Windows Technical Questions & Answers




1)    Net bios name max length

Ans: The NetBIOS naming convention allows for 16 characters in a NetBIOS name. Microsoft, however, limits NetBIOS names to 15 characters and uses the 16th character as a NetBIOS suffix.

The NetBIOS suffix is used by Microsoft Networking software to identify functionality installed on the registered device.


2)    Windows NT is using netbios? True or false details

      Ans: Yes because Microsoft networking services running on a Windows NT-based  
      computer are identified by using NetBIOS names.


3)    Windows 2000 supports net bios or not?

Ans: Yes. Using WINS  it allow a NetBIOS name to be converted to an IP address. Therefore computers using WINS must be using NBT (NetBIOS over TCP/IP). The purpose of WINS is to allow a NetBIOS name to be converted to an IP address. Therefore computers using WINS must be using NBT (NetBIOS over TCP/IP).


4)    What are the tools for backup-third party?

Ans: Tivoli, Veritos,  Netvault


5)    What is the cluster?

Ans:  A group of independent computer systems known as nodes or hosts, that work together as a single system to ensure that mission-critical applications and resources remain available to clients. A server cluster is the type of cluster that the Cluster service implements. Network Load Balancing provides a software solution for clustering multiple computers running Windows 2000 Server that provides networked services over the Internet and private intranets. In file systems a cluster is the smallest amount of disk space that can be allocated to hold a file. All file systems used by Windows 2000 organize hard disks based on clusters, also called allocation units. The smaller the cluster size, the more efficiently a disk stores information. If no cluster size is specified during formatting, Windows 2000 picks defaults based on the size of the volume and the file system used. These defaults are selected to reduce the amount of space lost and the amount of fragmentation on the volume.


6)    What are the steps for trouble shooting 2000 server?





1)    How to create backup in NT?

       Ans: Windows NT Server includes a graphical tool called Backup that makes it      
       easy to back up your Windows NT Server-based data to tape drive. Backup allows you   
       to: Back up and restore both local and remote files on NTFS, FAT, or HPFS   
       partitions from a single location.






2)    How to create boot floppy in NT?

      Ans: 1)  Format a floppy disk

  2) Copy the following the files from HDD to FDD  (copy c:\ to A:\)

  • BOOTSECT.DOS                             These are hidden files       
  • BOOT.INI                        –                These is a Read only file
  • Ntbootdd.sys         –                SCSI Drivers
  • Ntoskrnl.exe

                 (Refer   D:\d_back\madhan\madhan\ ntfinal.doc)

        3) Give command C:\I386\winnt.exe /OX à For creating the startup disk.

        4) RDISK Command for creating ERD



3)    PDC, BDC Explain.

Ans: A PDC is a Primary Domain Controller, and a BDC is a Backup Domain Controller. You must install a PDC before any other domain servers. The Primary Domain Controller maintains the master copy of the directory database and validates users. A Backup Domain Controller contains a read only copy of the directory database and can validate users. If the PDC fails then a BDC can be promoted to a PDC. Possible data loss is user changes that have not yet been replicated from the PDC to the BDC. A PDC can be demoted to a BDC if one of the BDC’s is promoted to the PDC.


4)    When PDC is down, that time we can possible to access network or not?

A: Yes. If the primary server fails, users can easily login to the secondary server and continue operations with minimal downtime and data loss.

5)    Without promoting BDC TO PDC, we can access the network resources or not? is it possible?



6)    How to configure DNS, DHCP, WINS, IIS RAS, Etc?


7)    How to configure ADS?


















8)    How to install configure DHCP in win 2000?

f:\madhan\interview tips\technical\sources\ windows 2000 configure dhcp server.htm

To install the DHCP Service on an existing Windows 2000 Server:


Click Start, click Settings, and then click Control Panel.


Double-click Add/Remove Programs, and then click Add/Remove Windows Components.


In the Windows Component Wizard, click Networking Services in the Components box, and then click Details.


Click to select the Dynamic Host Configuration Protocol (DHCP) check box if it is not already selected, and then click OK.


In the Windows Components Wizard, click Next to start Windows 2000 Setup. Insert the Windows 2000 Advanced Server CD-ROM into the CD-ROM drive if you are prompted to do so. Setup copies the DHCP server and tool files to your computer.


When Setup is complete, click Finish.




Configuring the DHCP Service

After you install and start the DHCP service, you must create a scope (a range of valid IP addresses that are available for lease to the DHCP clients). Each DHCP server in your environment should have at least one scope that does not overlap with any other DHCP server scope in your environment. In Windows 2000, DHCP servers within an Active Directory domain environment must be authorized to prevent rogue DHCP servers from coming online and authorizing a DHCP Server.

When you install and configure the DHCP service on a domain controller, the server is typically authorized the first time that you add the server to the DHCP console. However, when you install and configure the DHCP service on a member server, you need to authorize the DHCP server.

Note A stand-alone DHCP server cannot be authorized against an existing Windows Active Directory.

To authorize a DHCP server:


Click Start, click Programs, click Administrative Tools, and then click DHCP.

Note You must be logged on to the server with an account that is a member of the Enterprise Administrators group.


In the console tree of the DHCP snap-in, select the new DHCP server. If there is a red arrow in the bottom-right corner of the server object, the server has not yet been authorized.


Right-click the server, and then click Authorize.


After a few moments, right-click the server again and then click Refresh. The server should display a green arrow in the bottom-right corner to indicate that the server has been authorized.

To create a new scope:


Click Start, click Programs, point to Administrative Tools, and then click DHCP.

Note In the console tree, select the DHCP server on which you want to create the new DHCP scope.


Right-click the server, and then click New Scope. In the New Scope Wizard, click Next, and then type a name and description for the scope. This can be any name that you choose, but it should be descriptive enough to identify the purpose of the scope on your network. For example, you might use Administration Building Client Addresses.


Type the range of addresses that can be leased as part of this scope, for example, a starting IP address of to an ending address of Because these addresses are given to clients, they should all be valid addresses for your network and not currently in use. If you want to use a different subnet mask, type the new subnet mask. Click Next.


Type any IP addresses that you want to exclude from the range you entered. This includes any addresses that may have already been statically assigned to various computers in your organization. Click Next.


Type the number of days, hours, and minutes before an IP address lease from this scope expires. This determines the length of time that a client can hold a leased address without renewing it. Click Next to select Yes, I want to configure these options now, and then extend the wizard to include settings for the most common DHCP options. Click Next.


Type the IP address for the default gateway that should be used by clients that obtain an IP address from this scope. Click Add to place the default gateway address into the list, and then click Next.



Note When DNS servers already exist on your network, type your organization’s domain name in Parent domain. Type the name of your DNS server, and then click Resolve to ensure that your DHCP server can contact the DNS server and determine its address. Then click Add to include that server in the list of DNS servers that are assigned to the DHCP clients. Click Next.


Click Yes, I want to activate this scope now, to activate the scope and allow clients to obtain leases from it, and then click Next. Click Finish.



Back to the top


Clients are unable to obtain an IP address
If a DHCP client does not have a configured IP address, it generally means that the client has not been able to contact a DHCP server. This is either because of a network problem or because the DHCP server is unavailable. If the DHCP server has started and other clients have been able to obtain a valid address, verify that the client has a valid network connection and that all related client hardware devices (including cables and network adapters) are working properly.

The DHCP server is unavailable
When a DHCP server does not provide leased addresses to clients, it is often because the DHCP service has failed to start. If this is the case, the server may not have been authorized to operate on the network. If you were previously able to start the DHCP service, but it has since stopped, use Event Viewer to check the system log for any entries that may explain the cause.

Note To restart the DHCP service, click Start, click Run, type cmd, and then press ENTER. Type net start dhcpserver, and then press ENTER.



9)    What is the default File system in 2000?

       Ans:During the text-based portion of Windows 2000 Setup, by default you can choose to convert your hard disk from the FAT32 file system to the NTFS file system. But it supports FAT, FAT32, NTFS5.0, EFS,CDFS Also.







NTFS 5.0
The version used with Windows 2000. It features full support for new Windows 2000 features, such as Active Directory directory service, disk quotas, and encryption. It is only supported by Windows 2000 and minimally by Windows NT 4.0 with Service Pack 4 or later Note: If you created NTFS volumes on Windows NT 4.0 and upgraded to Windows 2000, the volumes aren’t upgraded automatically to NTFS 5.0. You must specifically choose to upgrade the volumes during installation of the operating system or when you install Active Directory on a Windows 2000 server.


10)  How to create ADS backup?

            Active Directory is backed up as part of system state, a collection of system components that    
               depend on each other. You must back up and restore system state components together.
               Default path for active directory is C:\Winnt\NTDS\NTDS.DIT
                Active Directory Includes:












11)  What is system state backup?

            Ans: System State

A collection of system-specific data that can be backed up and restored. For all Windows 2000 operating systems, the System State data includes the registry, the class registration database, and the system boot files. For Windows 2000 Server, the system state data also includes the Certificate Services database (if the server is operating as a certificate server). If the server is a domain controller, the system state data also includes Active Directory and the Sysvol directory.


12)  How to install network printer?


         1) We have to take the printout of the printer settings in the printer    (by pressing big button)


2) From that printout you can get the default assigned ip address for that printer

   (Its assigned default by the manufacurer)


3)  Then connect the printer to one of the pc using cross cable

    Note:Pc ip shoud be the same class what printer has

    Ex: if Printer IP is pc IP shoud be or 3,4,…


4) If u go to internet explore type http:\\


5) now printer configuration Settiings page will open now u can change the IP address Etc..,


           To configure with print server and assign permission. in XP


1) Start–>Settings–> Printer and Faxes


2) Now right click on that box or select File -> select Add Printers


3) Now welcome wizard will be open –>click next


4) Select the network printer by giving correct path and finish the  setup.


5) Now the right click created printer shortcut


6) Select properties–> then select Securities and assign the permission.


13)  How to create roaming profile?

1)    Create a User open user properties

2)    Select profile TAB give Profile path in user profile column


3)    Share and give the permission for that folder


      In 2000 and 2003 how to create Roaming Profile?


      Roaming Profile:

Create the normal user in server pc and go to select the profile

       tab give the profile path \\servername\sharename\%username%


      Note: You have to give full permission and include

      ownership of sharename folder, then only we can able to open

      and use that profile in server.


      b) Logon Script : If we need to share the map drive network in

      Roaming users we have to create one batch file or any script file


      Batch file creation process :

      Open the notepad type this command to

      net use u: \\server-name\share-name\ then saveas to .bat

      copy the file and paste to “c:\winnt\system32\repl\Import\scripts”



If you are using windows 2003 server c:\windows\sysvol\sysvol\scripts\

repl and sysvol should be on sharing then only it will work


Mandatory Profile : All the concept is same as like Roaming profile

we have the change the fileextension type as ntuser.dat to



14)  Difference between Switch and Hub?

Ans: HUB and SWITCH is categorized under Inter-Connecting Devices in LAN. When a data is received from a port, the HUB will Flood (Broadcast) the data to all ports . In case of Switch it will forward the Data to the particular port using the MAC -ADDRESS -TABLE .Switch creates the mac table with the help of Application Specific Integrated Circuit (ASIC). The Network Speed is increased while using the Switch since the entire speed of the NIC card is not Shared to all ports .






1) What is DFS?

Ans: Distributed file system (Dfs)

A Windows 2000 service consisting of software residing on network servers and clients that transparently links shared folders located on different file servers into a single namespace for improved load sharing and data availability


2) How to install DFS in win 2000?

To create a Dfs root:


Click Start, point to Programs, point to Administrative Tools, and then click Distributed File System.


On the Action menu, click New Dfs Root, and then click Next.


In the Select the Dfs Root Type window, click to select Create a domain Dfs root, or Create a standalone Dfs root, and then click Next.


If you are creating a domain-based Dfs root, click the name of the domain where you want to create the Dfs root, and then click Next.


Enter the name of the host computer for the Dfs root or click Browse to select a server name, and then click Next.


In the Specify the Dfs Root Share window, click an existing shared folder or specify the path and name of a new shared folder to create, and then click Next.


Accept the default name for the Dfs root or specify a new name, and then click Next.


Click Finish to create the new Dfs root.


Restart your computer.

NOTE: To add an additional Dfs root share, repeat the above procedure.



To add a Dfs shared folder:


NOTE: The first shared folder is added when you create the Dfs link.


Click Start, point to Programs, point to Administrative Tools, and then click Distributed File System.


In the console tree, right-click the Dfs root to which you want to assign a shared folder, and then click New Dfs Link.


In the Link Name box, enter the logical name for this subfolder.


In the Send the user to this shared folder box, enter the name of a shared folder, or click Browse to select from the list of available shared folders, and then click OK.

If the Dfs partition is NTFS, choose one of the following:

Click to select the Join Replication check box to have the files that are located in the Dfs root or Dfs link that you selected automatically replicate as changes occur to the source file. This option requires the host server for the Dfs root or Dfs link to be a domain member.

Click to select the No Replication check box to have the source file remain unchanged.



3) What is RAID? What are the RAID concept supports in 2000 server?


A method used to standardize and categorize fault-tolerant disk systems. Six levels gauge various mixes of performance, reliability, and cost. Windows 2000 provides three of the RAID levels: Level 0 (striping) which is not fault-tolerant, Level 1 (mirroring), and Level 5 (striped volume with parity).


How do configure RAID 0,1,5?



A volume that stores data in stripes on two or more physical disks. Data in a striped volume is allocated alternately and evenly (in stripes) to these disks. Striped volumes offer the best performance of all volumes available in Windows 2000, but they do not provide fault tolerance. If a disk in a striped volume fails, the data in the entire volume is lost. You can create striped volumes only on dynamic disks. Striped volumes cannot be mirrored or extended. In Windows NT 4.0, a striped volume was known as a stripe set.



A fault-tolerant volume that duplicates data on two physical disks. The mirror is always located on a different disk. If one of the physical disks fails, the data on the failed disk becomes unavailable, but the system continues to operate by using the unaffected disk. A mirrored volume is slower than a RAID-5 volume in read operations but faster in write operations. Mirrored volumes can only be created on dynamic disks. In Windows NT 4.0, a mirrored volume was known as a mirror set.




A fault-tolerant volume with data and parity striped intermittently across three or more physical disks. Parity is a calculated value that is used to reconstruct data after a failure. If a portion of a physical disk fails, you can recreate the data that was on the failed portion from the remaining data and parity. Also known as a striped volume with parity.



Windows 2000 Advanced Server supports three types of Software RAID: RAID-0, RAID-1 and RAID-5. Because only RAID-1 and RAID-5 provide for fault tolerance, this section will cover only these two solutions


4) Which hard disk mainly used for RAID?



5) How Do you know about new hard disks support RAID?


6) What are the remote tools, do you know?

Dameware, Pcanyware,VNC


7) What is Remote Management, How?


8) /24àhow many hosts will be created?

 Ans: 30 Hosts


9) What is sub netting?

Subnetting allows large networks into small networks.because of Traffic will be less.

10) Switch working with which OSI model?

 Layer 2 switch works with Data Link Layer Layer 3 Switch works in Network Layer


11) Hub working with which OSI model how

     Ans: Works in Physical Layer its Assists with the activation, maintenance, and deactivation of physical connectivity between devices


12) How many OSI model, Explain?

OSI Layer

Control Information Name











Data Link







13) What are commands for Trouble Shooting with DHCP server and Clients?

DHCP Server Commands


The following table lists the netsh dhcp commands that are used in this example procedure.




Shifts the current DHCP command-line context to the server that is specified by either its name or IP address.

add scope

Adds a new scope to the specified DHCP server.


Switches the command context to the DHCP scope that is specified by its IP address.

add iprange

Adds a range of IP addresses to the current scope.

add excluderange

Adds a range of excluded addresses to the current scope.

set optionvalue

Sets an option value for the current scope.

set state

Sets or resets the state of the current scope to either an active or inactive state.

DHCP Client Commands









1) How to install ADS? 

  F:\madhanN\Interview Tips\Technical\Sources\2000ADS Installaion.doc

1.   Click Start, point to Run and type “dcpromo”.

2.   The wizard windows will appear. Click Next.

3.   Choose Domain Controller for a new domain and click Next.

4.   Choose Create a new domain tree and click Next.

5.   Choose Create a new forest of domain trees and click Next.

6.   Enter the full DNS name of the new domain, for example – – this must be the same as the DNS zone you’ve created in step 3, and the same as the computer name suffix you’ve created in step 1. Click Next.

              Note: This step might take some time because the computer is searching for the DNS server                         
              and checking to see if any naming conflicts exist.

7.   Accept the the down-level NetBIOS domain name, in this case it’s DPETRI. Click Next

8.   Accept the Database and Log file location dialog box (unless you want to change them of course). The location of the files is by default %systemroot%\NTDS, and you should not change it unless you have performance issues in mind. Click Next.

9.   Accept the Sysvol folder location dialog box (unless you want to change it of course). The location of the files is by default %systemroot%\SYSVOL, and you should not change it unless you have performance issues in mind. This folder must be on an NTFS v5.0 partition. This folder will hold all the GPO and scripts you’ll create, and will be replicated to all other Domain Controllers. Click Next

10. If your DNS server, zone and/or computer name suffix were not configured correctly you will get the following warning:

       Note: This means the Dcpromo wizard could not contact the DNS server, or it did contact it       
       but could not find a zone with the name of the future domain. You should check your 
       settings. Go back to steps 1, 2 and 3. Click Ok.

11. Accept the default choice or, if you want, quit Dcpromo and check steps 1-3.

12. Accept the Pre-Windows 2000 compatible permissions.

13. Enter the Restore Mode administrator’s password. You can leave it blank (in Windows Server 2003 you must enter a password) but whatever you do – remember it! Without it you’ll have a hard time restoring the AD if you ever need to do so. Click Next.

14. Review your settings and if you like what you see – Click Next.

15. See the wizard going through the various stages of installing AD. Whatever you do – NEVER click Cancel!!! You’ll wreck your computer if you do. If you see you made a mistake and want to undo it, you’d better let the wizard finish and then run it again to undo  the AD.

16. If all went well you’ll see the final confirmation window. Click Finish.

17. You must reboot in order for the AD to function properly. Click Restart now.


1) Port Numbers


DNS -53

DHCP-67, 68




IMAP 143


POP3 110

POP3S 995

FTP 21,22


LDAP 389

RDP 3389

SNTP 161



3) How to create Active Directory Site?

1.     Start the MMC Active Directory Sites and Services snap-in. (From the Start menu, select Programs, Administrative Tools, Active Directory Sites and Services Manager.)

2.     Right-click the Site branch, and select New, Site from the context menu.

3.     Enter a name for the site (e.g., NewYork). The name must be 63 characters or fewer and can’t contain spaces or periods. You must also select a site link (only one site link, DEFAULTIPSITELINK, exists by default). Alternatively, enter IP

4.     Click OK.



4) What is difference between 2000 and 2003 server?

         In windows 2003 support SHADOW COPIES ..A NEW TOOLTO RECOVER FILES
Window 2003 server includes IIS server in it. That is the biggest advantage on top of better file system management In 2003 server u can change the domain name at any time without rebuilding the domain

Also Windows 2003 does introduce the ability to create a transitive trust between separate forests as long as all domains and forest are at full Windows 2003 functional level.


        Where as in 2000 u have to rebuild the entire domain to change the domain name
In windows 2000 support maximum 10 users access shared folder at a time through network.
But in win2003 no limitation


5) What is DNS? How it works?

Domain Name System (DNS)

DNS provides a service for mapping DNS domain names to IP addresses, and vice versa. This allows users, computers, and applications to query the DNS to specify remote systems by fully qualified domain names rather than by IP addresses



6) Directory Services, Authoritative, Non-Authoritative, FSMO?





1)    Tell me, basically one pc how it works?

2)    What are the Difference between Winnt4 & Windows 2000

Ans: Diff bet winnt & 2000
        File system difference (ntfs, fat,fat32)
        In winnt server concept pdc and bdc but there is no concept in 2000
        In winnt server sam database r/w format in pdc and read only format in bdc

         In 2000 domain and every domain controller sam database read/writer format .
         2000 server can any time any moment become server or member of server simple        
         add/remove dcpromo.But in winnt you have to reinstall operating system.


3)    How many backups available in 2000?

    Copy backup     

A copy backup copies all selected files but does not mark each file as having been backed up (in other words, the archive attribute is not cleared). Copying is useful if you want to back up files between normal and incremental backups because copying does not affect these other backup operations.

    Daily backup     

A daily backup copies all selected files that have been modified the day the daily backup is performed. The backed-up files are not marked as having been backed up (in other words, the archive attribute is not cleared).

    Differential backup     

A differential backup copies files created or changed since the last normal or incremental backup. It does not mark files as having been backed up (in other words, the archive attribute is not cleared). If you are performing a combination of normal and differential backups, restoring files and folders requires that you have the last normal as well as the last differential backup.

    Incremental backup     

An incremental backup backs up only those files created or changed since the last normal or incremental backup. It marks files as having been backed up (in other words, the archive attribute is cleared). If you use a combination of normal and incremental backups, you will need to have the last normal backup set as well as all incremental backup sets in order to restore your data.

    Normal backup     

A normal backup copies all selected files and marks each file as having been backed up (in other words, the archive attribute is cleared). With normal backups, you need only the most recent copy of the backup file or tape to restore all of the files. You usually perform a normal backup the first time you create a backup set.


4)    What are the backup devices you used explain?




5)    How to create Home Folder?



Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.


In the console tree, click Users.


In the Details pane, right-click the user account, and then click Properties.


In the Properties dialog box, click Profile.


Under the Home folder, type the folder information. To do this, follow these steps:


To assign a home folder on a network server, click Connect, and then specify a drive letter.



In the To box, type a path. This path can be any one of the following types:



Network path, for example:



You can substitute username for the last subfolder in the path, for example:



Note In these examples, server is the name of the file server housing the home folders, and users is the shared folder.


Click OK.

       Assign a Home Folder to a User from the Command Line

      You can use the net user command to assign a home folder to a user from the command line. For         
      example, at the command line, type the following command, and then press ENTER:

      net user tester /homedir:\\server\tester$



6)    How to install Recovery Console, Explain?

Install the Windows Recovery Console After Windows is Already Installed on the Computer


Click Start, click Run, and then type CD-ROM drive letter:\i386\winnt32.exe /cmdcons in the Open box, where CD-ROM drive letter is the drive letter assigned to your CD-ROM drive.


Click OK, follow the instructions on the screen to finish Setup, and then restart your computer.

Note To use the recovery console for an installation, you need the local Administrator password. For Domain Controllers, you need the Administrator password that is used in the Directory Service Restore mode






1.     Port no of various services.

2.     Global catalog

      A domain controller that contains a partial replica of every domain directory partition in the forest as well as a full replica of its own domain directory partition and the schema and configuration directory partitions. The Global Catalog holds a replica of every object in Active Directory, but each object includes a limited number of its attributes. The attributes in the Global Catalog are those most frequently used in search operations (such as a user’s first and last names) and those attributes that are required to locate a full replica of the object. The Global Catalog enables users and applications to find objects in Active Directory given one or more attributes of the target object, without knowing what domain holds the object. The Active Directory replication system builds the Global Catalog

3.     FSMO roles








4.     Stub Zone In DNS

      A stub zone (slide 7) is a read-only copy of a zone. You can’t update it. This zone contains only enough data to identify the DNS servers that are authoritative for the zone and all the records for that zone. Basically what we have here is a zone that contains specific information on what DNS servers are authoritative for that zone. It doesn’t contain all of the data for a given zone.

  • A copy of the SOA record for the zone.
  • Copies of NS records for all name servers authoritative for the zone.
  • Copies of A records for all name servers authoritative for the zone



5.     RAID levels

6.     Type of Backups. Difference between Incremental and differential backup?

7.     What will be the drive letter of 25th hard drive?

Ans: Z

8.     Forest migration

9.     “The network path was not found?” is the error u r getting when u try to access the resource but u could able to ping the machine. What will be the cause?

  • Check whether firewall enabled
  • Check File print sharing may enabled or not
  • Make sure that you have enabled NetBIOS over TCP/IP if this is a mixed OS network


10.  What is the difference between WINS and DNS? Why should we use DNS instead of WINS?

         WINS resolves netbios computer names to IP address.
         DNS resolves hostnames to an ip address.
        If you go through your network settings for the TCP/IP protocol,
        you will notice you can use a different "hostname" from           
        WINS = MyComputer =
        DNS = MyComputer.MyDomain.Com =
        DNS is primarily used to resolve domain names to the IP addresses that
        are held in Domain Name Servers. Without DNS servers, you would have to
        type and IP address to get to a web site. Servers use WINs to resolve
  Netbios 15 letter names to IP addresses. WINS is generally used on  
  LANS,and not WANS. DNS is primarily used on WANS


11.  What is LDAP?

Ans: Lightweight Directory Access Protocol (LDAP)

A directory service protocol that runs directly over TCP/IP and the primary access protocol for Active Directory. LDAP version 3 is defined by a set of Proposed Standard documents in Internet Engineering Task Force (IETF) RFC 2251.


12.  What are the switches available with Dcpromo command?

   DCPROMO /Answer[:filename]

   DCPROMO /adv



















1.     Port no of various services.










2.     Why we are not able to add WINNT in native modes?

In mixed mode, a Win2K domain assigns a domain controller to act as a PDC for NT BDCs. By default, the first domain controller in a Win2K domain acts as a PDC emulator. There can be only one PDC emulator in a domain, and you can assign the role to any domain controller in a domain. The PDC emulator performs several important tasks in mixed mode, including:

  • Emulating as a PDC and replicating account information to BDCs.
  • Handling account modifications, including password changes.
  • Acting as a master browser for NT clients.
  • Providing NT LAN Manager (NTLM) authentication services.
  • Supporting Active Directory (AD) replication to Win2K domain controllers and NTLM replication to BDCs.

If a Win2K site in mixed mode contains Win2K clients, make sure there’s at least one Win2K domain controller in that site because the Win2K clients first attempt to locate Win2K domain controllers using DNS. If a client doesn’t find a Win2K domain controller, it’ll try to use NTLM to log on to an NT domain controller. Obviously, NT doesn’t support group policies so your Win2K client users won’t be able to take advantage of either the group policies or the logon scripts. . . .





3.     FSMO roles ?

     f:\madhan\Interview Tips\Technical\Sources\fsmo.doc

Operations Master


Schema Master


Domain Naming Master


Primary Domain Controller (PDC) Emulator

Specific to a domain

Relative Identifier (RID) Master

Specific to a domain

Infrastructure Master

Specific to a domain


















4.     How do u seize the role?

f:\madhan\interview tips\technical\sources\ seizing fsmo roles.htm

1)    On any domain controller, click Start, click Run, type Ntdsutil in the Open box, and then click OK

2)    Type roles, and then press ENTER.

        Note: To see a list of available commands at any of the prompts in the Ntdsutil tool, type ?, and then    
        press ENTER.

3.     Type connections, and then press ENTER.

4.     Type connect to server <servername>, where <servername> is the name of the server you want to use, and then press ENTER.

5.     At the server connections: prompt, type q, and then press ENTER again

6.     Type seize <role>, where <role> is the role you want to seize. For example, to seize the RID Master role, you would type seize rid master:

7.     You will receive a warning window asking if you want to perform the seize. Click on Yes.

       Note: All five roles need to be in the forest. If the first domain controller is out of the forest then seize all  
       roles. Determine which roles are to be on which remaining domain controllers so that all five roles are         
       not on only one server 

8.     Repeat steps 6 and 7 until you’ve seized all the required FSMO roles.

9.     After you seize or transfer the roles, type q, and then press ENTER until you quit the Ntdsutil tool.

       Note: Do not put the Infrastructure Master (IM) role on the same domain controller as the Global     
       Catalog server. If the Infrastructure Master runs on a GC server it will stop updating object information         
       because it does not contain any references to objects that it does not hold. This is because a GC server  
       holds a partial replica of every object in the forest.



5.     What is the difference between seizing and transferring the roles?

    Transferring FSMO Roles

FSMO roles can be either seized or relocated to another server. The difference between seizing a role and transferring it is that when transferring a role, the domain controller that currently holds the role is still online. The methods of the DomainController object available for these operations are SeizeRoleOwnership and TransferRoleOwnership


6.     What is the protocol used in logon?

 Ans: In Windows NT NTLM 3.0 Version used for Authendication

          In Windows 2000 Kerberos

          For Remote login Telnet










7.     What is the difference between Authoritative and Non-Authoritative restoration?

Although you might have several domain controllers (DCs) providing fault tolerance for your domain, you still need to perform regular backups. Windows backs up AD as part of the System State and restores the directory by booting a DC into the Directory Services restore mode.

The default Directory Services restore mode is a nonauthoritative restoration. In this mode, Windows restores a DC’s directory from the backup. Then, the DC receives from its replication partners new information that’s been processed since the backup. For example, let’s say we restore a DC using a 2-day-old backup. After the DC starts, its replication partners send all updates that have occurred in the past 2 days. This type of restore is typically used if a DC fails for hardware or software reasons.

An authoritative restoration restores the DC’s directory to the state it was in when the backup was made, then overwrites all other DCs to match the restored DC, thereby removing any changes made since the backup. You don’t have to perform an authoritative restoration of the entire directory–you can choose to make only certain objects authoritative. When you restore only parts of the directory, Windows updates the rest of the restored database by using information from the other DCs to bring the directory up-to-date, then replicates the objects that you mark as authoritative to the other DCs. This type of restore is most useful if you deleted, for example, an organizational unit (OU). In this case, you could restore an AD backup to a DC, mark the OU as authoritative, then start the DCs normally. Because you marked the OU as authoritative, Windows will ignore the fact that the OU was previously deleted, replicate the OU to the other DCs, and apply all other changes made since the backup to the restored DC from its replication partners.

8.     What is the maximum and minimum hard drive for RAID5?

3- 32 if controller supports

9.     What is the maximum hard drive for RAID1?

RAID 1 requires 2 hard disks (2 drives are required, and no more than 2 drives can be used­)





10.  Is it recommended that having RID master role in global catalog server and why?

Yes,  because it will create unique RID database for each domain so conflicts won’t happen


11.  What is the difference between mirroring and duplexing?


  • Disk Mirroring :- using one cable we can connect same type of 2 hard disk drive for disk mirroring     (ex: primary master, primary slave)
  • Disk dupluction :- using two cable we can connect same type of 2 hard disk drive for disk dupluxion

                            (Ex: Primary Master, Secondary Master)



12.  What are the categories of event viewer available in a DC?


Directory Service

DNS Server

File Replication Service




13.  What is FRS?

Ans: File Replication service (FRS) is a technology that replicates files and folders stored in the SYSVOL shared folder on domain controllers and Distributed File System (DFS) shared folders. When FRS detects that a change has been made to a file or folder within a replicated shared folder, FRS replicates the updated file or folder to other servers.


14.  Difference between windows2000 standard and advanced edition?

Windows 2000 Server supports 4 processors and is designed to fill the role of typical domain controller, file and print server, application server, and other common tasks. Windows 2000 Advanced Server is designed for high end mission critical platforms, supports 8 processors, and includes support for  2 way server clustering. Windows 2000 DataCenter Server goes even further than Advanced Server in that it can support up to 32 processors, cascading failover among 4 nodes, and 32 node network load balancing.


15.  What are the things (files) will be backed up in system state backup?

Registry , COM+ Class Registration database ,Boot files, including the system files ,Certificate Services database

Active Directory directory service ,SYSVOL directory ,Cluster service information


For Windows 2000 Server, the system state data also includes the Certificate Services database (if the server is operating as a certificate server). If the server is a domain controller, the system state data also includes Active Directory and the Sysvol directory.




16.  If a client is not able to get an IP from a DHCP server, what will be the cause assuming that physical network is working fine?

        Scope not activated or DHCP server not authorized in the domain

        If multiple scopes present activate correct scope










17.  What is default data path for Active Directory?

The default path is in the boot partition under \Windows\NTDS. Generally, it is a good idea to put them on a separate volume from the operating system files to improve performance.

  • Ntds.dit. This is the main AD database. NTDS stands for NT Directory Services. The DIT stands for Directory Information Tree. The Ntds.dit file on a particular domain controller contains all naming contexts hosted by that domain controller, including the Configuration and Schema naming contexts. A Global Catalog server stores the partial naming context replicas in the Ntds.dit right along with the full Domain naming context for its domain.
  • Edb.log. This is a transaction log. Any changes made to objects in Active Directory are first saved to a transaction log. During lulls in CPU activity, the database engine commits the transactions into the main Ntds.dit database. This ensures that the database can be recovered in the event of a system crash. Entries that have not been committed to Ntds.dit are kept in memory to improve performance. Transaction log files used by the ESE engine are always 10MB.
  • Edbxxxxx.log. These are auxiliary transaction logs used to store changes if the main Edb.log file gets full before it can be flushed to Ntds.dit. The xxxxx stands for a sequential number in hex. When the Edb.log file fills up, an Edbtemp.log file is opened. The original Edb.log file is renamed to Edb00001.log, and Edbtemp.log is renamed to Edb.log file, and the process starts over again. ESENT uses circular logging. Excess log files are deleted after they have been committed. You may see more than one Edbxxxxx.log file if a busy domain controller has many updates pending.
  • Edb.chk. This is a checkpoint file. It is used by the transaction logging system to mark the point at which updates are transferred from the log files to Ntds.dit. As transactions are committed, the checkpoint moves forward in the Edb.chk file. If the system terminates abnormally, the pointer tells the system how far along a given set of commits had progressed before the termination.
  • Res1.log and Res2.log. These are reserve log files. If the hard drive fills to capacity just as the system is attempting to create an Edbxxxxx.log file, the space reserved by the Res log files is used. The system then puts a dire warning on the screen prompting you to take action to free up disk space quickly before Active Directory gets corrupted. You should never let a volume containing Active Directory files get even close to being full. File fragmentation is a big performance thief, and fragmentation increases exponentially as free space diminishes. Also, you may run into problems as you run out of drive space with online database defragmentation (compaction). This can cause Active Directory to stop working if the indexes cannot be rebuilt.
  • Temp.edb. This is a scratch pad used to store information about in-progress transactions and to hold pages pulled out of Ntds.dit during compaction.
  • Schema.ini. This file is used to initialize the Ntds.dit during the initial promotion of a domain controller. It is not used after that has been accomplished.


18.  What is the difference between share permission and file permission?

       share permissions apply to files or folders shared over the network and file permissions are used   
         to restrict a user who is logged onto that machine.


19.  Is it necessary to establish trust between domains in the same forest?

In Windows 2000 and Windows Server 2003 Active Directory, you have certain trust relationships that are enabled by default and created automatically: a two-way transitive trust relationship between a parent domain and all child domains that are created beneath it, and a two-way transitive trust between the root domains of multiple domain trees within a single forest. A two-way trust relationship means that users in Domain A can access resources in Domain B using the same trust relationship that allows users in Domain B to access resources in Domain A.




Windows System/Desktop Support


1)    What is the reason for hanging a pc? Explain

2)    What is the reason for slowing pc? Explain

3)    How to speed up pc while it was slow?

4)    If a pc is in no display why?

5)    How to set virtual memory in 2000?

6)    Beep sound will be long, why?

7)    TCP/IP protocol Explain?

8)    What is color-coding for cross cabling and Straight Cabling?

9)    How to change computer name in windows 2000 or XP?

10)  How to create a folder in NTFS?

11)  How is set NTFS security for a folder?

12)  What is ghost? Explain?

13)  How to use Ghost? What is advantage?

14)  What is Ms-Outlook and Outlook Express? And what is the difference?

15)  What is the page file?

16)  What is the default location of Ms-Outlook data file?

17)  What is port no of SMTP, TCP/IP, and POP3?

18)  How to get backup in MS-Outlook?



  1. Port no of various services.
>    2. Global catalog
>    3. FSMO roles
>    4. Stub Zone In DNS
>    5. RAID levels
>    6. Type of Backups. Difference between Incremental and differential
>    backup?
>    7. What will be the drive letter of 25th hard drive?
>    8. Forest migration
>    9. “The network path was not found?” is the error u r getting when u
>    try to access the resource but u could able to ping the machine. What will
>    be the cause?
>    10. What is the difference between WINS and DNS? Why should we use DNS
>    instead of WINS?
>    11. What is LDAP?
>    12. What are the switches available with Dcpromo command?


           1. Port no of various services.
>    2. Why we are not able to add WINNT in native modes?
>    3. FSMO roles
>    4. How do u seize the roles
>    5. What is the difference between seizing and transferring the roles?
>    6. What is the protocol used in logon?
>    7. What is the difference between Authoritative and Non-Authoritative
>    restoration?
>    8. What is the maximum and minimum hard drive for RAID5?
>    9. What is the maximum hard drive for RAID1?
>    10.  Is it recommended that having RID master role in global catalog
>    server and why?
>    11. What is the difference between mirroring and duplexing?
>    12. What are the categories of event viewer available in a DC?
>    13. What is FRS?
>    14. Difference between windows2000 standard and advanced edition?
>    15. What are the things (files) will be backed up in system state
>    backup?
>    16. If a client is not able to get an IP from a DHCP server, what will
>    be the cause assuming that physical network is working fine?
>    17. What is default data path for Active Directory?
>    18. What is the difference between share permission and file
>    permission?
>    19. Is it necessary to establish trust between domains in the same
>    forest?


Windows Server Administration


1)   What it is domain controller?

2)   What is ADC?

3)   What is ADS? And how to install it?

4)   How to create Roaming profiles in 2000 Server?

5)   Difference Between FAT and NTFS?

6)   What File system 2000 Supports?

7)   What is RAID?

8)   How do configure RAID 0,1,5?

9)   How to install Network Printers?

10) Explain OSI model?

11) Difference Between Switch and Hub?

12) What is DHCP?

13) How to set a Scope in DHCP?

14) What is DNS?

15) How to configure DNS?

16) Difference between 2000 server and 2003 server?

17) How to configure mail server in 2000?

18) How to configure Outlook Express and Ms out look

19) In 2000 and 2003?

20) How to configure Trust relationship between domains?

21) What is Domain Tree, Forest, Child

22) How to Share printer?

23) Difference between NT and 2000 Servers?

24) How to take backup in 2000 Server?

25) Difference Type of Backups?


26) 2000 Booting Process?

Power-on self test (POST)
Initial startup
Bootstrap loader process
Select operating system
Detecting hardware
Selecting a configuration
Loading and initializing the kernel(Ntoskrnl.exe)
Log on

     The boot process requires the following files:




Active Partition


Active Partition

Active Partition







Device drivers


Ntbootdd.sys is required only if you are using a SCSI-controlled boot partition, and the SCSI adapter does not have a SCSI BIOS enabled. Bootsect.dos is required only for multiple booting.





1.     How will you do the security updates in servers?

2.     what is Global catalog?

3.     What is Changedata?

4.     What are the types of backup?

5.     What is the advantage & disadvantage of DHCP?

6.     How can you get the report that contains list of users in a particular group?

7.     How can you backup the DHCP?

8.     If IP is not assigning to a client system and no problem in server side, what could be the reason?

9.     What is the format of the file we are using to update the sus server?

10.  Prepare on the following topics for system admin interview:
ADS,Group policies, WINS, DNS, DHCP,Windows Terminal Server,

11.  TCP/IP Networking, IP Addresses, Class concepts, HDD Imaging – Ghost or equivalent.


ADS  means Active Directory Services .


Active Directory Services is a directory service used by windows 2000 / windows 2003 server.


Directory Service consists of two parts;-


  1. Centralized, hierachial database that contains information about users and resources of a network.
  2. A service that manages the database and enable users of computer on the network to access the database. This database is called Active Directory Data Store. It contains various types of network resources information includes printer,shared folder,users,groups,computers.
  3. Windows 2000/2003 Server computers that have a copy of active directory data store and that run the active directory are called domain controllers. In window 2000, a r/w copy of active directory data store is physically located on each domain controller in the domain.


Purpose / Functions of ADS:-


  1. To provide user logon and authentication services.
  2. To enable administrator to organize and manage user account,groups and network resources.
  3. To enable authorized users to easily locate the network resources, regardless of where they are located on the network.


Features of ADS:-


  1. To provide fully integrated high level security
  2. Easy administration by group policy.
  3. Its flexible and extendable
  4. Scalable to any size network


One or more well-connected (highly reliable and fast) TCP/IP subnets. A site allows administrators to configure Active Directory access and replication topology to take advantage of the physical network.


Sites in Active Directory® represent the physical structure, or topology, of your network. Active Directory uses topology information, stored as site and site link objects in the directory, to build the most efficient replication topology. You use Active Directory Sites and Services to define sites and site links. A site is a set of well-connected subnets. Sites differ from domains; sites represent the physical structure of your network, while domains represent the logical structure of your organization.

In Active Directory replication, the set of connections that domain controllers use to replicate information among themselves.


site link

An Active Directory object that represents a set of sites that can communicate at uniform cost through some intersite transport. For Internet Protocol (IP) transport, a typical site link connects just two sites and corresponds to an actual wide area network (WAN) link. An IP site link connecting more than two sites might correspond to an asynchronous transfer mode (ATM) backbone connecting more than two clusters of buildings on a large campus or several offices in a large metropolitan area connected via leased lines and IP routers.

Using sites

Sites help facilitate several activities within Active Directory, including:

  • Replication. Active Directory balances the need for up-to-date directory information with the need for bandwidth optimization by replicating information within a site more frequently than between sites. You can also configure the relative cost of connectivity between sites to further optimize replication. For more information, see Replication between sites and Managing replication.
  • Authentication. Site information helps make authentication faster and more efficient. When a client logs on to a domain, it first searches its local site for a domain controller to authenticate against. By establishing multiple sites, you can ensure that clients authenticate against domain controllers nearest to them, reducing authentication latency and keeping traffic off WAN connections.
  • Active Directory–enabled services. Active Directory–enabled services can leverage site and subnet information to enable clients to locate the nearest server providers more easily. For information about services, see Services.

In Active Directory, a site is a set of computers well-connected by a high-speed network, such as a local area network (LAN). All computers within the same site typically reside in the same building, or on the same campus network. A single site consists of one or more Internet Protocol (IP) subnets. Subnets are subdivisions of an IP network, with each subnet possessing its own unique network address. A subnet address groups neighboring computers in much the same way that postal codes group neighboring postal addresses. The following figure shows several clients within a subnet that defines an Active Directory site.


Enlarge figure



Sites and subnets are represented in Active Directory by site and subnet objects, which you create through Active Directory Sites and Services. Each site object is associated with one or more subnet objects.

For information about creating sites, see To create a site.

For information about creating subnets, see To create a subnet.

For information about subnets, see “Introduction to TCP/IP” at the Microsoft Windows Resource

Assigning computers to sites

Computers are assigned to sites based on their Internet Protocol (IP) address and subnet mask. Site assignment is handled differently for clients and member servers than for domain controllers. For a client, site assignment is dynamically determined by its IP address and subnet mask during logon. For a domain controller, site membership is determined by the location of its associated server object in Active Directory. For more information, see “Active Directory Replication” at the Microsoft Windows Resource Kits Web site. (

Understanding sites and domains

In Active Directory, sites map the physical structure of your network, while domains map the logical or administrative structure of your organization. This separation of physical and logical structure provides the following benefits:

  • You can design and maintain the logical and physical structures of your network independently.
  • You do not have to base domain namespaces on your physical network.
  • You can deploy domain controllers for multiple domains within the same site. You can also deploy domain controllers for the same domain in multiple sites.


Enlarge figure



For more information about domains, see Domains.



Understanding relay agents

A relay agent is a small program that relays DHCP/BOOTP messages between clients and servers on different subnets. DHCP/BOOTP relay agents are part of the DHCP and BOOTP standards and function according to the Request for Comments (RFCs), standard documents that describe protocol design and related behavior.

Top of page

DHCP/BOOTP router support

In TCP/IP networking, routers are used to interconnect hardware and software used on different physical network segments called subnets and forward IP packets between each of the subnets. To support and use DHCP service across multiple subnets, routers connecting each subnet should comply with DHCP/BOOTP relay agent capabilities described in RFC 1542.

To be compliant with RFC 1542 and provide relay agent support, each router must be able to recognize BOOTP and DHCP protocol messages and process (relay) them appropriately. Because routers interpret DHCP messages as BOOTP messages (such as a UDP message sent through the same UDP port number and containing shared message structure), a router with BOOTP-relay agent capability typically relays DHCP packets and any BOOTP packets sent on the network.

If a router cannot function as a DHCP/BOOTP relay agent, each subnet must have either its own DHCP server or another computer that can function as a relay agent on that subnet. In cases where it is impractical or impossible to configure routers to support DHCP/BOOTP relay, you can configure a computer running Windows NT Server 4.0 or later to act as a relay agent by installing the DHCP Relay Agent service.

In most cases, routers support DHCP/BOOTP relay. If your routers do not, contact your router manufacturer or supplier to find out if a software or firmware upgrade is available to support this feature.

Top of page

How relay agents work

A relay agent relays DHCP/BOOTP messages that are broadcast on one of its connected physical interfaces, such as a network adapter, to other remote subnets to which it is connected by other physical interfaces. The following illustration shows how client C on Subnet 2 obtains a DHCP address lease from DHCP server 1 on Subnet 1.




DHCP client C broadcasts a DHCP/BOOTP discover message (DHCPDISCOVER) on Subnet 2, as a User Datagram Protocol (UDP) datagram using the well-known UDP server port of 67 (the port number reserved and shared for BOOTP and DHCP server communication).


The relay agent, in this case a DHCP/BOOTP relay-enabled router, examines the gateway IP address field in the DHCP/BOOTP message header. If the field has an IP address of, the agent fills it with the relay agent or router’s IP address and forwards the message to the remote Subnet 1 where the DHCP server is located.


When DHCP server 1 on remote Subnet 1 receives the message, it examines the gateway IP address field for a DHCP scope that can be used by the DHCP server to supply an IP address lease.


If DHCP server 1 has multiple DHCP scopes, the address in the gateway IP address field (GIADDR) identifies the DHCP scope from which to offer an IP address lease.

For example, if the gateway IP address (GIADDR) field has an IP address of, the DHCP server checks its available set of address scopes for a scope range of addresses that matches the class A IP network that includes the gateway address as a host. In this case, the DHCP server would make a check for a scope of addresses between and If a matching scope exists, the DHCP server selects an available address from the matched scope to use in an IP address lease offer response to the client.


When DHCP server 1 receives the DHCPDISCOVER message, it processes and sends an IP address lease offer (DHCPOFFER) directly to the relay agent identified in the gateway IP address (GIADDR) field.


The router then relays the address lease offer (DHCPOFFER) to the DHCP client.

The client IP address is still unknown, so it has to be broadcast on the local subnet. Similarly, a DHCPREQUEST message is relayed from client to server, and a DHCPACK message is relayed from server to client, according to RFC 1542.




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s