QA Windows Admin

  1. Difference between NT & 2000


NT SAM database is a flat database. Where as in windows 2000 active directory database is a hierarchical database.

In windows NT only PDC is having writable copy of SAM database but the BDC is only read only database. In case of Windows 2000 both DC and ADC is having write copy of the database

Windows NT will not support FAT32 file system. Windows 2000 supports FAT32

Default authentication protocol in NT is NTLM (NT LAN manager). In windows 2000 default authentication protocol is Kerberos V5.

Windows 2000 depends and Integrated with DNS. NT user Netbios names

Active Directory can be backed up easily with System state data


   2.     What is OS?


            An operating system (OS) is a software program that manages the hardware and software resources of a computer. The OS performs basic tasks, such as controlling and allocating memory, prioritizing the processing of instructions, controlling input and output devices, facilitating networking, and managing files.



  1. 3.     Difference between 2000 & 2003

Application Server mode is introduced in windows 2003

Possible to configure stub zones in windows 2003 DNS

Volume shadow copy services is introduced

Windows 2003 gives an option to replicate DNS data b/w all DNS servers in forest or All DNS servers in the domain.

Domain renaming is possible In 2003

Refer Question 1 for all Enhancements


  1. 4.    Difference between PDC & BDC

PDC contains a write copy of SAM database where as BDC contains read only copy of SAM database. It is not possible to reset a password or create objects with out PDC in Windows NT.


  1. 5.    Difference between DC & ADC

There is no difference between in DC and ADC both contains write copy of AD. Both can also handles FSMO roles (If transfers from DC to ADC). It is just for identification. Functionality wise there is no difference.


  1. 6.    Features of windows2003


Easier Deployment and Management

ADMT version 2.0—migrates password from NT4 to 2000 to 20003 or                  from 2000 to 2003

Domain Rename— supports changing Domain Name System and/or NetBios name

Schema Redefine— Allows deactivation of attributes and class definitions in the Active directory schema

AD/AM— Active directory in application mode is a new capability of AD that addresses certain deployment scenarios related to directory enabled applications

Group Policy Improvements—-introduced GPMC tool to manage group policy

UI—Enhanced User Interface

            Grater Security

                        Cross-forest Authentication

                        Cross-forest Authorization

                        Cross-certification Enhancements

                        IAS and Cross-forest authentication

                        Credential Manager

                        Software Restriction Policies

            Improved Performance and Dependability

                        Easier logon for remote offices

                        Group Membership replication enhancements

                        Application Directory Partitions

                        Install Replica from media

            Dependability Improvements— updated Inter-Site Topology  

           Generator  (ISTG) that scales better by supporting forests with a

           greater number of sites than Windows 2000.


            Volume shadow copy service

            NTFS journaling file system


            Improved CHDSK Performance

            Enhanced DFS and FRS

            Shadow copy of shared folders

            Enhanced folder redirection

            Remote document sharing (WEBDAV)


Fault-tolerant process architecture—– The IIS 6.0 fault-tolerant process architecture isolates Web sites and applications into self-contained units called application pools

Health Monitoring—- IIS 6.0 periodically checks the status of an application pool with automatic restart on failure of the Web sites and applications within that application pool, increasing application availability. IIS 6.0 protects the server, and other applications, by automatically disabling Web sites and applications that fail too often within a short amount of time


Automatic Process Recycling— IIS 6.0 automatically stops and restarts faulty Web sites and applications based on a flexible set of criteria, including CPU utilization and memory consumption, while queuing requests

Rapid-fail Protection—- If an application fails too often within a short amount of time, IIS 6.0 will automatically disable it and return a “503 Service Unavailable” error message to any new or queued requests to the application




        7.   NT 4.0 Boot files and 2000/2003?


            For all os required ntldr, boot.ini, bootsect.dos (if you want to boot to DOS on a multiple-boot computer),, and ntbootdd.sys (if you have a SCSI controller with the BIOS disabled).


8.what is domain, DC’s, Sites, OU’s, Trees, Forest, Child Domain,  

           Parent domain?


            Organizational units.You use these container objects to arrange other objects in a manner that supports your administrative purposes. By arranging objects by organizational unit, you make it easier to locate and manage objects. You can also delegate the authority to manage an organizational unit. Organizational units can be nested in other organizational units, which further simplify the management of objects.


Domains.The core functional units in the Active Directory logical structure, domains are a collection of administratively defined objects that share a common directory database, security policies, and trust relationships with other domains. Domains provide the following three functions:

•  An administrative boundary for objects

            •  A means of managing security for shared resources

•  A unit of replication for objects


Domain trees.Domains that are grouped together in hierarchical structures are called domain trees. When you add a second domain to a tree, it becomes a child of the tree root domain. The domain to which a child domain is attached is called the parent domain. A child domain may in turn have its own child domain.


Child Domain : The name of a child domain is combined with the name of its parent domain to form its own unique Domain Name System (DNS) name such as corp.nwtraders.msft. In this manner, a tree has a contiguous namespace.


Forests.A forest is a complete instance of Active Directory. It consists of one or more trees. In a single two-level tree, which is recommended for most organizations, all child domains are made children of the forest root domain to form one contiguous tree.


           Parent Domain: The first domain in the forest is called the forest root domain. The name of that domain refers to the forest, such as nwtraders.msft. By default, the information in Active Directory is shared only within the forest. This way, the forest is a security boundary for the information that is contained in the instance of Active Directory.




  1. 9.     Difference between FAT,NTFS & NTFSVersion5

NTFS Version 5 features

Encryption is possible

We can enable Disk Quotas

File compression is possible

Sparse files

Indexing Service

NTFS change journal


In FAT file system we can apply only share level security. File level protection is not possible. In NTFS we can apply both share level as well as file level security

NTFS supports large partition sizes than FAT file systems

NTFS supports long file names than FAT file systems


10.what are the different types of profiles in 2000

Local Profiles

Roaming profiles

Mandatory Profiles


11.what is the use of terminal services

           Terminal services can be used as Remote Administration mode to  

            Administer remotely as well as Application Server Mode to run the                

            application in one  server and users can login to that server to user that



12.   What is Active Directory and what is the use of it

Active directory is a directory service, which maintains the relation ship between resources and enabling them to work together. Because of AD hierarchal structure windows 2000 is more scalable, reliable. Active directory is derived from X.500 standards where information is stored is hierarchal tree like structure. Active directory depends on two Internet standards one is DNS and other is LDAP. Information in Active directory can be queried by using LDAP protocol


13.  what is the physical and logical structure of AD

Active directory physical structure is a hierarchal structure which fallows  Forests—Trees—Domains—Child Domains—Grand Child—etc

Active directory is logically divided into 3 partitions

1.Configuration partition 2. Schema Partition 3. Domain partition 4. Application Partition (only in windows 2003 not available in windows 2000)

Out of these Configuration, Schema partitions can be replicated between the domain controllers in the in the entire forest. Where as Domain partition can be replicated between the domain controllers in the same domain


      14. What is bridgehead server?


            Bridgehead servers are the contact point for the exchange of directory information between sites. A bridgehead server is a domain controller that has been either administratively assigned or automatically chosen to replicate changes collected from other domain controllers in the site to bridgehead servers in other sites.


      15. What is GC? (Global Catalog)


           Global catalog is a role, which maintains Indexes about objects. It contains full information of the objects in its own domain and partial information of the objects in other domains. Universal Group membership information will be stored in global catalog servers and replicate to all GC’s in the forest.


            The global catalog feature in Active Directory makes searching for resources across domains and forests transparent to the user. For example, if you search for all of the printers in a forest, a global catalog server processes the query in the global catalog and then returns the results. Without a global catalog server, this query would require a search of every domain in the forest.


Global Catalog is a repository of information that contains a subset of the attributes of all objects in Active Directory. Members of the Schema Admins group can change which attributes are stored in the global catalog, depending on an organization.s requirements. The attributes that are most frequently used in queries, such as a user.s first name, last name, and logon name.

1.  The information that is necessary to determine the location of any object in the directory.

2.   A default subset of attributes for each object type.

           3.  The access permissions for each object and attribute that is stored in the global catalog. If you search for an object that you do not have the appropriate permissions to view, the object will not appear in the search results. Access permissions ensure that users can find only objects to which they have been assigned access.






        If the Infrastructure master runs on a GC server it will stop updating object information because it does not contain any references to object that it does not hold . This is because GC server holds a partial replica of every object in the forest. As a result, cross domain object references in that domain will not update and a warning to that effect will be logged on that DC’s event log



     16. If the FSMO role Fails? what will happen?


      If the FMSO role fails we will not be able to append, create, changes in                

      the Domain controller. But the Active directory services will be available  

      for the existing users and etc


17. What is the process of user authentication (Kerberos V5) in windows  


 After giving logon credentials an encryption key will be generated which is used to encrypt the time stamp of the client machine. User name and encrypted timestamp information will be provided to domain controller for authentication. Then Domain controller based on the password information stored in AD for that user it decrypts the encrypted time stamp information. If produces time stamp matches to its time stamp. It will provide logon session key and Ticket granting ticket to client in an encryption format. Again client decrypts and if produced time stamp information is matching then it will use logon session key to logon to the domain. Ticket granting ticket will be used to generate service granting ticket when accessing network resources



18..what is the use of LDAP (X.500 standard?)

LDAP is a directory access protocol, which is used to exchange directory information from server to clients or from server to servers


19.what are the port numbers for Kerberos, LDAP and Global catalog

Kerberos – 88, LDAP – 389, Global Catalog – 3268


20.  Brief all the FSMO Roles

Domain Naming master and schema master are forest level roles. PDC emulator, Infrastructure master and RID master are Domain level roles;

First server in the forest performs all 5 roles by default. Later we can transfer the roles

Domain Naming Master: Domain naming master is responsible for maintaining the relation ship between the domains. With out this role it is not possible to add or remove any domain.

Schema Master: Schema contains set of classes and attributes. eg  User, computer, printer are the objects in AD which are having their own set of attributes.. Schema master is responsible for maintaining this schema. Changes to the schema will affect entire forest.

PDC Emulator: Server, which is performing this role, acts as a PDC in a mixed mode to synchronize directory information between windows 2000 DC to Windows NT BDC. Server, which is performing this role, will contain latest password information. This role is also responsible for time synchronization in the forest.

Infrastructure Master: It is responsible for managing group membership information in the domain. This role is responsible for updating DN when name or location of the object is modified.

RID Master: Server, which is performing this role, will provide pool of RID to other domain controllers in the domain. SID is the combination of SID and RID SID=SID+RID where SID is Security identifier common for all objects in the domain and RID is relative identifier unique for each object


21.. How to manually configure FSMO Roles to separate DC’s


Through MMC

We can configure Domain Naming Master role through Active directory domains and trusts

We can configure Schema Master role through Active Directory schema

Other Three roles we can configure by Active directory users and computers

Through command promt

By using command NTDSUTIL—type ROLES—type CONNECTIONS—CONNECT TO SERVER SERVERNAME where server name is the name of the domain controller that you want to assign role—- Type transfer role, where role is the role that you want to transfer. For a list of roles that you can transfer, type ? at the fsmo maintenance prompt, and then press ENTER, or see the list of roles at the start of this article. For example, to transfer the RID master role, type transfer rid master. The one exception is for the PDC emulator role, whose syntax is transfer pdc, not transfer pdc emulator.


22.. What is the difference between authoritative and non-authoritative restore

In authoritative restore, Objects that are restored will be replicated to all domain controllers in the domain. This can be used specifically when the entire OU is disturbed in all domain controllers or specifically restore a single object, which is disturbed in all DC’s

In non-authoritative restore, Restored directory information will be updated by other domain controllers based on the latest modification time.


23. what is Active Directory De-fragmentation

De-fragmentation of AD means separating used space and empty space created by deleted objects and reduces directory size (only in offline De-fragmentation)


24. Difference between online and offline de-fragmentation

Online De-fragmentation will be performed by garbage collection process, which runs for every 12 hours by default which separate used space and white space (white space is the space created because of object deletion in AD eg User) and improves the efficiency of AD when the domain controller up and running


Offline defragmentation can be done manually by taking domain controller into Restoration mode. We can only reduce the file size of directory database where as the efficiency will be same as in online defragmentation


25. What is tombstone period

Tombstones are nothing but objects marked for deletion. After deleting an object in AD the objects will not be deleted permanently. It will be remain 60 days by default (which can be configurable) it adds an entry as marked for deletion on the object and replicates to all DC’s. After 60 days object will be deleted permanently from all Dc’s.


           What is trusted and trusting domain?

The domain where the user account requesting access is located is referred to as the trusted domain

     The domain that contains a shared resource that a user account is trying        

 to access is referred to as the trusting domain


26. How to deploy the patches and what are the softwares used for this  


Using SUS (Software update services) server we can deploy patches to all clients in the network. We need to configure an option called “Synchronize with Microsoft software update server” option and schedule time to synchronize in server. We need to approve new update based on the requirement. Then approved update will be deployed to clients

We can configure clients by changing the registry manually or through Group policy by adding WUAU administrative template in group policy


27. What is Clustering. Briefly define & explain it

Clustering is a technology, which is used to provide High Availability for mission critical applications. We can configure cluster by installing MCS (Microsoft cluster service) component from Add remove programs, which can only available in Enterprise Edition and Data center edition.


In Windows we can configure two types of clusters


NLB (network load balancing) cluster for balancing load between servers. This cluster will not provide any high availability. Usually preferable at edge servers like web or proxy.

Server Cluster: This provides High availability by configuring active-active or active-passive cluster. In 2 node active-passive cluster one node will be active and one node will be stand by. When active server fails the application will FAILOVER to stand by server automatically. When the original server backs we need to FAILBACK the application


Quorum: A shared storage need to provide for all servers which keeps information about clustered application and session state and is useful in FAILOVER situation. This is very important if Quorum disk fails entire cluster will fails

Heartbeat: Heartbeat is a private connectivity between the servers in the cluster, which is used to identify the status of other servers in cluster.



28. Is it possible to rename the Domain name & how?

In Windows 2000 it is not possible. In windows 2003 it is possible. On Domain controller by going to MYCOMPUTER properties we can change


29. What are the different types of partitions present in AD

Active directory is divided into three partitions

Configuration Partition—replicates entire forest

Schema Partition—replicates entire forest

Domain Partition—replicate only in domain

Application Partition (Only in Windows 2003)


       30.How do u compact/repair the ADS db?

            Run the Esentutl utility by using the /d switch. Then Restart the Active Directory Services


            DESCRIPTION:  Performs off-line compaction of a database.

SYNTAX:  ESENTUTL /d <database name> [options]

PARAMETERS:  <database name> – filename of database to compact

            OPTIONS:  zero or more of the following switches, separated by a space:

                  /s<file>   – set streaming file name (default: NONE)

                  /t<db>     – set temp. database name (default: TEMPDFRG*.EDB)

                  /f<file>   – set temp. streaming file name

                               (default: TEMPDFRG*.STM)

                  /i         – do not defragment streaming file

                  /p         – preserve temporary database (ie. don’t instate)

                  /b<db>     – make backup copy under the specified name

                  /8         – set 8k database page size (default: auto-detect)

                  /o         – suppress logo

          NOTES:  1) If instating is disabled (ie. /p), the original database

                     is preserved uncompacted, and the temporary database will

                     contain the defragmented version of the database.



      31.What is System State Backup? How many files are there?


     System State data includes the following: boot files, including the system    

    files; files protected by Windows File Protection; the registry; performance     

    counter configuration information; and the component services class    

    registration database.


32. What are the (two) services required for replication

File Replication Service (FRS)

      Knowledge Consistency Checker (KCC)


33. What is ASR (Automated System Recovery) and how to implement it

ASR is a two-part system; it includes ASR backup and ASR restore. The ASR Wizard, located in Backup, does the backup portion. The wizard backs up the system state, system services, and all the disks that are associated with the operating system components. ASR also creates a file that contains information about the backup, the disk configurations (including basic and dynamic volumes), and how to perform a restore.

You can access the restore portion by pressing F2 when prompted in the text-mode portion of setup. ASR reads the disk configurations from the file that it creates. It restores all the disk signatures, volumes, and partitions on (at a minimum) the disks that you need to start the computer. ASR will try to restore all the disk configurations, but under some circumstances it might not be able to. ASR then installs a simple installation of Windows and automatically starts a restoration using the backup created by the ASR Wizard.


34. What are the different levels that we can apply Group Policy

We can apply group policy at SITE level—Domain Level—OU level


35. What is Domain Policy, Domain controller policy, Local policy and   

     Group  Policy?

Domain Policy will apply to all computers in the domain, because by default it will be associated with domain GPO, Where as Domain controller policy will be applied only on domain controller. By default domain controller security policy will be associated with domain controller GPO. Local policy will be applied to that particular machine only and effects to that computer only.





36. What is the use of SYSVOL folder

Policies and scripts saved in SYSVOL folder will be replicated to all domain controllers in the domain. FRS (File replication service) is responsible for replicating all policies and scripts


37. What is folder redirection?


Folder Redirection is a User group policy. Once you create the group policy and link it to the appropriate folder object, an administrator can designate which folders to redirect and where to do this, the administrator needs to navigate to the following location in the Group Policy Object:

User Configuration\Windows Settings\Folder Redirection

In the Properties of the folder, you can choose Basic or Advanced folder redirection, and you can designate the server file system path to which the thus allowing the system to dynamically create a newly redirected folder for each user to whom the policy object applies.


38. What different modes in windows 2003 (Mixed, native & intrim….etc)

Different Active Directory features are available at different functional levels. Raising domain and forest functional levels is required to enable certain new features as domain controllers are upgraded from Windows NT 4.0 and Windows 2000 to Windows Server 2003

Domain Functional Levels: Windows 2000 Mixed mode, Windows 2000 Native mode, Windows server 2003 and Windows server 2003 interim (  Only available when upgrades directly from Windows NT 4.0 to Windows 2003)

Forest Functional Levels: Windows 2000 and Windows 2003


39. Ipsec usage and difference window 2000 & 2003.


Microsoft doesn’t recommend Internet Protocol security (IPSec) network address translation (NAT) traversal (NAT-T) for Windows deployments that include VPN servers and that are located behind network address translators. When a server is behind a network address translator, and the server uses IPSec NAT-T, unintended side effects may occur because of the way that network address translators translate network traffic

If you put a server behind a network address translator, you may experience connection problems because clients that connect to the server over the Internet require a public IP address. To reach servers that are located behind network address translators from the Internet, static mappings must be configured on the network address translator. For example, to reach a Windows Server 2003-based computer that is behind a network address translator from the Internet, configure the network address translator with the following static network address translator mappings:


Public IP address/UDP port 500 to the server’s private IP address/UDP port 500.

Public IP address/UDP port 4500 to the server’s private IP address/UDP port 4500.

These mappings are required so that all Internet Key Exchange (IKE) and IPSec NAT-T traffic that is sent to the public address of the network address translator is automatically translated and forwarded to the Windows Server 2003-based computer


40. How to create application partition windows 2003 and its usage?

An application directory partition is a directory partition that is replicated only to specific domain controllers. A domain controller that participates in the replication of a particular application directory partition hosts a replica of that partition. Only domain controllers running Windows Server 2003 can host a replica of an application directory partition.

Applications and services can use application directory partitions to store application-specific data. Application directory partitions can contain any type of object, except security principals. TAPI is an example of a service that stores its application-specific data in an application directory partition.

Application directory partitions are usually created by the applications that will use them to store and replicate data. For testing and troubleshooting purposes, members of the Enterprise Admins group can manually create or manage application directory partitions using the Ntdsutil command-line tool


41. Is it possible to do implicit transitive forest to forest trust relation ship in windows  2003?

Implicit Transitive trust will not be possible in windows 2003. Between forests we can create explicit trust

Two-way trust

One-way: incoming

One-way: Outgoing


42. What is universal group membership cache in windows 2003.


Information is stored locally once this option is enabled and a user attempts to log on for the first time. The domain controller obtains the universal group membership for that user from a global catalog. Once the universal group membership information is obtained, it is cached on the domain controller for that site indefinitely and is periodically refreshed. The next time that user attempts to log on, the authenticating domain controller running Windows Server 2003 will obtain the universal group membership information from its local cache without the need to contact a global catalog.

By default, the universal group membership information contained in the cache of each domain controller will be refreshed every 8 hours.


43. GPMC & RSOP in windows 2003?

GPMC is tool which will be used for managing group policies and will display information like how many policies applied, on which OU’s the policies applied, What are the settings enabled in each policy, Who are the users effecting by these polices, who is managing these policies. GPMC will display all the above information.


RSOP provides details about all policy settings that are configured by an Administrator, including Administrative Templates, Folder Redirection, Internet Explorer Maintenance, Security Settings, Scripts, and Group Policy Software Installation.

When policies are applied on multiple levels (for example, site, domain, domain controller, and organizational unit), the results can conflict. RSoP can help you determine a set of applied policies and their precedence (the order in which policies are applied).



       44. What is GPO? where/when it can be possible to use this?


Group Policy Object (GPO) is a collection of settings that define what a system will look like and how it will behave for a defined group of users


The GPO is associated with selected Active Directory containers, such as sites, domains, or organizational units (OUs). The MMC allows you to create a GPO that defines registry-based polices, security options, software installation and maintenance options, scripts options, and folder redirection options.


Administrators need to be able to quickly modify Group Policy settings for multiple users and computers throughout a network environment


     The Group Policy Object Editor provides administrators with a hierarchical    tree structure for configuring Group Policy settings in GPOs. These GPOs can then be linked to sites, domains, and organizational units (OU) containing computer or user objects.



45. Assign & Publish the applications in GP & how?

Through Group policy you can Assign and Publish the applications by creating .msi package for that application

With Assign option you can apply policy for both user and computer. If it is applied to computer then the policy will apply to user who logs on to that computer. If it is applied on user it will apply where ever he logs on to the domain. It will be appear in Start menu—Programs. Once user click the shortcut or open any document having that extension then the application install into the local machine. If any application program files missing it will automatically repair.

With Publish option you can apply only on users. It will not install automatically when any application program files are corrupted or deleted.


46. How to use recovery console?

The Windows 2000 Recovery Console is a command-line console that you can start from the Windows 2000 Setup program. Using the Recovery Console, you can start and stop services, format drives, read and write data on a local drive (including drives formatted to use NTFS), and perform many other administrative tasks. The Recovery Console is particularly useful if you need to repair your system by copying a file from a floppy disk or CD-ROM to your hard drive, or if you need to reconfigure a service that is preventing your computer from starting properly. Because the Recovery Console is quite powerful, it should only be used by advanced users who have a thorough knowledge of Windows 2000. In addition, you must be an administrator to use the Recovery Console.


There are two ways to start the Recovery Console:

If you are unable to start your computer, you can run the Recovery Console from your Windows 2000 Setup disks or from the Windows 2000 Professional CD (if you can start your computer from your CD-ROM drive).

As an alternative, you can install the Recovery Console on your computer to make it available in case you are unable to restart Windows 2000. You can then select the Recovery Console option from the list of available operating systems



47. PPTP protocol for VPN in windows 2003?

Point-to-Point-Tunneling Protocol (PPTP) is a networking technology that supports multiprotocol virtual private networks (VPN), enableing remote users to access corporate networks securely across the Microsoft Windows NT® Workstation, Windows® 95, and Windows 98 operating systems and other point-to-point protocol (PPP)-enabled systems to dial into a local Internet service provider to connect securely to their corporate network through the Internet




48. what is DFS & its usage


DFS is a distributed file system used to provide common environment for users to access files and folders even when they are shared in different servers physically.

There are two types of DFS domain DFS and Stand alone DFS. We cannot provide redundancy for stand alone DFS in case of failure. Domain DFS is used in a domain environment which can be accessed by /domain name/root1 (root 1 is DFS root name). Stand alone DFS can be used in workgroup environment which can be accessed through /server name/root1 (root 1 is DFS root name). Both the cases we need to create DFS root ( Which appears like a shared folder for end users) and DFS links ( A logical link which is pointing to the server where the folder is physically shared)

The maximum number of Dfs roots per server is 1.

The maximum numbers of Dfs root replicas are 31.

The maximum number of Dfs roots per domain is unlimited.

The maximum number of Dfs links or shared folders in a Dfs root is 1,000


49. what is RIS and what are its requirements

RIS is a remote installation service, which is used to install operation system remotely.

Client requirements

PXE DHCP-based boot ROM version 1.00 or later NIC, or a network adapter that is supported by the RIS boot disk.

Should meet minimum operating system requirements

Software Requirements

Below network services must be active on RIS server or any server in the network

Domain Name System (DNS Service)

Dynamic Host Configuration Protocol (DHCP)

Active directory “Directory” service

50. What is recovery console

Recovery console is a utility used to recover the system when it is not booting properly or not at all booting. We can perform fallowing operations from recovery console

We can copy, rename, or replace operating system files and folders

Enable or disable service or device startup the next time that start computer

Repair the file system boot sector or the Master Boot Record

Create and format partitions on drives

51. what is the role responsible for time synchronization

PDC Emulator is responsible for time synchronization. Time synchronization is important because Kerberos authentication depends on time stamp information


52. What is a global catalog

Global catalog is a role, which maintains Indexes about objects. It contains full information of the objects in its own domain and partial information of the objects in other domains. Universal Group membership information will be stored in global catalog servers and replicate to all GC’s in the forest.


53. Brief explanation of RAID Levels

RAID 0 – Striping

RAID 1- Mirroring (minimum 2 HDD required)

RAID 5 – Striping With Parity (Minimum 3 HDD required)

RAID levels 1 and 5 only gives redundancy


54. what are the different types of trust relationships

Implicit Trusts

Explicit Trusts—NT to Win2k or Forest to Forest


55. What are the port numbers for FTP, Telnet, HTTP, DNS

FTP-21, Telnet – 23, HTTP-80, DNS-53, Kerberos-88, LDAP-389


56. what is the database files used for Active Directory



57. What is the location of AD Database

%System root%/NTDS/NTDS>DIT


58. What is the authentication protocol used in NT

NTLM (NT LAN Manager)


     59.What is NTDSUTIL,NSLOOKUP and where/when it can be use it?


Ntdsutil.exe is a command-line tool that provides management facilities for Active Directory. Use Ntdsutil to perform database maintenance of Active Directory, manage and control single master operations, remove metadata left behind by domain controllers that were removed from the network without being properly uninstalled, and create application directory partitions. The tool has a series of menus that allow you to move between different management tasks. This tool is intended to be used by experienced administrators. By default, Ntdsutil is installed in the systemroot\System32 folder and can be accessed at the command prompt.

Nslookup.exe is used to interactively query servers running a domain name service (DNS) application and for gathering address information about hosts in the network.






              and etc?


Dcdiag.exe: Domain Controller Diagnostic Toolis command-line tool analyzes the state of domain controllers in a forest or enterprise and reports any problems to assist in troubleshooting. As an end-user reporting program, DCDiag encapsulates detailed knowledge of how to identify abnormal behavior in the system.

DCDiag consists of a framework for executing tests and a series of tests to verify different functional areas of the system. This framework selects which domain controllers are tested according to scope directives from the user, such as enterprise, site, or single server.


Netdiag.exe Enhanced Error Messages when using the DSGetDC Test for Connectivity to Domain Controllers


61. What is subnetting and supernetting

Subnetting is the process of borrowing bits from the host portion of an address to provide bits for identifying additional sub-networks


Supernetting merges several smaller blocks of IP addresses (networks) that are continuous into one larger block of addresses. Borrowing network bits to combine several smaller networks into one larger network does supernetting



62. what is the protocol used for terminal services



63. what is the port number for RDP




     64. What is backup? define types of backup?


Daily:Backs up files that have changed since the last daily backup. If a file is modified on the same day as the backup, it will be backed up. The archive attribute of the files is not changed.


Incremental:Backs up files that have changed since the most recent full (normal) or incremental backup. If the archive attribute is present then it means the file has been modified – only files with this attribute are backed up. Once the file has been backed up, the archive attribute is cleared and only set once the data has been modified again.


Full (Normal):Backs up all files that have been selected, despite the archive attribute setting. Once the file has been backed up, the archive attribute is cleared until the file is modified. When the archive attribute is set again, it indicates that the file needs to be backed up.


Differential:  Backs up files that have changed since the last Full backup. If the archive attribute is present, it means that the data has been modified and files having this attribute set will be backed up. However, in this case the attribute is not cleared so as to allow other types of backups to take place on this data at a later stage.


     Copy:Backs up all files that have been selected, despite the archive attribute setting. The archive attribute is not changed, so that other types of backup can be performed on the same data.


      65. Have u using any Remote administration tools and explain it briefly?


1.         Add yourself to the Remote Desktop Users group for your     


2.         Require all members of the Remote Desktop Users group to log on with a strong password.

            3.         Install the latest version of Remote Desktop Connection.

            4.         Review general security considerations.

*           Restrict physical access to computers, especially domain      controllers, to trusted personnel

*           For administrative tasks, use the principle of least privilege

            Secure data on computers

*           Use strong passwords throughout your organization.

*           Do not download or run programs that come from untrusted sources

*           Keep virus scanners up to date

*           Keep all software patches up to date


          5.       Remote Administration    


Coordinate Remote Administration Tasks with Other Administrators

Remote Administration Is Not Application Serving

Configure the Remote Desktop Session to Disconnect When Connection is Broken

                        Configure Disconnect and Reset Timeouts

                        Avoid Tasks that Require Reboots

Avoid relying on Server Console Messages

Administrator Collaboration


Port 3389 is the only port you need to open. Windows will attempt to stream sound through User Datagram Protocol (UDP) first. If no port is available for UDP, sound will stream through a virtual channel in Remote Desktop Protocol, which uses port 3389.


      VNC   Port No 5900



  1. 66.   What is Authoritative and Non-Authoritative mode? And when/where it can  be possible to restore?


Backup Service restores Windows 2000/2003 System State in non-authoritative mode by             default. Use this default mode if you are restoring a Windows 2000 computer that is:

  • Not a domain controller.
  • Your only domain controller.
    • One of multiple domain controllers in your network, but following the restore, you  want the restored System State data (such as Active Directory Service) to be updated with newer data replicated from your other replicating domain controllers.


However, you may need to instead restore System State in authoritative mode. Use authoritative mode if you have multiple domain controllers and you need the restored System State data (such as Active Directory Service) to be replicated to your other domain controllers. For example, you may need to perform an authoritative restore if your replicated Active Directory objects were mistakenly deleted or modified and you want to restore them and have them replicated to your other domain controllers




      67. What is DNS & WINS

 DNS is a Domain Naming System, which resolves Host names to IP        

 addresses. It uses fully qualified domain names. DNS is a Internet standard used to resolve host names WINS is a Windows Internet Name Service, which resolves Netbios names to IP Address. This is proprietary for Windows


  68. Types of DNS Servers

   Primary DNS

   Secondary DNS

   Active Directory Integrated DNS


   Caching only DNS



69.What are the port numbers of DNS, GC, LDAP, SMTP, POP3, IMAP4,  



Port Number



TCP Port Service Multiplexer (TCPMUX)


Remote Job Entry (RJE)




Message Send Protocol (MSP)


FTP — Data


FTP — Control


SSH Remote Login Protocol




Simple Mail Transfer Protocol (SMTP)






Host Name Server (Nameserv)




Login Host Protocol (Login)


Domain Name System (DNS)


Trivial File Transfer Protocol (TFTP)


Gopher Services






X.400 Standard


SNA Gateway Access Server






Simple File Transfer Protocol (SFTP)


SQL Services


Newsgroup (NNTP) Network News Transfer Protocol


NetBIOS Name Service


NetBIOS Datagram Service


Interim Mail Access Protocol (IMAP)


NetBIOS Session Service


SQL Server




Border Gateway Protocol (BGP)


Gateway Access Control Protocol (GACP)


Internet Relay Chat (IRC)


Directory Location Service (DLS)


Lightweight Directory Access Protocol (LDAP)


Novell Netware over IP




Simple Network Paging Protocol (SNPP)




Apple QuickTime


DHCP Client


DHCP Server








Global Catalog over TCP port



   70.   Can i have all DNS Records?


            A, AAAA/IPv6, CNAME, MX, NS, PTR, SOA, SRV, TXT







IPv4 Address record. An IPv4 address for a host.



IPv6 Address record. An IPv6 address for a host. Current IETF recommendation for IPv6 forward-mapped zones.



Experimental. Forward mapping of IPv6 addresses. An IP address for a host within the zone.



Location of AFS servers. Experimental – special apps only.



Canonical Name. An alias name for a host.



Experimental. Delegation of reverse addresses (primarily IPv6).



DNSSEC.bis. DNS public key RR.



DNSSEC.bis. Delegated Signer RR.



Host Information – optional text data about a host.



ISDN address. Experimental = special applications only.



Public key associated with a DNS name.



Stores GPS data. Experimental – widely used.



Mail Exchanger. A preference value and the host name for a mail server/exchanger that will service this zone. RFC 974 defines valid names.



Naming Authority Pointer Record. Goss misnomer. General purpose definition of rule set to be used by applications e.g. VoIP



Name Server. Defines the authoritative name server(s) for the domain (defined by the SOA record) or the subdomain.



DNSSEC.bis. Next Secure record. Ssed to provide proof of non-existence of a name.



DNSSEC Next Domain record type. Obsolete use NSEC.



IP address (IPv4 or IPv6) to host. Used in reverse maps.



Information about responsible person. Experimental – special apps only.



DNSSEC.bis. Signed RRset.



Through-route binding. Experimental – special apps only.



Start of Authority. Defines the zone name, an e-mail contact and various time and refresh values applicable to the zone.



Defines services available in zone e.g. ldap, http etc..



DNSSEC. Signature – contains data authenticated in a secure DNS. RFC 2535.



Text information associated with a name. The SPF record is defined using a TXT record but is not (July 2004) an IETF RFC.



Well Known Services. Deprecated in favour of SRV.



X.25 address. Experimental – special apps only.




71. Difference between inter-site and intra-site replication. Protocols using for   replication.?


     Intra-site replication can be done between the domain controllers in the same   site. Inter-site replication can be done between two different sites over WAN links.

BHS (Bridge Head Servers) is responsible for initiating replication between the sites. Inter-site replication can be done B/w BHS in one site and BHS in another site.

We can use RPC over IP or SMTP as a replication protocols where as Domain partition is not possible to replicate using SMTP


72. what is TTL & how to set TTL time in DNS

TTL is Time to Live setting used for the amount of time that the record should remain in cache when name resolution happened.

We can set TTL in SOA (start of authority record) of DNS


73. How to take DNS and WINS,DHCP backup

%System root%/system32/dns

%System root%/system32/WINS

%System root%/system32/DHCP


74. What is SOA Record

SOA is a Start Of Authority record, which is a first record in DNS, which controls the startup behavior of DNS. We can configure TTL, refresh, and retry intervals in this record.


75 What is a Stub zone and what is the use of it.


      Stub zones are a new feature of DNS in Windows Server 2003 that can        be used to streamline name resolution, especially in a split namespace scenario. They also help reduce the amount of DNS traffic on your network, making DNS more efficient especially over slow WAN links.





76. If DHCP is not available what happens to the client

Client will not get IP and it cannot be participated in network . If  client already got the IP and having lease duration it use the IP till the lease duration expires.


77. what is the process of DHCP for getting the IP address to the client

There is a four way negotiation process b/w client and server

DHCP Discover (Initiated by client)

DHCP Offer (Initiated by server)

DHCP Select (Initiated by client)

DHCP Acknowledgement (Initiated by Server)

DHCP Negative Acknowledgement (Initiated by server if any issues after DHCP offer)


  1. 78.   what is the difference between Authorized DHCP and Non Authorized


To avoid problems in the network causing by mis-configured DHCP servers, server in windows 2000 must be validate by AD before starting service to clients. If an authorized DHCP finds any DHCP server in the network it stop serving the clients 


    79.what are the problems that are generally come across DHCP

Scope is full with IP addresses no IP’s available for new machines

If scope options are not configured properly eg default gateway

Incorrect creation of scopes etc


    80.What is APIPA and range?


Automatic Private IP Addressing (APIPA) feature that will automatically assign an Internet Protocol address to a computer on which it installed


IP addresses in the range of - for Automatic Private IP Addressing. And its subnet mask is



       81. What is Private IP Address and range?

  The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets (local networks): – – –




82. what are the monitoring tools used for Server and Network Heath. How to define alert mechanism

Spot Light , SNMP Need to enable


83 How to configure SNMP

SNMP can be configured by installing SNMP from Monitoring and Management tools from Add and Remove programs.

For SNMP programs to communicate we need to configure common community name for those machines where SNMP programs (eg DELL OPEN MANAGER) running. This can be configured from services.msc— SNMP service — Security


      84.What is the db name of the dhcp file and where it is stored?

                   a.  Dhcp.mdb is the database name of the DHCP.

            b.   %SystemRoot%\system32\dhcp\dhcp


       85. Can we configure Backup of DHCP server?


Backup of DHCP database


1.         In the console tree, click the applicable DHCP server.

            Where DHCP/applicable DHCP server

2.         On the Action menu, click Backup

3.         In the Browse For Folder dialog box, select the folder where you want to store the backup DHCP database, and then click OK.


         86.  What is superscope, scope and multiscope?


Scope: A range of IP addresses that the DHCP server can assign to clients that are on one subnet.


Superscope: A range of IP addresses that span several subnets. The DHCP server can assign these addresses to clients that are on several subnets.


      Multicast scope: A range of class D addresses from to that can be assigned to computers when they ask for    

        them.  A multicast group is assigned to one IP address. Multicasting can   

       be  used to send messages to a group of computers at the same time  

       with only one copy of the message. The Multicast Address Dynamic   

       Client Allocation Protocol (MADCAP) is used to request a multicast

        address from a DHCP



        87. What is Zone? ADS integrated Zone DB file name?


Stub zones can help reduce the amount of DNS traffic on your network by streamlining name resolution and zone replication.


Zones stored this way are located in .Dns files that are stored in the systemroot\System32\Dns folder on each computer operating a DNS server


  88.     What is Caching DNS?

But your request is one of thousands, even millions of requests being made at any one time across the Internet. The DNS lookup process requires that if your local DNS Server is not Authoritative for the domain that contains the domain name you are trying to reach, it should ask other Servers to get an answer. Your local Server could get quite busy performing these lookup requests, and this could slow down its performance if it is Authoritative for a domain name.

To combat this the answers that a DNS Server gets from another DNS Server can be added to their own internal Database and retained for a period of time equal to the time to live (ttl) value set on the record stored on the Authoritative DNS Server.

Storing these responses is called Caching, and allows a DNS Server to respond more quickly to multiple queries for the same domain or host. If you are on a website, and want to retrieve the next page on the site, the local DNS Server does not have to look up the host again, provided the time to live (ttl) value has not expired and caused the local DNS Server to delete the information. This is why it takes so long to contact a website at first, but subsequent requests for pages on the same site are somewhat faster.

Caching DNS Servers are configured for recursive lookup as well. This creates a Server that will respond to lookup requests by delivering answers from its cache, or looking them up on other Servers. It is the job of a Caching DNS Server to handle general lookups of Internet domains. A Caching DNS Server reduces the load placed on an Authoritative DNS Server by handling the requests that don not pertain to the local domain.

Almost all Internet Service Providers (ISPs) operate some kind of Caching DNS Server.

Unfortunately DNS Caching is a double-edged sword. It speeds up resolution by storing recent answers, and short-circuiting the normal resolution process. However there is a down side. Because DNS Servers cache answers, and don’t delete these answers until the time to live (ttl) expires, it can take hours or days for the entire Internet to recognize changes to DNS information for your domain name.

89.       What is forwarder?


DNS servers can be configured to send all recursive queries to a selected list of servers, known as forwarders. Servers used in the list of forwarders provide recursive lookup for any queries that a DNS server receives that it cannot answer based on its local zones. During the forwarding process, a DNS server configured to use forwarders (either one or more servers, based upon the forwarders list) essentially behaves as a DNS client to its forwarders.


Benefit of Forwarders


Forwarders are often desirable when access to remote DNS servers requires use of a slow link, such as a fast-speed internal network linked to the Internet over a relatively low-speed connection. Using forwarders in this situation can cut down on expensive traffic over the low-speed link in two ways:


90.       What is Forward and reverse lookup zone?


The DNS Forward Lookup zone is used to resolve computer host names

 to an IP address (“forward name resolution”).

The Reverse Lookup zone resolves IP addresses to computer host names in the DNS namespace (“reverse name resolution”).

91 .      What is root server?


On the Internet, the root server system is the way that an authoritative master list of all top-level domain names (such as com, net, org, and individual country codes) is maintained and made available to all routers. The system consists of 13 file servers. The central or “A” server is operated by Network Solutions, Inc., the company that originally managed all domain name registration, and the master list of top-level domain (TLD) names is kept on the A server. On a daily basis, this list is replicated to 12 other geographically dispersed file servers that are maintained by an assortment of agencies. The Internet routing system uses the nearest root server list to update routing tables.


  1. 92.       Shadow copy:


It’s a new file-storage technology in W2k3 Server

Allows to record different versions of files and folders in a

Windows 2003 network share

     It pretends to help the end user to recover when:

     Accidentally file deletions as “network recycle bin”

     Accidental overwrites of a file

      File corruption

It will reduce the time to recover a deleted file




  1. 93.       Explain Sites and what is the advantage of Sites?


Site consists of one or more Ip subnets connected by a high speed link. Wide area network employ multiple sites for efficiently handling service requests and reducing the replication traffic.


  1. 94.       How will you verify whether the AD Installation is proper?


  1. Verify SRV Resource records

  After AD is installed, the DC will register SRV records in DNS when it restarts. We can check this using DNS MMC pr nslookup command.


If the SRV records are registered , the following folders will be there in the domain folder in forward look up zone.







Using nslookup command



>ls –t SRV domain


If the record are properly created , they will be listed


2.Verify the SYSVOL folder


 If the SYSVOL folder is not properly created data stores in SYSVOL such are  scripts, GPO, etc will not be replicated between DCs.


First verify the following folder structure is created in SYSVOL




Staging area



Then verify necessary shares are created


  • net share


           it should show two shares NETLOGON and SYSVOL



3.Verify the data base and log files


   Make sure that the following fiels are there at %systemroot%\ntds


Ntds.dit, Edb.log. Res*.log




  1. What is LDAP?


         LDAP is the directory service protocol that is used to query and update AD. The LDAP naming path are used to access AD object and includes the following


1. Distinguished names

2. Relative distinguished names


Distinguished name gives the complete path of the object

E.g. CN=Suresh, OU=India, DC=Microsoft, DC=com


Relative distinguished name is the portion of the distinguished name that uniquely identifies the object.


E.g. CN=Suresh or OU=India


96.Explain about ADS database.


Active directory includes 4 files




  This is the AD database and stores all AD object. Default location is %systemroot%NTDS\ntds.dit. Active directory database engine is the Extensible storage engine which is based on the jetdatabase and can grow up to 16TB.


NTDS consist of following tables


Schema table:  The type of objects that can be created in the AD , relationship between them, and the attributes on each type of object. This table is fairly static and much smaller than the data table.


Link Table:  Contains linked attributes , which contain values referring other objects in the active directory. Take member of attribute on user object. That attribute contains values that reference groups to which the user belongs. This is also smaller that the data table.


DATA Table:  users, groups, application-specific data and any other data stored in the active directory.



From different perspective active directory has three types of data



Schema Information : Definitional details about objects and attributes that one can store in the AD. Replicates to all Dcs, static in nature.


Configuration information:  Configuration data about forest and trees. Replicates to all dcs. Static as your forest is.


Domain information: Object information for a domain. Replication to all Dcs within domain. The Object portion becomes part of GC. The attribute value only replicates within the domain.


  1. EDB.log : This is the transaction log file 10MB. When EDB.log is full, it is renamed to EDBnnn.log where nnn is the increasing number starting from 1
  2. EDB.Chk. This is the checkpoint file used to track the data not yet written to database file. This indicates the stating point fromwhich data is to be recovered from logfile, in case of failure..


4.RES1.log & RES2.log :  This is reserved transaction log fils of 20MB (Each 10MB) which provides the transaction log files enough room to shut down if the other spaces are being used.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s