Active directory Interview questions

1.  What is Active Directory ?

 Active Directory is a database which store a data base like your user information, computer information and also other network object info. It has capabilities to manage and administer the complete Network which connect with AD.

2.What is domain ?

A domain is a named collection of hosts and subdomains, registered with a unique name by the InterNIC.

3.What is domain controller ?

A Domain controller (DC) is a server that responds to security authentication requests (logging in, checking permissions, etc.) within the Windows Server domain. A domain is a concept introduced in Windows NT whereby a user may be granted access to a number of computer resources with the use of a single username and password combination

4.What is LDAP ?

Lightweight Directory Access Protocol LDAP is the industry standard directory access protocol, making Active Directory widely accessible to management and query applications. Active Directory supports LDAPv3 and LDAPv2.

5.What is KCC ?

KCC ( knowledge consistency checker ) is used to generate replication topology for inter site replication and for intra site replication with in a site replication traffic is done via remote procedure calls over ip, while between site it is done through either RPC or SMTP.

Windows Server 2008 Active Directory Interview Questions !

1.What is Active Directory ? 

Active Directory is a Meta Data. Active Directory is a data base which store a data base like your user information, computer information and also other network object info. It has capabilities to manage and administor the complite Network which connect with AD.

2. What is Active Directory Domain Services ?In Windows 2000 Server and Windows Server 2003, the directory service is named Active Directory. In Windows Server 2008 and Windows Server 2008 R2, the directory service is named Active Directory Domain Services (AD DS). The rest of this topic refers to AD DS, but the information is also applicable to Active Directory.

3.What is domain ?
A domain is a set of network resources (applications, printers, and so forth) for a group of users. The user need only to log in to the domain to gain access to the resources, which may be located on a number of different servers in the network. The 'domain' is simply your computer address not to confused with an URL. A domain address might look something like 211.170.469.

4.What is domain controller ?

A Domain controller (DC) is a server that responds to security authentication requests (logging in, checking permissions, etc.) within the Windows Server domain. A domain is a concept introduced in Windows NT whereby a user may be granted access to a number of computer resources with the use of a single username and password combination.

5.What is LDAP ? Lightweight Directory Access Protocol LDAP is the industry standard directory access protocol, making Active Directory widely accessible to management and query applications. Active Directory supports LDAPv3 and LDAPv2.

6.What is KCC ? KCC ( knowledge consistency checker ) is used to generate replication topology for inter site replication and for intrasite replication.with in a site replication traffic is done via remote procedure calls over ip, while between site it is done through either RPC or SMTP.

7.Where is the AD database held? What other folders are related to AD? The AD data base is store in c:\windows\ntds\NTDS.DIT.

8.What is the SYSVOL folder? The sysVOL folder stores the server's copy of the domain's public files. The contents such as group policy, users etc of the sysvol folder are replicated to all domain controllers in the domain.

9. What is the Netlogon folder use for? Sysvol is an important component of Active Directory. The Sysvol folder is shared on an NTFS volume on all the domain controllers in a particular domain. Sysvol is used to deliver the policy and logon scripts to domain members.

By default sysvol includes 2 folders,the scripts folder is shared with the name NETLOGON

1.Policies - (Default location - %SystemRoot%\Sysvol\Sysvol\domain_name\Policies)
2.Scripts - (Default lcation - %SystemRoot%\Sysvol\Sysvol\domain_name\Scripts)

10. What are the difference between Enterprise Admins and Domain Admins groups in AD ?  Enterprise Admins : Members of this group have full control of all domains in the forest. By default, this group is a member of the Administrators group on all domain controllers in the forest. By default, the Administrator account is a member of this group. Because this group has full control of the forest, add users with caution.

Domain Admins : Members of this group have full control of the domain. By default, this group is a member of the Administrators group on all domain controllers, all domain workstations, and all domain member servers at the time they are joined to the domain. By default, the Administrator account is a member of this group. Because the group has full control in the domain, add users with caution.

11.Where are the Windows NT Primary Domain Controller (PDC) and its Backup Domain Controller (BDC) in Server 2003 ?  The Active Directory replaces them. Now all domain controllers share a multimaster peer-to-peer read and write relationship that hosts copies of the Active Directory.

12.I am trying to create a new universal user group. Why can’t I ?
Universal groups are allowed only in native-mode Windows Server 2003 environments. Native mode requires that all domain controllers be promoted to Windows Server 2003 Active Directory.

13.What is LSDOU ?  It’s group policy inheritance model, where the policies are applied toLocal machines, Sites, Domains and Organizational Units.

14.Why doesn’t LSDOU work under Windows NT ?  If the NTConfig.pol file exist, it has the highest priority among the numerous policies.

15.What’s the number of permitted unsuccessful logons on Administrator account? Unlimited. Remember, though, that it’s the Administrator account, not any account that’s part of the Administrators group.

16. What’s the difference between guest accounts in Server 2003 and other editions?
 More restrictive in Windows Server 2003.

17. How many passwords by default are remembered when you check "Enforce Password History Remembered"?  User’s last 6 passwords.

18. Can GC Server and Infrastructure place in single server If not explain why ? No, As Infrastructure master does the same job as the GC. It does not work together.

19. Which is service in your windows is responsible for replication of Domain controller to another domain controller. KCC generates the replication topology.
Use SMTP / RPC to replicate changes.

20. What Intrasite and Intersite Replication ? Intrasite is the replication with in the same site & intersite the replication between sites.

21. What is lost & found folder in ADS ? It’s the folder where you can find the objects missed due to conflict.
Ex: you created a user in OU which is deleted in other DC & when replication happed ADS didn’t find the OU then it will put that in Lost & Found Folder.

22. What is Garbage collection ? Garbage collection is the process of the online defragmentation of active directory. It happens every 12 Hours.

23. What System State data contains ? Contains Startup files,
Registry
Com + Registration Database
Memory Page file
System files
AD information
Cluster Service information
SYSVOL Folder.