1

Low Level 1. Features of windows2003

New features for Active Directory in win2003

1. 2. 3. 4. 5. 6. 1. 2. 3. 4. 5. 6.

Multiple selections of user objects. Active Directory command-line tools. To add additional domain controllers using backup media Universal group membership caching. Secure LDAP traffic. Active Directory quotas

Forest-wide Active Directory features in win2k3

Domain controller rename tool Domain rename Forest trusts Forest restructuring GC replication improvements. Replication enhancements.
Updated features since Windows 2K3

1. Remote document sharing 2. Command-line support for disk management 3. GUID partition table, (64-bit versions only)
4. Shadow copies of shared folders

TCP/IP new features for Windows2003:

1. IGMP version 3 2. Automatic determination of the interface metric 3. IP version 6

2. Difference between NT & 2000

Nt4.0 1. Non plug & play 2. LAN manager protocol for authentication 3. User database stored in SAM file (40 mb) 4. PDC, BDC concept 5.Doesent support disk quotas 6. Backup can take on only tape 7.it is 32-bit application 8. Supports FAT 16, NTFS4.0 9. Doesnt support dynamic up date Protocol for hostname resolution 10. Single master replication win2000 pug & play Kerbros protocol for authentication ntdis.dit (un limited) DC & additional DC supports take any media 64-bit application FAT 16/32, NTFS5.0 does support Multi master replication

3. Difference between 2000 & 2003 4. Difference between PDC & BDC
Primary domain controller and Backup domain controller PDC: Maintains the domain security base and authenticate network logon

PDC maintains the master copy of the directory database and validates users.
BDC: Receives the domain security base and authenticate network logon.

BD contains a copy of the directory database and can validate users If the PDC fails then a BDC can be promoted to a PDC
What happens when PDC fails? PDC replicates the SAM database to the BDC s every five minutes. BDC can authenticate logon scripts, request for object access Benefits of BDCs: 1. A BDC can handle login requests, improving user response time. 2. If the PDC goes down BDC can be promoted to PDC and domain will be continue function 3. It is major pain in the neck to reinstall NT server on PDC If you have no BDC The NT Resource Kit utility called NETDOM.EXE, which can be used to not only join domains, but also create computer account and trust relationships PDC failed Sit on BDC and go to server mgr -- select BDC Go to comp menu Promote to BDC

5. Difference between DC & ADC

DC Domain is server on win 2k n/w that stores replica of AD database When AD installed on a Win2000 server computer, that computer becomes a domain controller. Domain controllers are used to authenticate users and control access to objects in the Windows domain. Domain controllers each contain a "replica" which is a copy of the domain directory.
Additional DC used for load balancing and fault tolerance purpose to install on more than one server in win 2k domain Child domain is sub domain of the main domain

6. What is DNS & WINS

DNS

1. Consists of set of specified naming rules to provide host name resolution is the process of computers user-friendly host name to the numerical IP address of that computer. 2. DNS hierarchical distributed database system and associated set of protocols. 3. Mechanism for querying and update database

3 4. Mechanism for replicating the information in the database among servers.

WINS is NET BIOS name resolution to ip address DNS is resolves to host name to IP address How can I compress my WINS database? NT Server utility called JETPACK.EXE which can be used to compact DHCP and WINS databases. Start a command prompt (cmd.exe) cd d:\winnt\system32\wins net stop WINS jetpack WINS.MDB TMP.MDB net start WINS While you stop the WINS service, clients using WINS to resolve addresses will fail unless another mechanism of name resolution is in place. Jetpack actually compacts WINS.MDB into TMP.MDB, then deletes WINS.MDB and copies TMP.MDB to WINS.MDB.
The DHCP database backs itself up automatically every 60 minutes to the %SystemRoot %\System32\Dhcp\Backup\Jet directory. This interval can be changed:

7. Types of DNS Servers

Primary, Secondary, Cache only, Forward, AD integrated
Standard primary DNS server

1. It maintains master copy of zone file when changes need to be made to the zone they should be made only on the standard primary. 2. It is to be authoritative for the zone. 3. It should have forward and reverse lookup zone.
Active directory integrated 1. It is just like standard primary servers, it stores DNS entries in the AD data store rather than in a zone file.

2. AD supports multi master replication there can be more than one AD integrated DNS server for a zone. 3. Changes need to be on any AD integrated DNS server. 4. These benefits are fault tolerance, security, and integrated replication.
Standard secondary

1. Stores copies of zones that it obtains form the standard primary, AD integrated primary, another standard secondary DNS server. 2. Process of copying zone from primary zone to is call zone transfer. 3. It uses forward lookup zone most type of queries, reverse lookup zone might not be needed 4. It is backup service and load balancing.

4 5. It is fail over if the primary server fails.

Cache only DNS server

1. It provides cached information to the client computer without contacting other DNS servers to resolve the query. 2. Its doesnt store any zone whatsoever. 3. Advantages are reduce the n/w traffic and no replication between primary and secondary and cache only servers
Forwarder

To perform host name resolution for other DNS server on a company internal n/w when the host name to be resolved reside in an external DNS domain. Two advantage of this Internal traffic is reduced. Internal zone information is protected form hackers on the internet.
Root server

The purpose of the root server to enable other DNS server on a n/w to access second level domains on the Internet or to access other second level domains on the internal n/w. Win 2k DNS server service supports the dynamic update protocols, means that client computers and update their host names and IP address with DNS server without administrator intervention. In win nt 4.0 administrator manually enter host names and their associated IP address for each computer on the network. Aging and scavenging It is win 2k feature and provides mechanism for performing cleanup and removal of stale resource records which can accumulate zone data. Zone is a storage database for either DNS domain or for a DNS domain and one or more of its sub domain. It is clear text file. It is not created by default, it is configure by administrator when DNS service installed.

8. If DHCP is not available what happens to the client

APIPA(Automated private IP address)

9. What are the different types of trust relationships

One way trust - When one domain allows access to users on another domain, but the other domain does not allow access to users on the first domain. Two way trust - When two domains allow access to users on the other domain.

5 Transitive trust - A trust which can extend beyond two domains to other trusted domains in the tree. Intransitive trust - A one way trust that does not extend beyond two domains. Explicit trust - A trust that an administrator creates. It is not transitive and is one way only. Cross-link trust - An explicit trust between domains in different trees or in the same tree when a descendent/ancestor (child/parent) relationship does not exist between the two domains. Trusting domain - The domain that allows access to users on another domain. Trusted domain - The domain that is trusted, whose users have access to the trusting domain.

10. What is the process of DHCP for getting the IP address to the client
New client follows four steps to obtain a new lease from the DHCP server: 1. The client must request an IP address from a DHCP server. 2. A DHCP server offers an IP address to the client. 3. The client selects the desired IP address and notifies the appropriate DHCP server. 4. The appropriate DHCP server responds to the client confirming the lease. These four steps are referred to as request, offer, selection, and acknowledgement. IP Request DHCP client starts broadcasts to obtain an IP address. This broadcast is a DHCPDISCOVER message for a DHCP server. The message contains the Media Access Control (MAC) address and the Net BIOS name of the client. The broadcast packet has the source address 0.0.0.0 and the destination address 255.255.255.255. If the client does not receive a response from a DHCP server, it immediately retries four times. The interval of the retries is 2, 4, 8, and 16 seconds. If after the four attempts the server still does not respond, the client continues to broadcast at intervals of five minutes. IP Offer When the DHCP server receive the request for an IP address, they return an offer message, DHCPOFFER packet contains the following information: 1. DHCP MAC address 2. DHCP IP address 3. Offered IP address 4. Sub net mask of offered IP address 5. Lease time 6. Client MAC address

6 IP Selection Select the desired IP address and notifies the appropriate DHCP server IP Acknowledgement Acknowledgement contains original IP information as well as additional DHCP option. DHCP server reserves the IP address for the client lease is valid until it expires. Windows Server 2003DHCP new features: 1. 2. 3. 4. 5. 6. 7. 8. 9. DHCP client alternate configuration DHCP database backup and restore Automatic assignment of IP addresses Enhanced performance monitoring and server reporting capabilities Expanded scope support for multicast scopes and super scopes Support for user-specified and vendor-specified option classes Integration of DHCP with DNS Detection of unauthorized DHCP servers through the use of AD integration Dynamic support for BOOTP clients.

11.
FAT 1 2 3 4 5 NTFS

Difference between FAT, NTFS & NTFSVersion5

FAT is nothing but File allocation table It is FAT 16 OR FAT 32 FAT 16 supports maximum of 2 gb FAT 32 supports maximum of 32 gb It doesnt support file compression, files and folder lever security

1 NTFS is nothing but new technology file system 2 It support file compression, files and folder lever security 3 Naming convention and speed access file 4 It has ACL for user and group SID 6 It is binary tree to locate files 7 No need run ckh.disk 8 Where in NTFS 5.0 supports in win 2000 9 Supports DFS,EFS, disk quotas Convert c:\ data /fs : ntfs /v

12.
PORT FTP TFTP HTTP HTTPS SQL

What are the port numbers for FTP, Telnet, HTTP,DNS FTP 21 HTTP 80 DNS 53
NUM 21 69 80 443 156 PORT TELNET POP3 IMAP 4 NNTP SMTP NUM 23 110 143 119 25 DHCP RIS PORT RDP LDAP DNS 67 180 NUM 389 3389 53

7 SSL UDP KERBROS 443 138 88 SNMP BOOTP DFS 161 68 445 CLUSTER 3343 Global Catalog3268 SQL 156

13.

What are the different types of profiles in 2000

3 types of profiles Local profile This profile to be stored on to that computer automatically It will retain desktop settings for each user from session to session in local profile Roaming profile These profiles are on server rather than local computer It will retain desktop settings for each user from session to session in local profile and roaming profile Mandatory user profile User cannot change this profile It can be changed during single logon session but change not saved to the mandatory user profile when user logs of It will not retain desktop settings for each user from session to session in mandatory profile

14.

What is the database files used for Active Directory

Ntds.dit directory database --- Objects and schema information will be stored It can be moved and located in windows\NTDS folder Edb.log --- transaction log files for NTDS Edb.chk --- Checkpoint file Res1.log, res2.log --- reserved files for disk space utilization Log files are stored in winnt\NTDS\log

15. 16. 17. 18. 19.

What is the location of AD Database

System root \ NTDS folder

What is the authentication protocol used in NT

LAN manager protocol In windows 2000 it is available in mixed mode When in native mode its disabled

What is sub netting and super netting What is the use of terminal services What is the protocol used for terminal services

8
RDP protocol

20.

What is the port number for RDP

3389

Medium Level 1. What is the difference between Authorized DHCP and Non Authorized DHCP 2. Difference between intersite and intrasite replication
Intra site replication 1. With in a single site consists of one or more TCP/IP subnets that are specified by an administrator are connected by high-speed reliable link. 2. Win 2k by default automatically performs the intra site replication 3. And user RPC over IP protocol 4. It is uncompress format and fast replication. 5. KCC builds the replication topology.
Inter site replication

1. It is not automatically performed replication. 2. It takes place between DC in deferent sites that are typically separated by WAN links. 3. And administrator schedules it. 4. It is normally slower than intra site replication 5. Replication is sent in a compress format to save n/w bandwidth. 6. Two protocols are used RPC over IP and SMTP 7. And this replication topology is controlled b setting for the cost of each link.
AD replications 3 types

1) Inter site replication 2) Intra site replication

3 ) Replication partition

Replication Replication is the process of coping information updates from the Active directory data store on one domain controller to other domain controller. The purpose of the replication to synchronize Active directory data among the domain controller in the domain and forest.

1. Replication of Active directory is usually partial means only changes, not a complete copy of Active directory data store are copied. 2. Win 2k automatically performs the replication in Win 2K domain or forest that are with in a single site. 3. Multi master replication changes can be made on any domain, no onedomain controller controls change made to AD or AD replication. 4. AD said to be multi master replication, NT 4.0 is single master replication

9 5. AD uses update sequence numbers (USN) along with time stamps. 6. By default replication to be performed every 30-secs after the time data is never pushed from one DC to another, It is always pulled.

3. How to monitor replication

AD replication monitor use replmon and System monitor AD replication monitor not install by default by using win 2k support tools from wins 2k CD

4. Brief explanation of RAID Levels

Simple volume Consists of formatted disk space on single drive, It provides no fault tolerance , No speed gain and speed loss because it is bench mark type. Spanned volume 1. Consists of formatted free disk space on more than one HDD that is treated as single volume. 2. No need to be identical size and it can be format with FAT 16/32 or NTFS 3. System partition cant be extended 4. It doesnt perform fault tolerance and no speed loss and speed gain.
Stripped volume (RAID 0)

1. Consists of identical sized areas of formatting disk space located on two or more dynamic disks. 2. And treated as a single volume 3. Data is stored a block at a time evenly and sequentially among all of the disks. 4. No provide fault tolerance. 5. It provides faster disk access than any other types of volumes because single file will be stored across multiple disks. 6. It can be format with FAT 16/32 or NTFS. RAID 5 Volumes 1. Consists of identical sized areas of formatting disk space located on three or more dynamic disks. 2. And treated as a single volume. 3. Data is stored a block at a time evenly and sequentially among all of the disks and addition data parity information also written across all of the disks. 4. It provides fault tolerance. 5. Write performance is little slower because of the processor time required to generate the parity information. 6. It can be format with FAT 16/32 or NTFS. 7. It doesnt support in Win 2k professional AND capacity of disk space is calculated x-1/x Mirrored volume (RAID 1) 1. Consists of exactly duplicated in its entirety on to second dynamic disk by using single drive letter.

10 2. It provides high-level fault tolerance. 3. There is no speed loss and speed gain and can be formatted with FAT 16/32 or NTFS.

5. What are the different backup strategies are available

Perform normal backup everyday Perform weekly normal backup and daily differential backup Perform weekly normal backup and daily incremental backup

6. What is a global catalog

Global catalog 1. It is master searchable database that contains information about every object in every domain in forest. 2. GC contains complete replication off all objects in AD for its host domain. 3. And it contains Partial replication off all objects in AD for every other domain in the forest. 4. GC performs two functions Group membership information during logon and authentication It helps user locate resources in AD. 5. By default first DC established in a domain server as GC server, and by default only one GC server in each domain.
Configure a server as a Global Catalog Active Directory Sites and Services Manager. \ Select the sites branch. \ Right click on "NTDS Settings" and choose Properties \ Check or uncheck the "Global Catalog Box" Seizing operation master roles when a domain controller performs an operation master role fails you never bring this server back online. You should reassign the operation master role this domain controller performed to another domain controller. These processes call seizing operation master roles.

7. What is Active Directory and what is the use of it

Active directory is directory service in win 2k It is centralized hierarchal database system It contains information about various types of n/w objects includes printers, shared folders, users, groups, computers The AD USE To provide user log in and authentication services To enable administrator to organize and manage user accounts, groups and n/w resources To enable authorized users to easily locate n/w resources It is searchable database

8. What is the physical and logical structure of AD

Logical structure 5 types Domain OU Physical structure 2 types DC Site Tree Forest GC

11

9. What is the process of user authentication in windows 2000

Process of logging on 1. CTR+ALT+DEL is pressed name and password entered and local or domain logon is indicated. 2. If the logon is local, the name and password are checked against the local database. If the logon is domain logon, the name and password are encrypted. This information is sent to the Win 2000 domain controller with an authentication 3. The domain controller decrypts the information and checks for valid timestamp. If the timestamp is valid , two Kerberos tickets are made and encrypted with the password. The ticket are sent back to the client computer. The tickets are User session key Used to logon User ticket key _ Used to get other kerberos tickets for accessing other domain resources 4. The client decrypts the ticket and uses the session key to logon Authentication when Accessing an object 5. The user tries to access the network object. 6. The user ticket, user name, name of the object to access and timestamp are sent with a Kerberos ticket granting service request to the domain controller. 7. The DC decrypts the information and checks the timestamp and returns the key to the local client 8. The client sends a request for the resource with the session key to the server that has the resource. 9. The receiving server decrypts the session key and checks the information against its ACL for the object being requested.

10. 11.

What is the port number of Kerberos and LDAP

Kerberos 88 and LDAP 389

What is the use of LDAP

It is lightweight directory access protocol To perform replication It is Internet communication protocol for TCP/IP network It is used to query and update the active directory information LDAP is actually the mechanism used to communicate with the Active Directory and performs basic read, write, and modify operations.

12. What are the problems that are generally come across DHCP
Unable to lease address from DHCP server Unable to renew lease address

12
Troubleshoot Verify the DHCP service started DHCP service has been authorized in AD Verifies the DHCP scope exists on the DHCP server Verifies the DHCP scope is active If scope con not be used to assign IP address until is activated Physical connection to the n/w means n/w card, cable, and hub

13. 14. 15.

What is the role responsible for time synchronization What is TTL & how to set TTL time in DNS How to take DNS and WINS Backup

DHCP files are stored in "SystemRoot\System32\Dhcp". DHCP Database files:

1. 2. 3. 4.

DCHP.MDB - The main database DHCP.TMP - Temporary DHCP storage. JET*.LOG - Transaction logs used to recover data. SYSTEM.MDB - USed to track the structure of the DHCP database.

Netsh for DHCP offer a command-line tool administration of DHCP servers At the netsh> type dhcp. At the dhcp> command prompt, type: server \\ServerName

16. 17.

What is recovery console What is DFS & its usage

DFS System administrators can make it easy for users to access and manage files that are physically distributed across a network. You can make files distributed across multiple servers appear to users as if they reside in one place on the network. Users no longer need to know and specify the actual physical location of files in order to access them.
Distributed File System features:

1. Server load balancing

2. File folder and folder security

3. Availability 4. Easy access to files

13 DFS Components DFS root - Shared directory contain other Shared directories, Files, DFS links, and other DFS roots. One root is allowed per server.
o

DFS link - A link from a DFS root to one or more shared files, another DFS root, or a domain-based volume There can be up to 1000 DFS links for a DFS root.

DFS path : The combination of a Dfs root and a Dfs link. An example of a Dfs path is \\server\dfs\a\b\c\link, where \\server\dfs is the Dfs root, and \a\b\c\ is the Dfs link. DFS replication : The process of copying data from a data store or file system to multiple computers to synchronize the data.

18.

What is RIS and what are its requirements

RIS is used in win 2000 professional not win2k server Requirements are DHCP DNS Active directory RIS Service It is available in add remove programs\win components\RIS service It must be authorized in AD 2 types of setups RIS setup normal installation RIS Prep with answer file installation RIS boot disk for client computer n/w adapter have PXE ROM (Pre boot execute environment) RBFG.EXE it is located i386\rbfg.exe

19.

How many root replicas can be created in DFS

Links are automatically replicated. There may be up to 31 replicas.

20. What is the difference between Domain DFS and Standalone DFS
o

Stand alone DFS root - Not published in Active Directory, cannot be replicated, and can be on any Windows 2000 Server. This provides no fault tolerance with the DFS topology stored on one computer. A DFS can be accessed using the following syntax: \\Server\DFSname

Domain DFS root - It is published in Active Directory, can be replicated, and can be on any Windows 2000 Server. Files and directories must be manually replicated to other servers or Windows 2000 must be configured to replicate files and directories. Configure the domain DFS root, then the replicas when configuring automatic replication. Domain DFS root directories can be accessed using the following syntax:

14 \\domain\DFSname

High Level 1. Can we establish trust relationship between two forests 2. What is FSMO Roles
FSMO roles : AD supports multi master replication of the data store between all DC in the domain. Only one DC called Operation master. Operation master roles can be moved to other DC or Forest, these roles are FSMO PDC, RID, Infrastructure masters are Domain wide operation masters. Domain naming master, Schema master are Forest wide operation masters.

3. Brief all the FSMO Roles

PDC emulator : In mixed mode: Acts the PDC for down level BDCs operation. In native mode: 1. I t is the first to receive replication and logon requestfrom the other DCs. 2. I t will get password changes faster. 3. Authentication request 4. SAM replication request 5. Domain master browsing request 6. Focus of Group policy So there can only be one of these per domain. RID master: Administers allocation of RID sequences of the SID. So there can only be one of these per domain. Infrastructure master : Administers additions or changes in user/group mapping. So there can only be one of these per domain. Domain naming master : Administers additions or removal of domains in forest or cross to external directory services such as EXCHANG or NOVELL. So there can only be one of these per forest. Schema operation master : Administers schema updates and changes with in its own forest. So there can only be one of these per forest.

4. How to manually configure FSMO Roles to separate DCs

15

5. What is the difference between authoritative and nonauthoritative restore

No authoritative restore mode. Active Directory objects will have their original update sequence number. The Active Directory replication system uses this number to detect and propagate Active Directory changes among the servers in your organization. Because of this, any data that is restored no authoritatively will appear to the Active Directory replication system as though it is old, which means the data will never get replicated to your other servers. Instead, if newer data is available from your other servers, the Active Directory replication system will use this to update the restored data. To replicate the restored data to the other servers, you must use an authoritative restore. Authoritative restore To authoritatively restore Active Directory data, you need to run the Ntdsutil utility after you have restored the System State data but before you restart the server. When an object is marked for authoritative restore its update sequence number is changed so that it is higher than any other update sequence number in the Active Directory replication system. This will ensure that any replicated or distributed data that you restore is properly replicated or distributed throughout your organization.

6. What is Active Directory Defragmentation?

Windows 2000 running Directory services (DS s) performs a directory online defragmentation every 12 hours by default as part of the garbage collection process. This defragmentation only moves data around the database file (ntds.dit ) and doesnt reduce the file size.

7. Difference between online and offline Defragmentation?

On line defragmentation makes space available, but does not reduce the size of the database file. Only offline defragmentation provides you with clear picture of the amount of space consumed by the database file.

8. What is tombstone period Tomb stone objects have quotas. When security principle deletes objects windows creates tombstone object for a designated period of time by default 60 days before purging the tombstone from the system. These tombstone objects count towards the security principle quota
A. Because of the complex replication available in Windows 2000 and the Active Directory just deleting an object would result in it potentially being recreated at the next replication interval and so deleted objects are 'Tombstone' instead. This basically marks them as deleted and applies to all objects. Objects marked as tombstoned are actually deleted 60 days after their original tombstone status setting, however this time can be changed by modifying tombstonelifetime

16

9. What is white space and Garbage collection During ordinary operation the white space in the AD database file becomes fragmented. Each time GB collection runs every 12 hours by default, white space automatically defragmenter online to optimize with in the database file. If the size of the database backup is increased due to the white space , use off line defragmentation to reduce the size of the Ntds.dit file.
Active Directory performs garbage collection. Deleted AD objects are tagged with a tombstone rather than being immediately removed. The Tombstone lifetime attribute by default of 60 days defines how long the tombstone object will remain in the database until it is deleted.

Garbage collection process uses online defragmentation and this process cannot reduce the size of the database file. Must take the DC offline and use the ntdsutil command-line utility to perform an offline defragmentation and return the space to the file system. Use ADSIEdit to change the garbage collection period.

10. What are the monitoring tools used for Server and Network Heath. How to define alert mechanism 11. How to deploy the patches and what are the software used for this process
Patches can be deployed using MBSA ( Microsoft base line security analyzer) or SUS
Software Update Services - SUS

1. SUS (Software Update Services) for your Windows 2003 Domain. The SUS program is free from Microsoft 2. You can update service and copies down all the patches, security updates and hotfixes. If you have the time you can test then 'Approve' the patches for your XP clients. When time is short you can omit the approval stage or just give the patches a quick look. What SUS does is removes the need for clients to individually connect to Microsoft's site every time there is a new hotfix. Thus saving network traffic and reducing user error. As a bonus you can create a Group Policy to control who gets what and when. For example, apply patches to XP computers in Accounts OU at 02:00hrs.

17
3 Elements of SUS

1. SUS itself, the service which runs on the Windows 2003 (Member) server 2. AU which runs on the clients. 3. Group policy which regulates which clients get which patches. What SUS does is work with Intellimirror and Group Policy to support XP clients.
Installing SUS

Server Side 1) Download the SUS product as a .msi from Microsoft (No worries it's free) 2) Make sure that your server is running at least IIS v 5.0 3) Run the installation Wizard 4) On the server, you need at least 500MB disk space per locale. How to Install AU clients Apply SP1 on XP or SP3 on Windows 2000 Pro - that's all you need to do on the client side. The rest of the install is handled by Group Policy.
WSUS

WSUS (Windows Update Service) will enable you to update Office, SQL Server, and other Microsoft products. SUS on the other hand neither supports Windows 9x nor does it support Microsoft Office. Watch out for WUS, currently in beta testing. To download SUS from Microsoft's site, install, test and then approve the updates and to control SUS via Group Policy.

12.

What is Clustering? Briefly define it

Cluster : Group of computers that from client and application point of view appear as a single domain. It is implemented on 2-32 win 2k server computers Tow impartant futures: High availability If a computer is the cluster that is running a critical application fails another computer in the cluster will automatically starts the application and user will be seamlessly directed to the computer takes over running the application. Load balancing Spreading utilization across multiple computers, if a web server experience more utilization that single computer users will be seamlessly directed to the computer with lowest utilization.

13.
1. 2. 3. 4. 5.

How to configure SNMP

To configure SNMP agent information Click start \ control panel \administrative tools \computer management In the console tree expand services and applications\ services \ right click SNMP service Click agent tab Type the user or administrator of the computer in the contact box Under services select service options are physical or application

18

14. 15.

Is it possible to rename the Domain What is SOA Record

Start of authority (SOA) resource record indicates the name of origin for the zone and contains the name of the server that is the primary source for information about the zone. It also indicates other basic properties of the zone. Name server (NS) resource record is used DNS servers are designated as authoritative for the zone. By listing a server in the NS RR, it becomes known to others as an authoritative server for the zone. This means that any server specified in the NS RR is to be considered an authoritative source by others, and is able to answer with certainty any queries made for names included in the zone. By default, the DNS server will only allow a zone transfer to authoritative DNS servers listed in the name server (NS) resource records for the zone Conditional forwarder Configures the DNS server to forward a query it receives to a DNS server depending on the DNS name contained in the query.

16.

What is a Stub zone and what is the use of it.

A stub zone is a copy of a zone that contains only those resource records necessary to identify the authoritative (DNS) servers for that zone. A stub zone is used to keep a DNS server hosting a parent zone aware of the authoritative DNS servers for its child zone and thereby maintain DNS name resolution efficiency.

Stub zone Keeps the DNS server hosting a parent zone aware of all the DNS servers authoritative for a child zone
A stub zone consists of:

1. The start of authority (SOA) resource record, name server (NS) resource records, and the glue
A resource records for the delegated zone. 2. The IP address of one or more master servers that can be used to update the stub zone. Use stub zones to: 1. Keep delegated zone information current 2. Improve name resolution 3. Simplify DNS administration.

17.

What are the different types of partitions present in AD

Replication partitions Four types

Schema partition defines how objects are crated with in the forest.

It is replicated to all domain controllers in the forest.

19 Conflagration partition Contains information about structure of AD for the entire forest including structure of domain, trees, forest, sites, trustee relation ships with in the forest. And it is replicated to all domain controllers in the forest. Domain partition Contains replicated only to the domain controller with this domain. Application partition Data will be part of AD data store only

18. 19.

What are the two services required for replication Can we use a linux DNS Sever in 2000 Domain

20. What is the difference between IIS Version 5 and IIS Version 6
A. IPv6 is the next verions of the Internet Protocol, version 6.0 hence IPv6. Below are the 4 main reasons that IP version 4.0 needs an upgrade:
o o o o

Address space limitation - Basically there are not many IP addresses left and with everything from watches having IP addresses we need more Performance - IP has a very strict header format which can waste a great deal of bandwidth Security - The next version of IP has excellent security measures which up to now have had to be handled by higher layers Autoconfigure - IP configuration is quite complex and which DHCP moves to improve this the next version allows a computer to just plug into the network and go

Current IP addresses consist of 32 bits, represented as 4 bytes, dotted-quad format, e.g. 200.200.200.202. IP version 6 uses 128 bits for addresses!

21.

What is ASR and how to implement it

Automated System Recovery (ASR) It is win 2003 server replacement for NT 4.0 s RDISK. All registry configuration settings can be saved and later restored ASR disk has to be updated manually

20 You can create ASR sets on a regular basis as part of system recovery in case of system failure. Use ASR as a last resort in system recovery, options such as the startup options Safe Mode and Last Known Good Configuration. ASR is a recovery option that has two parts: ASR backup and ASR restore. You can access the backup portion through the Automated System Recovery Preparation Wizard located in Backup. The Automated System Recovery Preparation Wizard backs up the System State System State You can access the restore part of ASR by pressing F2 when prompted Using All information on this computer in the simple wizard also creates an ASR floppy disk and an ASR set. ASR supports FAT16 volumes up to 2.1 GB only. ASR does not support 4 GB FAT16 partitions that use a cluster size of 64K. If your system contains 4-GB FAT16 partitions, convert them from FAT16 to NTFS before using ASR.
How can I change the Recovery Console administrator password on a domain controller

A. When you use the Recovery Console (RC), the system uses the account passwords in the local SAM file. But if a system is a domain controller (DC), it doesn't use the local SAM file, so changing the Administrator password changes the Active Directory (AD) account and not the local SAM password. To modify the SAM password, perform the following steps: 4. Shut down the DC on which you want to change the password. 5. Restart the computer. When the system displays the selection menu during the restart process, press F8 to view advanced startup options. 6. Select Directory Service Restore Mode. 7. After you successfully log on, to change the local Administrator password, at a command prompt, type the following command:
net user administrator *

8. Restart the computer. If you don't know the password, you can demote the DC to a regular server, change the password, then promote the system to a DC. You can also copy the SAM in the %SystemRoot%\Repair folder to the %SystemRoot%\System32\Config folder. .

22. What are the different levels that we can apply Group Policy
Site level , domain level , OU level

23. What is Domain Policy, Domain controller policy, Local policy and Group policy

21

24.

What is the use of SYSVOL folder

SYS VOL folder contains data and files common between DC and AD. SYSVOL is included in the system state backup. The win 2003 SYSVOL is collection of folders and repairs point in the file systems that exist on each domain controller in a domain. SYSVOL provides standard location to store important elements of Group policy objects (GPO) and scripts so that the File replication system (FRS) can distribute them to other domain controllers within that domain

25.

What is folder redirection?

It is specific folder in user profile to be redirected to different location such as shared folder on a n/w server It is no longer stored on the local computer It is stored on n/w server And in contains application data, desk top, my documents, my pictures and start menu