1. 2. 3. 4. 5.

6. 7.

8.

9.

10. 11. 12. 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16.

What are the required components of Windows Server 2003 for installing Exchange 2003? - ASP.NET, SMTP, NNTP, W3SVC What must be done to an AD forest before Exchange can be deployed? - Setup /forestprep What Exchange process is responsible for communication with AD? - DSACCESS What 3 types of domain controller does Exchange access? - Normal Domain Controller, Global Catalog, Configuration Domain Controller What connector type would you use to connect to the Internet, and what are the two methods of sending mail over that connector? - SMTP Connector: Forward to smart host or use DNS to route to each address How would you optimise Exchange 2003 memory usage on a Windows Server 2003 server with more than 1Gb of memory? - Add /3Gb switch to boot.ini What would a rise in remote queue length generally indicate? - This means mail is not being sent to other servers. This can be explained by outages or performance issues with the network or remote servers. What would a rise in the Local Delivery queue generally mean? - This indicates a performance issue or outage on the local server. Reasons could be slowness in consulting AD, slowness in handing messages off to local delivery or SMTP delivery. It could also be databases being dismounted or a lack of disk space. What are the standard port numbers for SMTP, POP3, IMAP4, RPC, LDAP and Global Catalog? - SMTP 25, POP3 110, IMAP4 143, RPC 135, LDAP 389, Global Catalog - 3268 Name the process names for the following: System Attendant? MAD.EXE, Information Store STORE.EXE, SMTP/POP/IMAP/OWA INETINFO.EXE What is the maximum amount of databases that can be hosted on Exchange 2003 Enterprise? - 20 databases. 4 SGs x 5 DBs. What are the disadvantages of circular logging? - In the event of a corrupt database, data can only be restored to the last backup. What is Active Directory schema? What are the domain functional level in Windows Server 2003? What are the forest functional level in Windows Server 2003? What is global catalog server? How we can raise domain functional & forest functional level in Windows Server 2003? Which is the deafult protocol used in directory services? What is IPv6? What is the default domain functional level in Windows Server 2003? What are the physical & logical components of ADS In which domain functional level, we can rename domain name? What is multimaster replication? What is a site? Which is the command used to remove active directory from a domain controler? How we can create console, which contain schema? What is trust? What is the file thats responsible for keep all Active Directory database?
Top of Form Bottom of Form

42 Comments so far
1.

Aneesh said,
The Active Directory schema contains formal definitions of every object class that can be created in an Active Directory forest it also contains formal definitions of every attribute that can exist in an Active Directory object.Active Directory stores and retrieves information from a wide variety of applications and services. So that it can store and replicate data from a potentially infinite variety of sources, Active Directory standardizes how data is stored in the directory. By standardizing how data is stored, the directory service can retrieve, update, and replicate data while ensuring that the integrity of the data is maintained.

2.

kiran said,
1) Schema master is a set of rules which is used to define the struture of active directory. It contains definitions of all the objects which are stored in AD. It maintains information and detail information of objects. 2) If there are many organisational units and to implement policy on all OU we use Domain level policy. 3) 4) Global Catalog Server maintains full information about its own domain and partial information about other domains. It is a forest wide role. 12) Sites: one or more well-connected highly reliable and fast TCP/IP subnets. A site allows administrator to configure active directory access and replication topology to take advantage of the physical network. 13) dcpromo to add/remove active directory but first ADC should be removed before DC if we want to remove DC first then check this server is last domain controller in domain. 16) I think the answer for this is schema master.

3.

Pinkesh said,
Can you explain us briefly Archeitecture of Windows 2000/2003?

4.

Pinkesh said,
What are main differences in Windows NT and Windows 2000 Archeitecture ?

5.

Muniraj said,
HI I was just googling for Interview FAQs i got this URL as first choice it is really dream come true situation for me because readily all possible questions and answers are given. Please send me if u have any FAQ on Exchnage Related. Thanx and regards Muniraj

6.

shaik said,

HI I was just googling for Interview FAQs i got this URL as first choice it is really dream come true situation for me because readily all possible questions and answers are given. Please send me if u have any FAQ on Exchnage Related. Thanx and regards shaik
7.

SUVENDU said,
4.What is global catalog server? A global catalog server is a domain controller it is a master searchable database that contains information about every object in every domain in a forest. The global catalog contains a complete replica of all objects in Active Directory for its host domain, and contains a partial replica of all objects in Active Directory for every other domain in the forest. It have two important functions: i)Provides group membership information during logon and authentication ii)Helps users locate resources in Active Directory

8.

SUVENDU said,
4.What is global catalog server? A global catalog server is a domain controller it is a master searchable database that contains information about every object in every domain in a forest. The global catalog contains a complete replica of all objects in Active Directory for its host domain, and contains a partial replica of all objects in Active Directory for every other domain in the forest. It have two important functions: i)Provides group membership information during logon and authentication ii)Helps users locate resources in Active Directory

9.

SUVENDU said,
13 Which is the command used to remove active directory from a domain controler? ANS DCPROMO in command prompt

10.

SUVENDU said,
10. In which domain functional level, we can rename domain name? All domain controllers must be running Windows Server 2003, and the Active Directory functional level must be at the Windows Server 2003. Yes u can rename the domain in windows server 2003

11.

irfan said,
User(s) are complaining of delays when using the network. What would you do?

12.

shaik said,
hi

15.NTDS.DIT 14. we have to open the register to see the schema master fsmo role regser 32 schmamgmt. 9.Physical computers,sites,dc Logical user,o.us, etc. 6.Light wait directory Access Protocal (ldap) 5. What ever changes done in D.c(domain Controlers) will effect at A.D we can call it as multimaster .
13.

Kumar Ken said,

Hi 15. To allow users in one domain to access resources in another, AD uses trust. Trust is automatically produced when domains are created. The forest sets the default boundaries of trust, not the domain, and implicit trust is automatic. As well as two-way transitive trust, AD trusts can be shortcut (joins two domains in different trees, transitive, one- or twoway), forest (transitive, one- or two-way), realm (transitive or nontransitive, one- or twoway), or external (nontransitive, one- or two-way) in order to connect to other forests or non-AD domains. AD uses the Kerberos V5 protocol, although NTLM is also supported and web clients use SSL/TLS. 11.Multi-master replication is a method of replication employed by databases to transfer data or changes to data across multiple computers within a group. Multi-master replication can be contrasted with a master-slave method (also known as single-master replication). 7.Internet Protocol version 6 (IPv6) is a network layer IP standard used by electronic devices to exchange data across a packet-switched internetwork. It follows IPv4 as the second version of the Internet Protocol to be formally adopted for general use.

14.

hongsinh said,
What are the domain functional level in Windows Server 2003?

15.

Sarith said,
Please check this link :) this will help you h**p://technet2.microsoft.com/WindowsServer/en/library/b3674c9b-fab9-4c1e-a8f67871264712711033.mspx?mfr=true

16.

Naresh Nimmagadda said,

ip v6 it ia a 128 bit size address here we can see total 8 ocatates each octate size is 16 bits superated with : it is in hexa decimal formate these 3 types 1.unicast address 2.multicast address 3.anycast address loopback address of ip v6 is ::1

17.

Ramanand said,

What is mean by dns,dhcp.? what is maen different between hub and switch ? what is meam by brodcast id? what is mean by loop back id? what is mean by schema ? what is mean by master searchable directory
18.

Srikanth said,
10. In which domain functional level, we can rename domain name? The System Properties dialog box can also be used to rename a domain controller, and it does not require the functional level to be raised to Windows Server 2003.

19.

Renga Raju said,

1.What is Rsop ? Resultant set of policy is provid to make policy modification and trouble shooting easier. Rsop is the query object it has two mode 1.logging mode: Polls existing policies and the reports the result of the query. 2.Planning mode: The questins ask about the planned policy and the report the result of the quer. 2.What is the concept for authoritative and nonauthoritative restoration? 1. Non-authoriative restore: which accept the entries from other domain controller after the restoed data. 2.Authoritative: Not accept the entries from other domain controller. 3.What is the ntds.tit file default size? 40 mb

20.

niraj said,
13 Which is the command used to remove active directory from a domain controler? ANS i think DCPROMO in command prompt . 11.What is multimaster replication? Ans. It is also known as single-master replication. Multi-master replication is a method of replication employed by databases to transfer data or changes to data across multiple computers within a group. Multi-master replication can be contrasted with a master-slave method.

21.

Sachin said,
What is Multimaster replication? In addition to storing primary zone information in Dns we can also store it in active directory as active directory object.This integrates Dns with active directory in order to take advantage of active directory features The benefits are 1 zone can be modified from any domain controller within the domain and this information is automatically updated or replicated to all the other domain controllers along with the active directory replication.This replication is said to be multimaster replication. 2.We no longer face the standard dns server drawbacks.

In standard dns server only the primary server can modify the zone and then replicate the changes to other domain controllers(It was in windows NT4 before). But when Dns gets integrated with AD .Zone can be modified and replicated from any domain controller. 3.Fault tolerance 4.Security You can prevent access to any updates to zone or individual record preventing insecure dynamic updates.
22.

Unnikrishnan said,
13 Which is the command used to remove active directory from a domain controler? ANS : DCPROMO

23.

Unnikrishnan said,
11 What is multimaster replication? The two technologies in DFS are as follows: DFS Replication. New state-based, multimaster replication engine that is optimized for WAN environments. DFS Replication supports replication scheduling, bandwidth throttling, and a new byte-level compression algorithm known as remote differential compression (RDC). DFS Namespaces. Technology that helps administrators group shared folders located on different servers and present them to users as a virtual tree of folders known as a namespace. DFS Namespaces was formerly known as Distributed File System in Windows 2000 Server and Windows Server 2003.

24.

pavan said,
hi 1)What is system boot process in windows and linux. 2)how the hardware interact with OS. 3)what is paging. Thanks

25.

Salman MW said,
8. The default domain functional level in Windows Server 2003 is Windows 2000 Mixed 10. We can rename domain name in Windows Server 2003 functional level

26.

William Wood said,

16. NTDS.dit

27.

jagjit singh said,

for removing active directory the command line is dcpromo /forceremoval

28.

Sanjay Patel said,

Removing Active Directory: 1. If we want to remove Active Directory then we will use command DCPROMO 2. If some one deleted parent domain and we want to remove from child domain then we will use command DCPROMO /FORCEREMOVAL Note: - we should not remove parent domain first. we should start from bottom means child domain and after that its parent and so on.
29.

Sanjay Patel said,

1. DNS(Domain Name Service): Its mainly used to resolve from host name(FQDN-Fully Qualified Domain Name) to IP address and IP address to host name.DNS mainly used in Internet. DNS devide in form of hierarchical. 2. DHCP(Dynamic Host Configuration Protocol): DHCP use for provide IP address dnamically to client machine. If that client not able to find DHCP server then client machine will go for APIPA(We have range for APIPA which is 169.254.0.1-169.254.255.254). 3. HUB and SWITCH: Switch is expencive than hub. If more then one user try to send packet at a time collision will occure but in switch we can send. Switch is full duplex. Maximum bandwidth is 100 Mhz and that bandwidth is shared by all of the PCs connected to the hub. Data can be sent in both directions simultaneously, the maximum available bandwidth is 200 Mbps, 100 Mbps each way, and there are no other PCs with which the bandwidth must be shared.

30.

Sanjay Patel said,

3. HUB and SWITCH: Switch is expencive than hub. If more then one user try to send packet at a time collision will occure but in switch we can send. Switch is full duplex. In hub Maximum bandwidth is 100 Mhz and that bandwidth is shared by all of the PCs connected to the hub. In switch data can be sent in both directions simultaneously, the maximum available bandwidth is 200 Mbps, 100 Mbps each way, and there are no other PCs with which the bandwidth must be shared.

31.

Zahed said,
Hi, 1.What is differnece between router and routing? 2.What is dynamic routing and Static routing?

32.

Sanjay Patel said,

1. Difference between Router and Routing: Router: Router is a device which is used to connect different network. A device or setup that finds the best route between any two networks, even if there are several networks to traverse. Like bridges, remote sites can be connected using routers over dedicated or switched lines to create WANs. Routing: Process of delivering a message across one or more networks via the most appropriate path. 2. Dynamic Routing and Static Routing: Dynamic routing performs the same function as static routing except it is more robust. Static routing allows routing tables in specific routers to be set up in a static manner so network routes for packets are set. If a router on the route goes down the destination may become unreachable. Dynamic routing allows routing tables in routers to change as the possible routes change. There are several protocols used to support dynamic routing including RIP and OSPF
33.

william wood said,

The schema is the component of the Active Directory directory service that defines all the objects and attributes that the directory service uses to store data. You can combine some objects in the schema to create more-complex definitions if objects of greater complexity are required. You can also add new definitions to the schema to support new types of objects in the directory.

34.

Zahed said,
Hi, i want to know to total process to migrate from Windows NT server to Windows 2000 server. What are all the process will done when we start server tell me briefly which file work for which process. Thnaks warm Regards, Zahed.

35.

om said,
The schema is the component of the Active Directory directory service that defines all the objects and attributes that the directory service uses to store data. You can combine some objects in the schema to create more-complex definitions if objects of greater complexity are required. You can also add new definitions to the schema to support new types of objects in the directory.

36.

omraj said,
Dynamic routing performs the same function as static routing except it is more robust. Static routing allows routing tables in specific routers to be set up in a static manner so network routes for packets are set. If a router on the route goes down the destination may

become unreachable. Dynamic routing allows routing tables in routers to change as the possible routes change. There are several protocols used to support dynamic routing including RIP and OSPF
37.

vijay said,
The four domain functional levels are: Windows 2000 Mixed Windows 2000 Native Windows Server 2003 Interim Windows Server 2003 Windows 2000 Mixed When you configure a new Windows Server 2003 domain, the default domain functional level is Windows 2000 mixed. Under this domain functional level, Windows NT, 2000, and 2003 domain controllers are supported. However, certain features such as group nesting, universal groups, and so on are not available. Windows 2000 Native Upgrading the functional level of a domain to Windows 2000 Native should only be done if there are no Windows NT domain controllers remaining on the network. By upgrading to Windows 2000 Native functional level, additional features become available including: group nesting, universal groups, SIDHistory, and the ability to convert security groups and distribution groups. Windows Server 2003 Interim The third functional level is Windows Server 2003 Interim and it is often used when upgrading from Windows NT to Windows Server 2003. Upgrading to this domain functional level provides support for Windows NT and Windows Server 2003 domain controllers. However, like Windows 2000 Mixed, it does not provide new features. Windows Server 2003 The last functional level is Windows Server 2003. This domain functional level only provides support for Windows Server 2003 domain controllers. If you want to take advantage of all the features included with Windows Server 2003, you must implement this functional level. One of the most important features introduced at this functional level is the ability to rename domain controllers

38.

Annveer N. Halkood said,

what are the types of name resolution? how name resolution will take place? what are the Groups?

what is DHCP Relay agent?

39.

Thyagu said,
1.Active Directory schema is collection of object class and attributes.Eg user is an object and its having alot attributes such as first name ,last name etc It present in only one domain in a forest,schema master is having the ability to update the changes in the Active directory schema. Schema Administrator only can access and edit the schema. you cannot see the AD schema when you installed AD (dcpromo). You need to run the registry file for schema in cmd mode :regsvr32.dll schmmgmt Then you can see the Add -snap in wizard in mmc console ,there you can.. 2.the domain functional level in Windows Server 2003 Domain fuctional level support only the windows domain controllers not client level o/s. They are four: windows 2000 mixed(by default) supports- win nt,win 2000,win2003. Windows 2000 native- supports- win 2000 ,win 2003 Windows 2003 interim- supports ->win NT,win 2003 Windows 2003 - supports-win 2003 only 3.forest functional level in Windows Server 2003 There are three windows 2000 mixed supports- win nt,win 2000,win2003. Windows 2000 native- supports- win 2000 ,win 2003 Windows 2003 - supports-win 2003 only 4.Global Catalog It is a searchable database Enginee.It is used to search the objects in a forest.In 2003 ,Universal Group caching membership is available for speedy logon across domain. Port no:3268,3269 It is also taking part of AD replication. Sorry guys ,going out now i wll contlater

40.

Thyagu said,
5.How we can raise domain functional & forest functional level in Windows Server 2003? AD users and computers>domain functional level->choose DFL as per your environment. AD Domain and Trust>Forest functional level>choose FFL as would your environment. Note:once you have change the DFL and FFL,cannot be revert. 6.the deafult protocol used in directory services? LDAP. 8.Already answered 9.What are the physical & logical components of ADS Physical->sites,domain controller Logical ->Forest,domain,tree,ou

10.In which domain functional level, we can rename domain name Windows 2003 dfl,you can rename the domain. Note:Not recommended to rename the domain by Microsoft itself.You need to follow up the proper procedure to prevent the further issue.Renaming is simple,but forecast issue is lot. 11.multi-master replication Whenever a change occurs to any object within an Active Directory domain, that change is replicated automatically to all domain controllers within the domain. This process is called multi-master replication. Multi-master replication does not happen instantly across all servers simultaneously. Rather, it is a controlled process where each domain controller peer is updated and validated in a logically controlled procedure. 12.Site: Site is one or more IP subnets.It contains connection objects and computer objects and mainly used for AD replication. 13.Dcpromo, the command used to remove active directory from a domain controler 14.Already answered. 15.Trust is relationship,between forest,domain. 16 NTDS.dit is the file thats responsible for keep all Active Directory database. I have answered almost question.please let me if my answer is wrong.
41.

PREM said,
The schema is the component of the Active Directory directory service that defines all the objects and attributes that the directory service uses to store data. You can combine some objects in the schema to create more-complex definitions if objects of greater complexity are required. You can also add new definitions to the schema to support new types of objects in the directory.

42.

MAK said,
What is a default forest functionl level when you install the root domain controller ? Explain hidden shares. Hidden or administrative shares are share names with a dollar sign ($) appended to their names. Administrative shares are usually created automatically for the root of each drive letter. They do not display in the network browse list. How do the permissions work in Windows 2000? What permissions does folder inherit from the parent? When you combine NTFS permissions based on users and their group memberships, the least restrictive permissions take precedence. However, explicit Deny entries always override Allow entries. Why cant I encrypt a compressed file on Windows 2000? You can either compress it or encrypt it, but not both. If I rename an account, what must I do to make sure the renamed account has the same permissions as the original one? Nothing, its all maintained automatically. Whats the most powerful group on a Windows system? Administrators.

1.

2.

3. 4. 5.

6. 7. 8. 9. 10.

11. 12. 13. 14.

15.

16.

17.

18.

19. 20.

What are the accessibility features in Windows 2000? StickyKeys, FilterKeys Narrator, Magnifier, and On-Screen Keyboard. Why cant I get to the Fax Service Management console? You can only see it if a fax had been installed. What do I need to ensure before deploying an application via a Group Policy? Make sure its either an MSI file, or contains a ZAP file for Group Policy. How do you configure mandatory profiles? Rename ntuser.dat to ntuser.man I cant get multiple displays to work in Windows 2000. Multiple displays have to use peripheral connection interface (PCI) or Accelerated Graphics Port (AGP) port devices to work properly with Windows 2000. Whats a maximum number of processors Win2k supports? 2 I had some NTFS volumes under my Windows NT installation. What happened to NTFS after Win 2k installation? It got upgraded to NTFS 5. How do you convert a drive from FAT/FAT32 to NTFS from the command line? convert c: /fs:ntfs Explain APIPA. Auto Private IP Addressing (APIPA) takes effect on Windows 2000 Professional computers if no DHCP server can be contacted. APIPA assigns the computer an IP address within the range of 169.254.0.0 through 169.254.255.254 with a subnet mask of 255.255.0.0. How does Internet Connection Sharing work on Windows 2000? Internet Connection Sharing (ICS) uses the DHCP Allocator service to assign dynamic IP addresses to clients on the LAN within the range of 192.168.0.2 through 192.168.0.254. In addition, the DNS Proxy service becomes enabled when you implement ICS. How do you double-boot a Win 2003 server box? The Boot.ini file is set as read-only, system, and hidden to prevent unwanted editing. To change the Boot.ini timeout and default settings, use the System option in Control Panel from the Advanced tab and select Startup. What do you do if earlier application doesnt run on Windows Server 2003? When an application that ran on an earlier legacy version of Windows cannot be loaded during the setup function or if it later malfunctions, you must run the compatibility mode function. This is accomplished by right-clicking the application or setup program and selecting Properties > Compatibility > selecting the previously supported operating system. If you uninstall Windows Server 2003, which operating systems can you revert to? Win ME, Win 98, 2000, XP. Note, however, that you cannot upgrade from ME and 98 to Windows Server 2003. How do you get to Internet Firewall settings? Start > Control Panel > Network and Internet Connections > Network Connections. What are the Windows Server 2003 keyboard shortcuts? Winkey opens or closes the Start menu. Winkey + BREAK displays the System Properties dialog box. Winkey + TAB moves the focus to the next application in the taskbar. Winkey + SHIFT + TAB moves the focus to the previous application in the taskbar. Winkey + B moves the focus to the notification area. Winkey + D shows the desktop. Winkey + E opens Windows Explorer showing My Computer. Winkey + F opens the Search panel. Winkey + CTRL + F opens the Search panel with Search for Computers module selected. Winkey + F1 opens Help. Winkey + M minimizes all. Winkey + SHIFT+ M undoes minimization. Winkey + R opens Run dialog. Winkey + U opens the Utility Manager. Winkey + L locks the computer.

21.

22.

23.

24.

25.

26.

27.

28.

What is Active Directory? Active Directory is a network-based object store and service that locates and manages resources, and makes these resources available to authorized users and groups. An underlying principle of the Active Directory is that everything is considered an objectpeople, servers, workstations, printers, documents, and devices. Each object has certain attributes and its own security access control list (ACL). Where are the Windows NT Primary Domain Controller (PDC) and its Backup Domain Controller (BDC) in Server 2003? The Active Directory replaces them. Now all domain controllers share a multimaster peer-to-peer read and write relationship that hosts copies of the Active Directory. How long does it take for security changes to be replicated among the domain controllers? Security-related modifications are replicated within a site immediately. These changes include account and individual user lockout policies, changes to password policies, changes to computer account passwords, and modifications to the Local Security Authority (LSA). Whats new in Windows Server 2003 regarding the DNS management? When DC promotion occurs with an existing forest, the Active Directory Installation Wizard contacts an existing DC to update the directory and replicate from the DC the required portions of the directory. If the wizard fails to locate a DC, it performs debugging and reports what caused the failure and how to fix the problem. In order to be located on a network, every DC must register in DNS DC locator DNS records. The Active Directory Installation Wizard verifies a proper configuration of the DNS infrastructure. All DNS configuration debugging and reporting activity is done with the Active Directory Installation Wizard. When should you create a forest? Organizations that operate on radically different bases may require separate trees with distinct namespaces. Unique trade or brand names often give rise to separate DNS identities. Organizations merge or are acquired and naming continuity is desired. Organizations form partnerships and joint ventures. While access to common resources is desired, a separately defined tree can enforce more direct administrative and security restrictions. How can you authenticate between forests? Four types of authentication are used across forests: (1) Kerberos and NTLM network logon for remote access to a server in another forest; (2) Kerberos and NTLM interactive logon for physical logon outside the users home forest; (3) Kerberos delegation to N-tier application in another forest; and (4) user principal name (UPN) credentials. What snap-in administrative tools are available for Active Directory? Active Directory Domains and Trusts Manager, Active Directory Sites and Services Manager, Active Directory Users and Group Manager, Active Directory Replication (optional, available from the Resource Kit), Active Directory Schema Manager (optional, available from adminpak) What types of classes exist in Windows Server 2003 Active Directory? 1. Structural class. The structural class is important to the system administrator in that it is the only type from which new Active Directory objects are created. Structural classes are developed from either the modification of an existing structural type or the use of one or more abstract classes. 2. Abstract class. Abstract classes are so named because they take the form of templates that actually create other templates (abstracts) and structural and auxiliary classes. Think of abstract classes as frameworks for the defining objects.

29. 30.

31.

32.

33.

34.

35. 36.

37. 38. 39. 40.

Auxiliary class. The auxiliary class is a list of attributes. Rather than apply numerous attributes when creating a structural class, it provides a streamlined alternative by applying a combination of attributes with a single include action. 4. 88 class. The 88 class includes object classes defined prior to 1993, when the 1988 X.500 specification was adopted. This type does not use the structural, abstract, and auxiliary definitions, nor is it in common use for the development of objects in Windows Server 2003 environments. How do you delete a lingering object? Windows Server 2003 provides a command called Repadmin that provides the ability to delete lingering objects in the Active Directory. What is Global Catalog? The Global Catalog authenticates network user logons and fields inquiries about objects across a forest or tree. Every domain has at least one GC that is hosted on a domain controller. In Windows 2000, there was typically one GC on every site in order to prevent user logon failures across the network. How is user account security established in Windows Server 2003? When an account is created, it is given a unique access number known as a security identifier (SID). Every group to which the user belongs has an associated SID. The user and related group SIDs together form the user accounts security token, which determines access levels to objects throughout the system and network. SIDs from the security token are mapped to the access control list (ACL) of any object the user attempts to access. If I delete a user and then create a new account with the same username and password, would the SID and permissions stay the same? No. If you delete a user account and attempt to recreate it with the same user name and password, the SID will be different. What do you do with secure sign-ons in an organization with many roaming users? Credential Management feature of Windows Server 2003 provides a consistent single signon experience for users. This can be useful for roaming users who move between computer systems. The Credential Management feature provides a secure store of user credentials that includes passwords and X.509 certificates. Anything special you should do when adding a user that has a Mac? "Save password as encrypted clear text" must be selected on User Properties Account Tab Options, since the Macs only store their passwords that way. What remote access options does Windows Server 2003 support? Dial-in, VPN, dial-in with callback. Where are the documents and settings for the roaming profile stored? All the documents and environmental settings for the roaming user are stored locally on the system, and, when the user logs off, all changes to the locally stored profile are copied to the shared server folder. Therefore, the first time a roaming user logs on to a new system the logon process may take some time, depending on how large his profile folder is. Where are the settings for all the users stored on a given machine? \Document and Settings\All Users What languages can you use for log-on scripts? JavaScipt, VBScript, DOS batch files (.com, .bat, or even .exe) Describe how the DHCP lease is obtained. Its a four-step process consisting of (a) IP request, (b) IP offer, IP selection and (d) acknowledgement. I cant seem to access the Internet, dont have any access to the corporate network and on ipconfig my address is 169.254.*.*. What happened? The 169.254.*.* netmask
3.

41.

42. 43. 44. 45.

46. 47.

48.

49. 50. 51.

is assigned to Windows machines running 98/2000/XP if the DHCP server is not available. The name for the technology is APIPA (Automatic Private Internet Protocol Addressing). Weve installed a new Windows-based DHCP server, however, the users do not seem to be getting DHCP leases off of it. The server must be authorized first with the Active Directory. How can you force the client to give up the dhcp lease if you have access to the client PC? ipconfig /release What authentication options do Windows 2000 Servers have for remote clients? PAP, SPAP, CHAP, MS-CHAP and EAP. What are the networking protocol options for the Windows clients if for some reason you do not want to use TCP/IP? NWLink (Novell), NetBEUI, AppleTalk (Apple). What is data link layer in the OSI reference model responsible for? Data link layer is located above the physical layer, but below the network layer. Taking raw data bits and packaging them into frames. The network layer will be responsible for addressing the frames, while the physical layer is reponsible for retrieving and sending raw data bits. What is binding order? The order by which the network protocols are used for clientserver communications. The most frequently used protocols should be at the top. How do cryptography-based keys ensure the validity of data transferred across the network? Each IP packet is assigned a checksum, so if the checksums do not match on both receiving and transmitting ends, the data was modified or corrupted. Should we deploy IPSEC-based security or certificate-based security? They are really two different technologies. IPSec secures the TCP/IP communication and protects the integrity of the packets. Certificate-based security ensures the validity of authenticated clients and servers. What is LMHOSTS file? Its a file stored on a host machine that is used to resolve NetBIOS to specific IP addresses. Whats the difference between forward lookup and reverse lookup in DNS? Forward lookup is name-to-address, the reverse lookup is address-to-name. How can you recover a file encrypted using EFS? Use the domain recovery agent.