcibly remove AD from a server, and what do you do later? •
Can I get user passwords from the AD database?
23.
What tool would I use to try to grab security related packets from the
wire?
What tool would I use to try to grab security related packets from the
wire?
24.
Name some OU design considerations.
Name some OU design considerations.
25.
What is tombstone lifetime attribute?
What is tombstone lifetime attribute?
26.
What do you do to install a new Windows 2003 DC in a Windows 2000 AD?
What do you do to install a new Windows 2003 DC in a Windows 2000 AD?
27.
What do you do to install a new Windows 2003 R2 DC in a Windows 2003 AD?
What do you do to install a new Windows 2003 R2 DC in a Windows 2003 AD?
28.
How would you find all users that have not logged on since last month?
How would you find all users that have not logged on since last month?
29.
What are the DS* commands?
What are the DS* commands?
30.
What’s the difference between LDIFDE and CSVDE? Usage considerations?
What’s the difference between LDIFDE and CSVDE? Usage considerations?
31.
What are the FSMO roles? Who has them by default? What happens when each
one fails?
What are the FSMO roles? Who has them by default? What happens when each
one fails?
32.
What FSMO placement considerations do you know of?
What FSMO placement considerations do you know of?
33.
I want to look at the RID allocation table for a DC. What do I do?
I want to look at the RID allocation table for a DC. What do I do?
34.
What’s the difference between transferring a FSMO role and seizing one?
Which one should you NOT seize? Why?
What’s the difference between transferring a FSMO role and seizing one?
Which one should you NOT seize? Why?
35.
How do you configure a “stand-by operation master” for any of the roles?
How do you configure a “stand-by operation master” for any of the roles?
36.
How do you backup AD?
How do you backup AD?
37.
How do you restore AD?
How do you restore AD?
38.
How do you change the DS Restore admin password?
How do you change the DS Restore admin password?
39.
Why can’t you restore a DC that was backed up 4 months ago?
Why can’t you restore a DC that was backed up 4 months ago?
40.
What are GPOs?
What are GPOs?
41.
What is the order in which GPOs are applied?
What is the order in which GPOs are applied?
42.
Name a few benefits of using GPMC.
Name a few benefits of using GPMC.
43.
What are the GPC and the GPT? Where can I find them?
What are the GPC and the GPT? Where can I find them?
44.
What are GPO links? What special things can I do to them?
What are GPO links? What special things can I do to them?
45.
What can I do to prevent inheritance from above?
What can I do to prevent inheritance from above?
46.
How can I override blocking of inheritance?
How can I override blocking of inheritance?
47.
How can you determine what GPO was and was not applied for a user? Name a
few ways to do that.
How can you determine what GPO was and was not applied for a user? Name a
few ways to do that.
48.
A user claims he did not receive a GPO, yet his user and computer accounts
are in
A user claims he did not receive a GPO, yet his user and computer accounts
are in
the
right OU, and everyone else there gets the GPO. What will you look for?
right OU, and everyone else there gets the GPO. What will you look for?
49.
Name a few differences in Vista GPOs
Name a few differences in Vista GPOs
50.
Name some GPO settings in the computer and user parts.
Name some GPO settings in the computer and user parts.
51.
What are administrative templates?
What are administrative templates?
52.
What’s the difference between software publishing and assigning?
What’s the difference between software publishing and assigning?
53.
Can I deploy non-MSI software with GPO?
Can I deploy non-MSI software with GPO?
54.
You want to standardize the desktop environments (wallpaper, My Documents,
Start menu, printers etc.) on the computers in one department. How would you do
that?
You want to standardize the desktop environments (wallpaper, My Documents,
Start menu, printers etc.) on the computers in one department. How would you do
that?
29
RESPONSES TO “54 SCREENING QUESTIONS FOR WINDOWS ADMIN”
RESPONSES TO “54 SCREENING QUESTIONS FOR WINDOWS ADMIN”
Que.: What is Active Directory?
Ans. Active Directory is a Meta Data. Active
Directory is a data base which stores a data base like your user information, computer
information and also other network object info. It has capabilities to manage
and administer the complete Network which connect with AD.
Directory is a data base which stores a data base like your user information, computer
information and also other network object info. It has capabilities to manage
and administer the complete Network which connect with AD.
Que.: What is the Global Catalog?
Ans.: Global Catalog is a server which
maintains the information about multiple domains with trust relationship
agreement.
maintains the information about multiple domains with trust relationship
agreement.
Que: What is Active Directory?
Ans: Active Directory service is an extensible and scalable directory
service that enables you to manage network resources efficiently.
Q01: What is Active Directory?
Ans: Active Directory is directory service that stores information about
objects on a network and makes this information available to users and network
administrators.
Active Directory gives network users access to permitted resources anywhere on
the network using a single logon process.
It provides network administrators with an intuitive, hierarchical view of the
network and a single point of administration
3for all network objects.
Q; What is active directory?
Ans: active
directory is a domain controller which is use to authenticate and administrate
the group of computer, user, server etc. remotely. All the policies and
security will be applicable on the client machine which one is join the domain.
And all this policies and security is defined in active directory.
directory is a domain controller which is use to authenticate and administrate
the group of computer, user, server etc. remotely. All the policies and
security will be applicable on the client machine which one is join the domain.
And all this policies and security is defined in active directory.
Q2: What is LDAP?
Ans2: LDAP (light weight directory access
protocol) is an internet protocol which Email and other services is used to
look up information from the server.
protocol) is an internet protocol which Email and other services is used to
look up information from the server.
Q 18: What is KCC?
Ans 18: KCC (knowledge consistency checker) is used to generate replication
topology for inter site replication and for intrasite replication. Within site
replication traffic are done via remote procedure calls over ip, while between
sites it is done through either RPC or SMTP.
Ans 18: KCC (knowledge consistency checker) is used to generate replication
topology for inter site replication and for intrasite replication. Within site
replication traffic are done via remote procedure calls over ip, while between
sites it is done through either RPC or SMTP.
Q 10: What is Global Catalog Server?
The global catalog is a distributed data repository that contains a searchable,
partial representation of every object in every domain in a multidomain Active
Directory forest. The global catalog is stored on domain controllers that have
been designated as global catalog servers and is distributed through
multimaster replication. Searches that are directed to the global catalog are
faster because they do not involve referrals to different domain controllers.
The global catalog is a distributed data repository that contains a searchable,
partial representation of every object in every domain in a multidomain Active
Directory forest. The global catalog is stored on domain controllers that have
been designated as global catalog servers and is distributed through
multimaster replication. Searches that are directed to the global catalog are
faster because they do not involve referrals to different domain controllers.
Q; What is active directory?
Active directory is a domain controller which
is use to authenticate and administrate the group of computer, user, server
etc. remotely. All the policies and security will be applicable on the client
machine which one is join the domain. And all this policies and security is
defined in active directory.
Active directory is a domain controller which
is use to authenticate and administrate the group of computer, user, server
etc. remotely. All the policies and security will be applicable on the client
machine which one is join the domain. And all this policies and security is
defined in active directory.
Q 4: Where is the AD database held? What other
folders are related to AD?
folders are related to AD?
A 4: The AD data base is store in NTDS.DIT file
Q 5: What is the SYSVOL folder?
A 5; The sysVOL folder stores the server’s copy of the domain’s public files.
The contents such as group policy, users etc of the sysvol folder are
replicated to all domain controllers in the domain.
A 5; The sysVOL folder stores the server’s copy of the domain’s public files.
The contents such as group policy, users etc of the sysvol folder are
replicated to all domain controllers in the domain.
Q 19: What is the ISTG? Who has that role by
default?
default?
A 19: Windows 2000 Domain controllers each
create Active Directory Replication connection objects representing inbound
replication from intra-site replication partners. For inter-site replication,
one domain controller per site has the responsibility of evaluating the
inter-site replication topology and creating Active Directory Replication
Connection objects for appropriate bridgehead servers within its site. The
domain controller in each site that owns this role is referred to as the
Inter-Site Topology Generator (ISTG).
create Active Directory Replication connection objects representing inbound
replication from intra-site replication partners. For inter-site replication,
one domain controller per site has the responsibility of evaluating the
inter-site replication topology and creating Active Directory Replication
Connection objects for appropriate bridgehead servers within its site. The
domain controller in each site that owns this role is referred to as the
Inter-Site Topology Generator (ISTG).
Q: 15 What is LDP? What is REPLMON? What is
ADSIEDIT? What is NETDOM? What is REPADMIN?
A 15: LDP: Label Distribution Protocol (LDP) is
often used to establish MPLS LSPs when traffic engineering is not required. It
establishes LSPs that follow the existing IP routing, and is particularly well
suited for establishing a full mesh of LSPs between all of the routers on the
network.
ADSIEDIT? What is NETDOM? What is REPADMIN?
A 15: LDP: Label Distribution Protocol (LDP) is
often used to establish MPLS LSPs when traffic engineering is not required. It
establishes LSPs that follow the existing IP routing, and is particularly well
suited for establishing a full mesh of LSPs between all of the routers on the
network.
Replmon: Replmon displays information about
Active Directory Replication.
Active Directory Replication.
ADSIEDIT: ADSIEdit is a Microsoft Management
Console (MMC) snap-in that acts as a low-level editor for Active Directory. It
is a Graphical User Interface (GUI) tool. Network administrators can use it for
common administrative tasks such as adding, deleting, and moving objects with a
directory service. The attributes for each object can be edited or deleted by
using this tool. ADSIEdit uses the ADSI application programming interfaces
(APIs) to access Active Directory. The following are the required files for
using this tool: ADSIEDIT.DLL
Console (MMC) snap-in that acts as a low-level editor for Active Directory. It
is a Graphical User Interface (GUI) tool. Network administrators can use it for
common administrative tasks such as adding, deleting, and moving objects with a
directory service. The attributes for each object can be edited or deleted by
using this tool. ADSIEdit uses the ADSI application programming interfaces
(APIs) to access Active Directory. The following are the required files for
using this tool: ADSIEDIT.DLL
ADSIEDIT.MSCNETDOM: NETDOM is a command-line
tool that allows management of Windows domains and trust relationships. It is
used for batch management of trusts, joining computers to domains, verifying
trusts, and secure channels.
tool that allows management of Windows domains and trust relationships. It is
used for batch management of trusts, joining computers to domains, verifying
trusts, and secure channels.
REPADMIN:
This command-line tool assists administrators in diagnosing replication
problems between Windows domain controllers. Administrators can use Repadmin to
view the replication topology (sometimes referred to as RepsFrom and RepsTo) as
seen from the perspective of each domain controller. In addition, Repadmin can
be used to manually create the replication topology (although in normal
practice this should not be necessary), to force replication events between
domain controllers, and to view both the replication metadata and
up-to-datedness vectors.
This command-line tool assists administrators in diagnosing replication
problems between Windows domain controllers. Administrators can use Repadmin to
view the replication topology (sometimes referred to as RepsFrom and RepsTo) as
seen from the perspective of each domain controller. In addition, Repadmin can
be used to manually create the replication topology (although in normal
practice this should not be necessary), to force replication events between
domain controllers, and to view both the replication metadata and
up-to-datedness vectors.
Q 36: How to take the backup of AD?
A 36 : for taking backup of active directory you have to do this :
first go to START -> PROGRAM ->ACCESORIES -> SYSTEM TOOLS ->
BACKUP
when the backup screen is flash then take the backup of SYSTEM STATE it will
take the backup of all the necessary information about the system including AD
backup , DNS ETC.
A 36 : for taking backup of active directory you have to do this :
first go to START -> PROGRAM ->ACCESORIES -> SYSTEM TOOLS ->
BACKUP
when the backup screen is flash then take the backup of SYSTEM STATE it will
take the backup of all the necessary information about the system including AD
backup , DNS ETC.
Q 37: how to restore the AD?
A 37: For this do the same as above in the
question 36 but in place of backup you select the restore option and restore
the system state.
A 37: For this do the same as above in the
question 36 but in place of backup you select the restore option and restore
the system state.
Q 19: What is the ISTG? Who has that role by
default?
A 19: Inter-Site Topology Generator (istg) is responsible for
managing the inbound replication connection objects for all bridgehead servers
in the site in which it is located. This domain controller is known as the
Inter-Site Topology Generator (ISTG). The domain controller holding this role
may not necessarily also is a bridgehead server.
default?
A 19: Inter-Site Topology Generator (istg) is responsible for
managing the inbound replication connection objects for all bridgehead servers
in the site in which it is located. This domain controller is known as the
Inter-Site Topology Generator (ISTG). The domain controller holding this role
may not necessarily also is a bridgehead server.
Q 29: What are the DS* commands
A 29: You really are spoilt for choice when it
comes to scripting tools for creating Active Directory objects. In
addition to CSVDE, LDIFDE and VBScript, we now have the following DS commands:
the da family built in utility DSmod – modify Active Directory attributesDSrm –
to delete Active Directory objectsDSmove – to relocate objectsDSadd – create
new accountsDSquery – to find objects that match your query attributesDSget – list the properties of an object
comes to scripting tools for creating Active Directory objects. In
addition to CSVDE, LDIFDE and VBScript, we now have the following DS commands:
the da family built in utility DSmod – modify Active Directory attributesDSrm –
to delete Active Directory objectsDSmove – to relocate objectsDSadd – create
new accountsDSquery – to find objects that match your query attributesDSget – list the properties of an object
Q 30 :What’s the difference between LDIFDE and
CSVDE? Usage considerations?
A 30 : CSVDE is a command that can be used to import and export objects to and
from the AD into a CSV-formatted file. A CSV (Comma Separated Value) file is a
file easily readable in Excel. I will not go to length into this powerful
command, but I will show you some basic samples of how to import a large number
of users into your AD. Of course, as with the DSADD command, CSVDE can do more
than just import users. Consult your help file for more info.
Like CSVDE, LDIFDE is a command that can be used to import and export objects
to and from the AD into a LDIF-formatted file. A LDIF (LDAP Data Interchange
Format) file is a file easily readable in any text editor, however it is not
readable in programs like Excel. The major difference between CSVDE and LDIFDE
(besides the file format) is the fact that LDIFDE can be used to edit and
delete existing AD objects (not just users), while CSVDE can only import and
export objects.
CSVDE? Usage considerations?
A 30 : CSVDE is a command that can be used to import and export objects to and
from the AD into a CSV-formatted file. A CSV (Comma Separated Value) file is a
file easily readable in Excel. I will not go to length into this powerful
command, but I will show you some basic samples of how to import a large number
of users into your AD. Of course, as with the DSADD command, CSVDE can do more
than just import users. Consult your help file for more info.
Like CSVDE, LDIFDE is a command that can be used to import and export objects
to and from the AD into a LDIF-formatted file. A LDIF (LDAP Data Interchange
Format) file is a file easily readable in any text editor, however it is not
readable in programs like Excel. The major difference between CSVDE and LDIFDE
(besides the file format) is the fact that LDIFDE can be used to edit and
delete existing AD objects (not just users), while CSVDE can only import and
export objects.
Q 25 : What is tombstone lifetime attribute?
A 25 : The number of days before a deleted
object is removed from the directory services. This assists in removing objects
from replicated servers and preventing restores from reintroducing a deleted
object. This value is in the Directory Service object in the configuration NIC.
object is removed from the directory services. This assists in removing objects
from replicated servers and preventing restores from reintroducing a deleted
object. This value is in the Directory Service object in the configuration NIC.
You want to standardize the desktop
environments (wallpaper, My Documents, Start menu, printers etc.) on the
computers in one department. How would you do that? How it is possible
environments (wallpaper, My Documents, Start menu, printers etc.) on the
computers in one department. How would you do that? How it is possible
(20)What are the requirements for
installing AD on a new server?
Ans:1)The Domain structure2)The Domain Name3)storage location of the database
and log file4)Location of the shared system volume folder5)DNS config
Methode6)DNS configuration
installing AD on a new server?
Ans:1)The Domain structure2)The Domain Name3)storage location of the database
and log file4)Location of the shared system volume folder5)DNS config
Methode6)DNS configuration
7. What are application partitions? When do I
use them.
use them.
Ans: AN application directory partition is a
directory partition that is replicated only to specific domain controller. Only
domain controller running windows Server 2003 can host a replica of application
directory partition.
directory partition that is replicated only to specific domain controller. Only
domain controller running windows Server 2003 can host a replica of application
directory partition.
Using an application directory partition
provides redundancy, availability or fault tolerance by replicating data to
specific domain controller pr any set of domain controllers anywhere in the
forest
provides redundancy, availability or fault tolerance by replicating data to
specific domain controller pr any set of domain controllers anywhere in the
forest
Q:You want to standardize the desktop
environments (wallpaper, My Documents, Start menu, printers etc.) on the
computers in one department. How would you do that? How it is possible.
environments (wallpaper, My Documents, Start menu, printers etc.) on the
computers in one department. How would you do that? How it is possible.
Ans:Login on client as Domain Admin user change
whatever you need add printers etc go to system-User profiles copy this user
profile to any location by select Everyone in permitted to use after copy
change ntuser.dat to ntuser.man and assign this path under user profile
whatever you need add printers etc go to system-User profiles copy this user
profile to any location by select Everyone in permitted to use after copy
change ntuser.dat to ntuser.man and assign this path under user profile
Q. 8. How do you create a new application
partition
partition
ANS:Use the DnsCmd command to create an
application directory partition. To do this, use the following syntax:
DnsCmd ServerName /CreateDirectoryPartition FQDN of partition
application directory partition. To do this, use the following syntax:
DnsCmd ServerName /CreateDirectoryPartition FQDN of partition
Global catalog provides a central repository of
domain information for the forest by storing partial replicas of all domain
directory partitions. These partial replicas are distributed by multimaster
replication to all global catalog servers in a forest.
Its also used in universal global membership.
domain information for the forest by storing partial replicas of all domain
directory partitions. These partial replicas are distributed by multimaster
replication to all global catalog servers in a forest.
Its also used in universal global membership.
How do you view all the GCs in the forest?
Ans: C:\>repadmin /showreps
where domain_controller is the DC you want to query to determine whether it’s a
GC. The output will include the text DSA Options: IS_GC if the DC is a GC. . .
.
where domain_controller is the DC you want to query to determine whether it’s a
GC. The output will include the text DSA Options: IS_GC if the DC is a GC. . .
.
Trying to look at the Schema, how can I do that
Ans: type “adsiedit.msc” in run or command
prompt
prompt
Q. Can you connect Active Directory to other
3rd-party Directory Services? Name a few options.
3rd-party Directory Services? Name a few options.
Ans. Yes, you can use dirXML or LDAP to connect
to other directories In Novell you can use E-directory
to other directories In Novell you can use E-directory
PAGE FILE AND VIRTUAL MEMORY
Page File Is Storage Space For The Virtual
Memory, Page File Uses Hard Disk Space As a Memory To Provide Memory
Allocation..
Memory, Page File Uses Hard Disk Space As a Memory To Provide Memory
Allocation..
DIFFERENCE BETWEEN DNS IN WINDOWS2000 &
WINDOWS2003
WINDOWS2003
We can rename or moved the domain name without rebulding in windows 2003
server,but in windows 2000 server, we can’t do that.
server,but in windows 2000 server, we can’t do that.
Shadow copy feature available in windows2003 server but not in windows2000 server.A
new tools to recover files.
new tools to recover files.
There are 220 new group polices are added in windows2003 server over
windows2000 server.
windows2000 server.
In windows2000 server support maximum 10 users access shared folders at a
time through network, but windows2003 server no limitation.
time through network, but windows2003 server no limitation.
Windows 2003 server includes IIS in it.
1.
Describe how the DHCP lease is obtained.
It’s a four-step process consisting of (a) IP request, (b) IP offer, © IP
selection and (d) acknowledgement.
Describe how the DHCP lease is obtained.
It’s a four-step process consisting of (a) IP request, (b) IP offer, © IP
selection and (d) acknowledgement.
2.
I can’t seem to access the Internet, don’t have
any access to the corporate network and on ipconfig my address is 169.254.*.*.
What happened?
The 169.254.*.* netmask is assigned to Windows
machines running 98/2000/XP if the DHCP server is not available. The name for
the technology is APIPA (Automatic Private Internet Protocol Addressing).
I can’t seem to access the Internet, don’t have
any access to the corporate network and on ipconfig my address is 169.254.*.*.
What happened?
The 169.254.*.* netmask is assigned to Windows
machines running 98/2000/XP if the DHCP server is not available. The name for
the technology is APIPA (Automatic Private Internet Protocol Addressing).
3.
We’ve installed a new Windows-based DHCP
server, however, the users do not seem to be getting DHCP leases off of it. The server must be
We’ve installed a new Windows-based DHCP
server, however, the users do not seem to be getting DHCP leases off of it. The server must be
authorized
first with the Active Directory.
first with the Active Directory.
4.
How can you force the client to give up the
dhcp lease if you have access to the client PC?
ipconfig /release
How can you force the client to give up the
dhcp lease if you have access to the client PC?
ipconfig /release
5.
What authentication options do Windows 2000
Servers have for remote clients?
PAP, SPAP, CHAP, MS-CHAP and EAP.
What authentication options do Windows 2000
Servers have for remote clients?
PAP, SPAP, CHAP, MS-CHAP and EAP.
6.
What are the networking protocol options for
the Windows clients if for some reason you do not want to use TCP/IP? NWLink (Novell), NetBEUI, AppleTalk (Apple).
What are the networking protocol options for
the Windows clients if for some reason you do not want to use TCP/IP? NWLink (Novell), NetBEUI, AppleTalk (Apple).
7.
What is data link layer in the OSI reference
model responsible for? Data link layer is located above the physical layer, but
below the network
What is data link layer in the OSI reference
model responsible for? Data link layer is located above the physical layer, but
below the network
layer.
Taking raw data bits and packaging them into frames. The network layer will be
responsible for addressing the frames, while the physical layer is reponsible
for retrieving and sending raw data bits.
Taking raw data bits and packaging them into frames. The network layer will be
responsible for addressing the frames, while the physical layer is reponsible
for retrieving and sending raw data bits.
8.
What is binding order?
The order by which the network protocols are
used for client-server communications. The most frequently used protocols
should be at the top.
What is binding order?
The order by which the network protocols are
used for client-server communications. The most frequently used protocols
should be at the top.
9.
How do cryptography-based keys ensure the
validity of data transferred across the network?
How do cryptography-based keys ensure the
validity of data transferred across the network?
Each IP
packet is assigned a checksum, so if the checksums do not match on both
receiving and transmitting ends, the data was modified or corrupted.
packet is assigned a checksum, so if the checksums do not match on both
receiving and transmitting ends, the data was modified or corrupted.
10.
Should we deploy IPSEC-based security or
certificate-based security?
Should we deploy IPSEC-based security or
certificate-based security?
They are
really two different technologies. IPSec secures the TCP/IP communication and
protects the integrity of the packets. Certificate-based security ensures the
validity of authenticated clients and servers.
really two different technologies. IPSec secures the TCP/IP communication and
protects the integrity of the packets. Certificate-based security ensures the
validity of authenticated clients and servers.
11.
What is LMHOSTS file?
It’s a file stored on a host machine that is
used to resolve NetBIOS to specific IP addresses.
What is LMHOSTS file?
It’s a file stored on a host machine that is
used to resolve NetBIOS to specific IP addresses.
12.
What’s the difference between forward lookup
and reverse looku
What’s the difference between forward lookup
and reverse looku
DNS?
Forward lookup is name-to-address, the reverse lookup is address-to-name.
Forward lookup is name-to-address, the reverse lookup is address-to-name.
13.
How can you recover a file encrypted using EFS?
Use the domain recovery agent.
How can you recover a file encrypted using EFS?
Use the domain recovery agent.
1.
How do you double-boot a Win 2003 server box? The Boot.ini file is set as read-only, system, and hidden to prevent
unwanted editing. To change the Boot.ini timeout and default settings, use the
System option in Control Panel from the Advanced tab and select Startup.
How do you double-boot a Win 2003 server box? The Boot.ini file is set as read-only, system, and hidden to prevent
unwanted editing. To change the Boot.ini timeout and default settings, use the
System option in Control Panel from the Advanced tab and select Startup.
2.
What do you do if earlier application doesn’t
run on Windows Server
What do you do if earlier application doesn’t
run on Windows Server
2003?
When an
application that ran on an earlier legacy version of Windows cannot be loaded
during the setup function or if it later malfunctions, you must run the
compatibility mode function. This is accomplished by right-clicking the
application or setup program and selecting Properties –> Compatibility –>
selecting the previously supported operating system.
application that ran on an earlier legacy version of Windows cannot be loaded
during the setup function or if it later malfunctions, you must run the
compatibility mode function. This is accomplished by right-clicking the
application or setup program and selecting Properties –> Compatibility –>
selecting the previously supported operating system.
3.
If you uninstall Windows Server 2003,
which operating systems can you revert to? Win ME,
Win 98, 2000, XP. Note, however, that you cannot upgrade from ME and 98 to
Windows Server 2003.
If you uninstall Windows Server 2003,
which operating systems can you revert to? Win ME,
Win 98, 2000, XP. Note, however, that you cannot upgrade from ME and 98 to
Windows Server 2003.
4.
How do you get to Internet Firewall settings? Start –> Control Panel –>
How do you get to Internet Firewall settings? Start –> Control Panel –>
Network
and Internet Connections –> Network Connections.
and Internet Connections –> Network Connections.
5.
What are the Windows Server 2003 keyboard shortcuts?
What are the Windows Server 2003 keyboard shortcuts?
Winkey
opens or closes the Start menu. Winkey + BREAK displays the System
opens or closes the Start menu. Winkey + BREAK displays the System
Properties
dialog box. Winkey + TAB moves the focus to the next application in the
taskbar. Winkey + SHIFT + TAB moves the focus to the previous application in
the askbar. Winkey + B moves the focus to the notification area. Winkey + D
shows the desktop. Winkey + E opens Windows Explorer showing My Computer.
Winkey + F opens the Search panel. Winkey + CTRL + F opens the Search panel
with Search for Computers module selected. Winkey + F1 opens Help. Winkey + M
minimizes all. Winkey + SHIFT+ M undoes minimization. Winkey + R opens Run
dialog. Winkey + U opens the Utility Manager. Winkey + L locks the computer.
dialog box. Winkey + TAB moves the focus to the next application in the
taskbar. Winkey + SHIFT + TAB moves the focus to the previous application in
the askbar. Winkey + B moves the focus to the notification area. Winkey + D
shows the desktop. Winkey + E opens Windows Explorer showing My Computer.
Winkey + F opens the Search panel. Winkey + CTRL + F opens the Search panel
with Search for Computers module selected. Winkey + F1 opens Help. Winkey + M
minimizes all. Winkey + SHIFT+ M undoes minimization. Winkey + R opens Run
dialog. Winkey + U opens the Utility Manager. Winkey + L locks the computer.
6.
What is Active Directory? Active Directory is a network-based object store and
What is Active Directory? Active Directory is a network-based object store and
service
that locates and manages resources, and makes these resources available to
authorized users and groups. An underlying principle of the Active Directory is
that
that locates and manages resources, and makes these resources available to
authorized users and groups. An underlying principle of the Active Directory is
that
everything is considered an object—people, servers,
workstations, printers, documents, and devices. Each object has certain
attributes and its own security access control list (ACL).
workstations, printers, documents, and devices. Each object has certain
attributes and its own security access control list (ACL).
7.
Where are the Windows NT Primary Domain
Controller (PDC) and its Backup Domain Controller (BDC) in Server 2003? The Active Directory replaces them. Now all domain controllers share a
multimaster peer-to-peer read and write relationship that hosts copies of the
Active Directory.
Where are the Windows NT Primary Domain
Controller (PDC) and its Backup Domain Controller (BDC) in Server 2003? The Active Directory replaces them. Now all domain controllers share a
multimaster peer-to-peer read and write relationship that hosts copies of the
Active Directory.
8.
How long does it take for security changes to
be replicated among the domain controllers?
Security-related modifications are replicated within a site immediately. These
changes include account and individual user lockout policies, changes to
password policies, changes to computer account passwords, and
How long does it take for security changes to
be replicated among the domain controllers?
Security-related modifications are replicated within a site immediately. These
changes include account and individual user lockout policies, changes to
password policies, changes to computer account passwords, and
modifications
to the Local Security Authority (LSA).
to the Local Security Authority (LSA).
9.
What’s new in Windows Server 2003 regarding the
DNS management? When DC promotion occurs with an existing
forest, the Active Directory Installation
What’s new in Windows Server 2003 regarding the
DNS management? When DC promotion occurs with an existing
forest, the Active Directory Installation
Wizard contacts an existing DC to update the
directory and replicate from the DC the required portions of the directory. If
the wizard fails to locate a DC, it performs debugging and reports what caused
the failure and how to fix the problem. In order to be located on a network,
every DC must register in DNS DC locator DNS records. The Active Directory
Installation Wizard verifies a proper configuration of the DNS infrastructure.
All DNS configuration debugging and reporting activity is done with the Active
Directory Installation Wizard.
directory and replicate from the DC the required portions of the directory. If
the wizard fails to locate a DC, it performs debugging and reports what caused
the failure and how to fix the problem. In order to be located on a network,
every DC must register in DNS DC locator DNS records. The Active Directory
Installation Wizard verifies a proper configuration of the DNS infrastructure.
All DNS configuration debugging and reporting activity is done with the Active
Directory Installation Wizard.
10.
When should you create a forest? Organizations that operate on radically
When should you create a forest? Organizations that operate on radically
different
bases may require separate trees with distinct namespaces. Unique trade or
bases may require separate trees with distinct namespaces. Unique trade or
brand
names often give rise to separate DNS identities. Organizations merge or are
acquired and naming continuity is desired. Organizations form partnerships and
joint
names often give rise to separate DNS identities. Organizations merge or are
acquired and naming continuity is desired. Organizations form partnerships and
joint
ventures.
While access to common resources is desired, a separately defined tree can
enforce more direct administrative and security restrictions.
While access to common resources is desired, a separately defined tree can
enforce more direct administrative and security restrictions.
11.
How can you authenticate between forests? Four types of authentication
How can you authenticate between forests? Four types of authentication
are used
across forests: (1) Kerberos and NTLM network logon for remote access to a
server in another forest; (2) Kerberos and NTLM interactive logon for physical
logon outside the user’s home forest; (3) Kerberos delegation to N-tier
application in another
across forests: (1) Kerberos and NTLM network logon for remote access to a
server in another forest; (2) Kerberos and NTLM interactive logon for physical
logon outside the user’s home forest; (3) Kerberos delegation to N-tier
application in another
forest;
and (4) user principal name (UPN) credentials
and (4) user principal name (UPN) credentials
12.
What snap-in administrative tools are available
for Active Directory? Active Directory Domains and Trusts Manager,
Active Directory Sites and Services Manager, Active Directory Users and Group
Manager, Active Directory Replication
What snap-in administrative tools are available
for Active Directory? Active Directory Domains and Trusts Manager,
Active Directory Sites and Services Manager, Active Directory Users and Group
Manager, Active Directory Replication
(optional,
available from the Resource Kit), Active Directory Schema Manager (optional,
available from adminpak)
available from the Resource Kit), Active Directory Schema Manager (optional,
available from adminpak)
13.
What types of classes exist in Windows Server
2003 Active Directory?
What types of classes exist in Windows Server
2003 Active Directory?
1.
Structural class. The structural class is important to the system administrator in that it
is the only type from which new Active Directory objects are created.
Structural classes are developed from either the modification of an existing
structural type or the use of one or more abstract classes.
Structural class. The structural class is important to the system administrator in that it
is the only type from which new Active Directory objects are created.
Structural classes are developed from either the modification of an existing
structural type or the use of one or more abstract classes.
2.
Abstract class. Abstract classes are so named because they take the form of templates
that actually create other templates (abstracts) and structural and auxiliary
classes. Think of abstract classes as frameworks for the defining objects.
Abstract class. Abstract classes are so named because they take the form of templates
that actually create other templates (abstracts) and structural and auxiliary
classes. Think of abstract classes as frameworks for the defining objects.
3.
Auxiliary class. The auxiliary class is a list of attributes. Rather than apply numerous
attributes when creating a structural class, it provides a streamlined
alternative by applying a combination of attributes with a single include
action.
Auxiliary class. The auxiliary class is a list of attributes. Rather than apply numerous
attributes when creating a structural class, it provides a streamlined
alternative by applying a combination of attributes with a single include
action.
the 1988
X.500 specification was adopted. This type does not use the structural,
abstract, and auxiliary definitions, nor is it in common use for the
development of objects in Windows Server 2003 environments.
X.500 specification was adopted. This type does not use the structural,
abstract, and auxiliary definitions, nor is it in common use for the
development of objects in Windows Server 2003 environments.
14.
How do you delete a lingering object? Windows Server 2003 provides a command called Repadmin that provides the
ability to delete lingering objects in the
How do you delete a lingering object? Windows Server 2003 provides a command called Repadmin that provides the
ability to delete lingering objects in the
Active
Directory.
Directory.
1
5.
What is Global Catalog? The Global Catalog authenticates network user logons
What is Global Catalog? The Global Catalog authenticates network user logons
and fields inquiries about objects across a
forest or tree. Every domain has at least one
forest or tree. Every domain has at least one
GC that
is hosted on a domain controller. In Windows 2000, there was typically one GC
on every site in order to prevent user logon failures across the network.
is hosted on a domain controller. In Windows 2000, there was typically one GC
on every site in order to prevent user logon failures across the network.
16.
How is user account security established in
Windows Server 2003?
How is user account security established in
Windows Server 2003?
When an
account is created, it is given a unique access number known as a security
identifier (SID). Every group to which the user belongs has an associated SID.
The user and related group SIDs together form the user account’s security
token, which
account is created, it is given a unique access number known as a security
identifier (SID). Every group to which the user belongs has an associated SID.
The user and related group SIDs together form the user account’s security
token, which
determines
access levels to objects throughout the system and network. SIDs from the
security token are mapped to the access control list (ACL) of any object the
user attempts to access.
access levels to objects throughout the system and network. SIDs from the
security token are mapped to the access control list (ACL) of any object the
user attempts to access.
17.
If I delete a user and then create a new
account with the same username and password, would the SID and permissions stay
the same?
If I delete a user and then create a new
account with the same username and password, would the SID and permissions stay
the same?
No. If
you delete a user account and attempt to recreate it with the same user name
and password, the SID will be different.
you delete a user account and attempt to recreate it with the same user name
and password, the SID will be different.
18.
What do you do with secure sign-ons in an
organization with many
What do you do with secure sign-ons in an
organization with many
roaming
users? Credential Management feature of Windows
Server 2003 provides a consistent single sign-on experience for users. This can
be useful for roaming users who move between computer systems. The Credential
Management feature provides a secure store of user credentials that includes
passwords and X.509 certificates.
users? Credential Management feature of Windows
Server 2003 provides a consistent single sign-on experience for users. This can
be useful for roaming users who move between computer systems. The Credential
Management feature provides a secure store of user credentials that includes
passwords and X.509 certificates.
19.
Anything special you should do when adding a
user that has a Mac? “Save password as encrypted clear text” must
be selected on User Properties Account Tab Options, since the Macs only store
their passwords that way.
Anything special you should do when adding a
user that has a Mac? “Save password as encrypted clear text” must
be selected on User Properties Account Tab Options, since the Macs only store
their passwords that way.
20.
What remote access options does Windows Server
2003 support? Dial-in, VPN, dial-in with callback.
What remote access options does Windows Server
2003 support? Dial-in, VPN, dial-in with callback.
21.
Where are the documents and settings for the
roaming profile stored?
Where are the documents and settings for the
roaming profile stored?
All the
documents and environmental settings for the roaming user are stored locally on
the system, and, when the user logs off, all changes to the locally stored profile
are copied to the shared server folder. Therefore, the first time a roaming
user logs on to a new system the logon process may take some time, depending on
how large his profile folder is.
documents and environmental settings for the roaming user are stored locally on
the system, and, when the user logs off, all changes to the locally stored profile
are copied to the shared server folder. Therefore, the first time a roaming
user logs on to a new system the logon process may take some time, depending on
how large his profile folder is.
22.
Where are the settings for all the users stored
on a given machine?
Where are the settings for all the users stored
on a given machine?
\Document
and Settings\All Users
and Settings\All Users
23.
What languages can you use for log-on scripts? JavaScipt, VBScript, DOS batch files (.com, .bat, or even .exe)
What languages can you use for log-on scripts? JavaScipt, VBScript, DOS batch files (.com, .bat, or even .exe)
24.
What’s the difference between local, global and
universal groups?
What’s the difference between local, global and
universal groups?
Domain
local groups assign access permissions to global domain groups for local domain
resources. Global groups provide access to resources in other trusted domains.
local groups assign access permissions to global domain groups for local domain
resources. Global groups provide access to resources in other trusted domains.
Universal
groups grant access to resources in all trusted domains.
groups grant access to resources in all trusted domains.
25.
I am trying to create a new universal user
group. Why can’t I? Universal groups are allowed only in
native-mode Windows Server 2003 environments. Native mode requires that all
domain controllers be promoted to Windows Server 2003 Active Directory.
I am trying to create a new universal user
group. Why can’t I? Universal groups are allowed only in
native-mode Windows Server 2003 environments. Native mode requires that all
domain controllers be promoted to Windows Server 2003 Active Directory.
26.
What is LSDOU? It’s group policy inheritance model, where the policies are
What is LSDOU? It’s group policy inheritance model, where the policies are
applied
to Local machines, Sites, Domains and Organizational
Units.
to Local machines, Sites, Domains and Organizational
Units.
27.
Why doesn’t LSDOU work under Windows NT?
Why doesn’t LSDOU work under Windows NT?
If the NTConfig.pol file exist, it has the
highest priority among the numerous policies.
highest priority among the numerous policies.
28.
Where are group policies stored? %SystemRoot%System32\GroupPolicy
Where are group policies stored? %SystemRoot%System32\GroupPolicy
29.
What is GPT and GPC? Group policy template and group policy container.
What is GPT and GPC? Group policy template and group policy container.
30.
Where is GPT stored? %SystemRoot%\SYSVOL\sysvol\domainname\Policies\GUID
Where is GPT stored? %SystemRoot%\SYSVOL\sysvol\domainname\Policies\GUID
31.
You change the group policies, and now the
computer and user
You change the group policies, and now the
computer and user
settings
are in conflict. Which one has the highest priority? The computer
are in conflict. Which one has the highest priority? The computer
settings
take priority.
take priority.
3
2.
You want to set up remote installation
procedure, but do not want the
You want to set up remote installation
procedure, but do not want the
user to
gain access over it. What do you do?
gponame–> User Configuration–>
gain access over it. What do you do?
gponame–> User Configuration–>
Windows
Settings–> Remote Installation Services–> Choice Options is your friend.
Settings–> Remote Installation Services–> Choice Options is your friend.
33.
What’s contained in administrative template
conf.adm? Microsoft NetMeeting policies
What’s contained in administrative template
conf.adm? Microsoft NetMeeting policies
34.
How can you restrict running certain
applications on a machine? Via
How can you restrict running certain
applications on a machine? Via
group
policy, security settings for the group, then Software Restriction Policies.
policy, security settings for the group, then Software Restriction Policies.
35.
You need to automatically install an app, but
MSI file is not available.
You need to automatically install an app, but
MSI file is not available.
What do you do? A .zap text file can be used to add applications using the Software
Installer,
rather than the Windows Installer.
rather than the Windows Installer.
36.
What’s the difference between Software Installer
and Windows
What’s the difference between Software Installer
and Windows
installer? The former has fewer privileges and will probably require user
intervention. Plus, it uses .zap files.
intervention. Plus, it uses .zap files.
37.
What can be restricted on Windows Server 2003
that wasn’t there in
What can be restricted on Windows Server 2003
that wasn’t there in
previous
products? Group Policy in Windows Server 2003 determines
a users right to modify network and dial-up TCP/IP properties. Users may be
selectively restricted
products? Group Policy in Windows Server 2003 determines
a users right to modify network and dial-up TCP/IP properties. Users may be
selectively restricted
38.
How frequently is the client policy refreshed? 90 minutes give or take.
How frequently is the client policy refreshed? 90 minutes give or take.
39.
Where is secedit? It’s now gpupdate.
Where is secedit? It’s now gpupdate.
40.
You want to create a new group policy but do
not wish to inherit. Make sure you check Block inheritance
among the options when creating the policy.
You want to create a new group policy but do
not wish to inherit. Make sure you check Block inheritance
among the options when creating the policy.
41.
What is “tattooing” the Registry? The user can view and modify user
What is “tattooing” the Registry? The user can view and modify user
preferences
that are not stored in maintained portions of the Registry. If the group
that are not stored in maintained portions of the Registry. If the group
policy
is removed or changed, the user preference will persist in the Registry.
is removed or changed, the user preference will persist in the Registry.
42.
How do you fight tattooing in NT/2000 installations? You can’t.
How do you fight tattooing in NT/2000 installations? You can’t.
43.
How do you fight tattooing in 2003
installations? User Configuration –
How do you fight tattooing in 2003
installations? User Configuration –
Administrative
Templates – System – Group Policy – enable – Enforce Show Policies
Templates – System – Group Policy – enable – Enforce Show Policies
Only.
WHAT IS THE DIFFERENCE BETWEEN X86 AND I386
COMPUTER
COMPUTER
X86 Is A Hardware Architecture Used By Intel
Based CPU’s While I386 Is The File Folder Resides In Windows Installation CD,
Contains All The Necessary Windows
Based CPU’s While I386 Is The File Folder Resides In Windows Installation CD,
Contains All The Necessary Windows
Installation Files.
x86 refers to a popular set of instructions
most commonly used in processors from Intel, AMD, VIA, and others. It usually implies a binary
compatibility with the 32-bit instruction set of the 80386 (a.k.a. i386).
most commonly used in processors from Intel, AMD, VIA, and others. It usually implies a binary
compatibility with the 32-bit instruction set of the 80386 (a.k.a. i386).
i386 (as eluded to above) is the common name for the Intel386 (or 80386) based
PCs. It is sometimes emphasized as x86-32 (for 32-bit) and x86-64 (also
called x64 – for 64-bit).
INTERRUPT “TRAP” WHAT IS THIS TRAP?
There are two hinderances to a process.
Interrupt and trap.
Interrupt and trap.
Interrupt is when the process needs some I/O
services whereas trap occurs due to some fault or exception in the code.
services whereas trap occurs due to some fault or exception in the code.
How does multithreading take place on a
computer with a single CPU
computer with a single CPU
The operating system’s task scheduler allocates
execution time to multiple tasks.
execution time to multiple tasks.
Byquickly switching between executing tasks, it
creates the impression that tasks
creates the impression that tasks
executesequentially.
By quickly switching among executing tasks, it
creates the impression that the tasks
creates the impression that the tasks
execute simultaneously. If it didn’t
switch among the tasks, they would execute
switch among the tasks, they would execute
sequentially.
multi-threading has two forms, theory and
reality. In theory, multi-threading is suppose
reality. In theory, multi-threading is suppose
to be the same as “multi-tasking”
which means do two different task at the same time.
which means do two different task at the same time.
Not possible on a single CPU unless you
consider GPU and ALU which generally we do
consider GPU and ALU which generally we do
not (consider them). In reality,
multi-threading does more than create an illusion, it
multi-threading does more than create an illusion, it
allows computers to shut down a program in
infinite loop by creating another thread so
infinite loop by creating another thread so
CPU executes one iteration of the loop, switch
to the kill thread and terminates the loop. Multi-tasking was suppose to do
that but not as well handled.
to the kill thread and terminates the loop. Multi-tasking was suppose to do
that but not as well handled.
core, thats how multiple tasks are performed
simultaneously
simultaneously
what is the difference between blocking and
waiting state of process ?
waiting state of process ?
I think blocking state of a process is that
state when it reaches to that state cannot be
state when it reaches to that state cannot be
regained, but in case of wating state it can go
in blocked state or go in running state again. Overall blocked state will be
starvation state of a process.
in blocked state or go in running state again. Overall blocked state will be
starvation state of a process.
A “waiting” process has been loaded
into main memory and is waiting execution on a CPU.
into main memory and is waiting execution on a CPU.
When a process is “blocked” on a
resource (such as a file, a semaphore or a device), it
resource (such as a file, a semaphore or a device), it
will be removed from the CPU (as a blocked
process cannot continue execution) and will
process cannot continue execution) and will
be in the blocked state.
A blocking state is the state in which the
process is waiting for some operation to get
process is waiting for some operation to get
completed.It can be an I/O operaion,or some
Inter-Process-communication.
Inter-Process-communication.
The process cannot execute further without
these signals.
A waiting state is the state in which the process is ready to run but the processor is not idle.
When the operation on the blocked process complete, it will move in to the
waiting state.
these signals.
A waiting state is the state in which the process is ready to run but the processor is not idle.
When the operation on the blocked process complete, it will move in to the
waiting state.
A process is said to be in waiting state
when it is queuing in the main memory for its
when it is queuing in the main memory for its
turn to be executed. Whereas, the process
enters a blocked state in case of any
enters a blocked state in case of any
interrupt or due to unavailability of
resources. If it is no more in execution for a long time , it is
swapped out of main memory and called back when the requested resource
resources. If it is no more in execution for a long time , it is
swapped out of main memory and called back when the requested resource
is available.
Important point: A process cannot enter running state from blocked state. The
process first has to go to the waiting state
and then to running state.
I hope that answers the question.
and then to running state.
I hope that answers the question.
WHAT IS SUPERSCOP?
A superscope is an administrative feature of
DHCP servers running Windows
DHCP servers running Windows
Server 2003 that you can create and manage
through the DHCP console. Using a superscope, you can group multiple scopes as
a single administrative entity. With this
through the DHCP console. Using a superscope, you can group multiple scopes as
a single administrative entity. With this
feature, a DHCP server can:
LAN segment) where multiple logical IP
networks are used. When more than one logical IP
network is used on each physical subnet or network, such configurations are often
networks are used. When more than one logical IP
network is used on each physical subnet or network, such configurations are often
Support remote DHCP clients located on the far
side of DHCP and BOOTP relay agents (where the network on the far side of the
relay agent uses multinets).
side of DHCP and BOOTP relay agents (where the network on the far side of the
relay agent uses multinets).
THANKS FOR READING ANY QUERY PLZ
MAIL ME -RAMDIXIT20@GMAIL.COM
MAIL ME -RAMDIXIT20@GMAIL.COM
