Describe The OSI Model

Describe the OSI model.
(pronounced as separate letters) Short for Open System Interconnection, an ISO standard for
worldwide communications that defines a networking framework for implementing protocols in
seven layers. Control is passed from one layer to the next, starting at the application layer in one
station, proceeding to the bottom layer, over the channel to the next station and back up the
hierarchy.
At one time, most vendors agreed to support OSI in one form or another, but OSI was too loosely
defined and proprietary standards were too entrenched. Except for the OSI-compliant X.400 and
X.500 e-mail and directory standards, which are widely used, what was once thought to become
the universal communications standard now serves as the teaching model for all other protocols.
Most of the functionality in the OSI model exists in all communications systems, although two or
three OSI layers may be incorporated into one.
OSI is also referred to as the OSI Reference Model or just the OSI Model.
Open System Interconnection an ISO standard for worldwide communications that defines a
networking framework for implementing protocols in seven layers.The seven layers &
Functions are:
Application
(Layer 7) This layer supports application and end-user processes. Communication partners are
identified, quality of service is identified, user authentication and privacy are considered, and any
constraints on data syntax are identified. Everything at this layer is application-specific. This
layer provides application services for file transfers, e-mail, and other network software services.
Telnet and FTP are applications that exist entirely in the application level. Tiered application
architectures are part of this layer.
Presentation
(Layer 6) This layer provides independence from differences in data representation (e.g.,
encryption) by translating from application to network format, and vice versa. The presentation
layer works to transform data into the form that the application layer can accept. This layer
formats and encrypts data to be sent across a network, providing freedom from compatibility
problems. It is sometimes called the syntax layer.
Session
(Layer 5) This layer establishes, manages and terminates connections between applications. The
session layer sets up, coordinates, and terminates conversations, exchanges, and dialogues
between the applications at each end. It deals with session and connection coordination.
Transport
(Layer 4) This layer provides transparent transfer of data between end systems, or hosts, and is
responsible for end-to-end error recovery and flow control. It ensures complete data transfer.
Network
(Layer 3) This layer provides switching and routing technologies, creating logical paths, known
as virtual circuits, for transmitting data from node to node. Routing and forwarding are functions
of this layer, as well as addressing, internetworking, error handling, congestion control and
packet sequencing.
Data Link
(Layer 2) At this layer, data packets are encoded and decoded into bits. It furnishes transmission
protocol knowledge and management and handles errors in the physical layer, flow control and
frame synchronization. The data link layer is divided into two sub layers: The Media Access
Control (MAC) layer and the Logical Link Control (LLC) layer. The MAC sub layer controls
how a computer on the network gains access to the data and permission to transmit it. The LLC
layer controls frame synchronization, flow control and error checking.
Physical
(Layer 1) This layer conveys the bit stream – electrical impulse, light or radio signal — through
the network at the electrical and mechanical level. It provides the hardware means of sending and
receiving data on a carrier, including defining cables, cards and physical aspects. Fast Ethernet,
RS232, and ATM are protocols with physical layer components.
Application Layers Usage Example :
7. Application Layer NNTP · SIP · SSI · DNS · FTP · Gopher · HTTP · NFS · NTP · SMPP ·
SMTP · SNMP · Telnet (more)
6. Presentation Layer : MIME · XDR ·
5. Session Layer : Named Pipes · NetBIOS · SAP
4. Transport Layer : TCP · UDP · PPTP · SCTP · SSL · TLS
3. Network Layer : IP · ICMP · IPsec · IGMP · IPX · AppleTalk
2. Data Link Layer ARP : · CSLIP · SLIP · Ethernet · Frame relay · ITU-T G.hn DLL · L2TP ·
PPP
1. Physical Layer : RS-232 · V.35 · V.34 · I.430 · I.431 · T1 · E1 · POTS · SONET/SDH · OTN
· DSL · 802.11a/b/g/n PHY · ITU-T G.hn PHY
What is the difference between a repeater, bridge, router? Relate this to the OSI model
Bridges:
(sometimes called “Transparent bridges” ) work at OSI model Layer 2. This means they don’t
know anything about protocols, but just forward data depending on the destination address in the
data packet. This address is not the IP address, but the MAC (Media Access Control) address that
is unique to each network adapter card. Bridges are very useful for joining networks made of
different media types together into larger networks, and keeping network segments free of data
that doesn’t belong in a particular segment.
Switches:
Switches are the same thing as Bridges, but usually have multiple ports with the same “flavor”
connection (Example: 10/100/10000BaseT).
Switches can be used in heavily loaded networks to isolate data flow and improve performance.
In a switch, data between two lightly used computers will be isolated from data intended for a
heavily used server, for example. Or in the opposite case, in “auto sensing” switches that allow
mixing of 10 and 100Mbps connections, the slower 10Mbps transfer won’t slow down the faster
100Mbps flow.
Repeater:
Forwards every frame it receives
it is a generator,not an amplifier(i.e it removes noise & regenerates signal )
Bi-directional in nature
Useful in increasing ethernet size/length
Maximum of 5 Repeaters in an Ethernet
Routers
Links dissimilar n/ws
not transparent to end stations
acts on a network layer frame
isolates LAN to subnets to manage & control traffic
v Describe an Ethernet switch and where it fits into the OSI model.
A switch is a hardware device that works at Layer 2 of the OSI model – data link. The data link
layer is where the Ethernet protocol works.
A switch switches Ethernet frames by keeping a table of what MAC addresses have been seen on
what switch port. The switch uses this table to determine where to send all future frames that it
receives. In Cisco terminology, this table is called the CAM table (content addressable memory).
In general, the proper term for this table is the bridge forwarding table. If a switch receives a
frame with a destination MAC address that it does not have in its table, it floods that frame to all
switch ports. When it receives a response, it puts that MAC address in the table so that it won’t
have to flood next time.
A switch is a high-speed multiport bridge. This is why bridges are no longer needed or
manufactured. Switches do what bridges did faster and cheaper. Most routers can also function
as bridges.
You might be asking how a hub fits into this mix of devices. A hub is a multiport repeater. In
other words, anything that comes in one port of a hub is duplicated and sent out all other ports of
the hub that have devices attached. There is no intelligence to how a hub functions. A switch is a
vast improvement over a hub in terms of intelligence, for many reasons. The most important of
those reasons is how the bridge forwarding table works. Intelligent (smart) switches have made
hubs obsolete because they can do more at the same cost of a dumb hub. For this reason, hubs
are rarely used or sold any longer.
v What is a VLAN? What is an ELAN? What is the difference?
Short for virtual LAN, a network of computers that behave as if they are connected to the same
wire even though they may actually be physically located on different segments of a LAN.
VLANs are configured through software rather than hardware, which makes them extremely
flexible. One of the biggest advantages of VLANs is that when a computer is physically moved
to another location, it can stay on the same VLAN without any hardware reconfiguration.
A VLAN is a logical local area network (or LAN) that extends beyond a single traditional LAN
to a group of LAN segments, given specific configurations. Because a VLAN is a logical entity,
its creation and configuration is done completely in software.
VLAN — Virtual Local Area Network
ELAN — Emulated Local Area Network
Difference between these two are as follows:-
Without going into the mechanics of ELANs and how they are configured, an ELAN (Emulated
LAN) connects VLANs over a WAN.
A VLAN (Virtual LAN) is a grouping of ports on switches which is considered as one broadcast
domain. All the ports on a VLAN act as if they were all on the same wire. Therefore, broadcasts
are propagated across a VLAN ,and anything communication outside that VLAN must be routed
or bridged.
The ELAN is a mechanism used to link VLANs across a wide area network. ATM is a good
candidate for ELANs. With ELANs, you could have 2 VLANs at different sites which are
linked together via an ELAN. The ELAN links the two VLANs
Together, forming one big broadcast domain. The advantage of ELANs over straight bridging is
that membership into ELANs is dynamic, and that multiple ELANs can be handled by one single
WAN link.
v Describe Ethernet packet contents: min./max. size, header.

Ethernet frame consists of:
7 bytes – Preamble
1 byte – SOF Delimiter
6 bytes – DA
6 bytes – SA
2 bytes – Type\Length
46-1500 bytes – Data \ 802.2 Header + Data
4 bytes – FCS
Min amount of bytes is 72. Ethernet frame minimal size is 64 = 72 bytes of frame – 7 bytes of
preamble – 1 byte of SOF.
The ethernet frame size upper limit of 1500 bytes goes up to the history of DIX Ethernet –
physical limit of memory size used in NICs because of it’s cost. Actually there is no strict
requirements by used algorythms or standarts.
Lower limit of frame size has the following reasons:

1. To make transmission error detection more easy – smaller size of binary sequence leads to
lower reliability of error detection.
2. The most important reason: If frame size is less than 64 bytes (512 bits), host may finish
transmission before receiving noise signal and can think that frame transmitted successfully,
while another host sent collision notification.
For 10 Mbps rate min frame size should be at least 500 bits – that’s the only guarantee that
collision can be detected anywhere in the cable. For reliability min size was increased up to 512
(power of 2) and became 512 bits = 64 bytes.
the min size was to make sure that it contains enough ethernet headers.
the max size also has something to do with the data written in the headers.
v Describe TCP/IP and its protocols.

The TCP/IP suite of protocols is the set of protocols used to communicate across the internet. It
is also widely used on many organizational networks due to its flexibility and wide array of
functionality provided. Microsoft who had originally developed their own set of protocols now is
more widely using TCP/IP, at first for transport and now to support other services.
IP – Internet Protocol. Except for ARP and RARP all protocols’ data packets will be packaged
into an IP data packet. IP provides the mechanism to use software to address and manage data
packets being sent to computers.
TCP/IP is a two-layer program. The higher layer, Transmission Control Protocol, manages the
assembling of a message or file into smaller packets that are transmitted over the Internet and
received by a TCP layer that reassembles the packets into the original message. The lower layer,
Internet Protocol, handles the address part of each packet so that it gets to the right destination.
Each gateway computer on the network checks this address to see where to forward the message.
Even though some packets from the same message are routed differently than others, they’ll be
reassembled at the destination.
 TCP – A reliable connection oriented protocol used to control the management of
application level services between computers. It is used for transport by some
applications.
 UDP – An unreliable connection less protocol used to control the management of
application level services between computers. It is used for transport by some
applications which must provide their own reliability.
Many Internet users are familiar with the even higher layer application protocols that use TCP/IP
to get to the Internet. These include the World Wide Web’s Hypertext Transfer Protocol (HTTP),
the File Transfer Protocol (FTP), Telnet (Telnet) which lets you logon to remote computers, and
the Simple Mail Transfer Protocol (SMTP). These and other protocols are often packaged
together with TCP/IP as a “suite.”
v Describe ATM and what are its current advantages and disadvantages.
Describe SONET
ATM (asynchronous transfer mode) is a dedicated-connection switching technology that

organizes digital data into 53-byte cell units and transmits them over a physical medium using
digital signal technology. Individually, a cell is processed asynchronously relative to other
related cells and is queued before being multiplexed over the transmission path.
Because ATM is designed to be easily implemented by hardware (rather than software), faster
processing and switch speeds are possible. The prespecified bit rates are either 155.520 Mbps or
622.080 Mbps. Speeds on ATM networks can reach 10 Gbps. Along with Synchronous Optical
Network (SONET) and several other technologies, ATM is a key component of broadband ISDN
(BISDN).
ATM also stands for automated teller machine, a machine that bank customers use to make
transactions without a human teller.
Advantages and Disadvantages of ATM
 ATM Advantages
 ATM supports voice, video and data allowing multimedia and mixed services over a
 single network.
 High evolution potential, works with existing, legacy technologies
 Provides the best multiple service support
 Supports delay close to that of dedicated services
 Supports the broadest range of burstiness, delay tolerance and loss performance through
the implementation of multiple QoS classes
 Provides the capability to support both connection-oriented and connectionless traffic
using AALs
 Able to use all common physical transmission paths like SONET.
 Cable can be twisted-pair, coaxial or fiber-optic
 Ability to connect LAN to WAN
 Legacy LAN emulation
 Efficient bandwidth use by statistical multiplexing
 Scalability
 Higher aggregate bandwidth
 High speed Mbps and possibly Gbps
ATM disadvantages
 Flexible to efficiency’s expense, at present, for any one application it is usually possible
to find a more optimized technology
 Cost, although it will decrease with time
 New customer premises hardware and software are required
Competition from other technologies -100 Mbps FDDI, 100 Mbps Ethernet and fast
Ethernet
 Presently the applications that can benefit from ATM such as multimedia are rare
The wait, with all the promise of ATM’s capabilities many details are still in the
standards process
v What are the maximum distances for CAT5 cabling?
A good standard answer is 100 meters (300 feet) with patch cords,90 meters (270 feet) without
patch cords. That goes pretty much for everything up to and including CAT 7/Class Fa UTP.
Maximum cable lengh for ethernet depends on what kind of ethernet you are talking
about! Here are some details on the most popular kinds of ethernet. (UTP = unshielded
twisted pair)
Gigabit Ethernet (over copper), 1000baseT
Speed: 1000 Mbps

Max Len: 100 Meters
Cable: UTP, RJ-45 connectors
Fast Ethernet, 100baseT
Speed: 100 Mbps

Max Len: 100 Meters
Twisted Pair Ethernet, 10baseT
Speed: 10 Mbps
Max Len: 100 Meters
Thin Ethernet , 10 base 2
Speed: 10 Mbps
Max Len: 185 Meters
Cable: RG-58 type coax, 50 ohm impedance
Thick Ethernet, 10 base 5
Speed: 10 Mbps
Max Len: 500 Meters
Cable: RG-58 type coax, 50 ohm impedance
v Describe UDP and TCP and the differences between the two.
TCP – A reliable connection oriented protocol used to control the management of application
level services between computers. It is used for transport by some applications.
UDP – An unreliable connection less protocol used to control the management of application
level services between computers. It is used for transport by some applications which must
provide their own reliability.
v Describe what a broadcast storm is.
A state in which a message that has been broadcast across a network results in even more
responses, and each response results in still more responses in a snowball effect. A severe
broadcast storm can block all other network traffic, resulting in a network meltdown. Broadcast
storms can usually be prevented by carefully configuring a network to block illegal broadcast
messages.
v Describe what a runt, a giant, and a late collision are and what causes each of them.
A runt is a packet that fails to meet the minimum size standard. Ussually below 64
bytes. Occurs as a result of a collision.
A giant is a packet that exceeds the size standard for the medium ussually grater then 1518 bytes
. Caused by malfunctioning equipment on your network.
Late collisions are packet collisions that occur after the window
for a network collision closes.
v How do you distinguish a DNS problem from a network problem?
If you’re able to ping 157.166.224.26 but you are NOT able to ping cnn.com , Then you’re
having a DNS problem.
[If you are NOT able to ping EITHER, then there are network problems and you have NO
problems if you CAN ping BOTH]
You can then use nslookup to locate an alternate internal or external dns server that correctly
resolves ‘cnn.com’ to it’s ip address and configure your workstation’s NIC for this static dns
server until the problems with the DHCP assigned DNS server are fixed.
OR
When u are able to ping the default gateway and the website address there is no problem in the
network and DNS
When u are able to ping the the gateway and the WEBsite IP, but not the WEBsite address then it
is a problem with the DNS
When u are not able to ping anything its network problem
v Describe the principle of multi-layer switching.

Multilayer switching is simply the combination of traditional Layer 2 switching with Layer 3
routing in a single product. Multilayer switching is new, and there is no industry standard yet on
nomenclature. Vendors, analysts, and editors don’t agree about the specific meaning of terms
such as multilayer switch, Layer 2 router, Layer 3 switch, IP switch, routing switch, switching
router, and wirespeed router. The term multilayer switch seems to be the best and most widely
used description of this class of product that performs both Layer 3 routing and Layer 2
switching functions.
Multilayer switching is usually implemented through a fast hardware such as a higher-density

ASICs (Application-Specific Integrated Circuits), which allow real-time switching and
forwarding with wirespeed performance, and at lower cost than traditional software-based
routers built around general-purpose CPUs.
The following are some basic architecture approaches for the multiplayer switches:
Generic Cut-Through Routing:

In the multi-layer switching architecture Layer 3 routing calculations are done on the first packet
in a data flow. Following packets belonging to the same flow are switched at Layer 2 along the
same route. In other words, route calculation and frame forwarding are handled very differently
here.
ATM-Based Cut-Through Routing:

This is a variation of generic cut-through routing which is based on ATM cells rather than
frames. ATM-based cut-through routing offers several advantages such as improved support of
LAN emulation and multi-vendor support in the form of the Multiprotocol Over ATM (MPOA)
standard. Products referred to as IP switches and tag switches generally fall into this category.
Layer 3 Learning Bridging CIn this architecture, routing is not provided. Instead, it uses IP
“snooping” techniques to learn the MAC/IP address relationships of endstations from true routers
that must exist elsewhere in the network. Then it redirects traffic away from the routers and
switches it based on its Layer 2 addresses.
Wirespeed Routing:
Wirespeed architecture routes every packet individually. It is often referred to as packet-by-
packet Layer 3 switching. Using advanced ASICs to perform Layer 3 routing in hardware, it
implements dynamic routing protocols such as OSPF and RIP. In addition to basic IP routing, it
supports IP multicast routing, VLAN segregation, and multiple priority levels to assist in quality
of service.
Network Troubleshooting
v Explain how traceroute, ping, and tcpdump work and what they are used for?
Traceroute;
Traceroute works by increasing the “time-to-live” value of each successive batch of packets sent.
The first three packets sent have a time-to-live (TTL) value of one (implying that they are not
forwarded by the next router and make only a single hop). The next three packets have a TTL
value of 2, and so on. When a packet passes through a host, normally the host decrements the
TTL value by one, and forwards the packet to the next host. When a packet with a TTL of one
reaches a host, the host discards the packet and sends an ICMP time exceeded (type 11) packet to
the sender. The traceroute utility uses these returning packets to produce a list of hosts that the
packets have traversed en route to the destination. The three timestamp values returned for each
host along the path are the delay (aka latency) values typically in milliseconds (ms) for each
packet in the batch. If a packet does not return within the expected timeout window, a star
(asterisk) is traditionally printed. Traceroute may not list the real hosts. It indicates that the first
host is at one hop, the second host at two hops, etc. IP does not guarantee that all the packets take
the same route. Also note that if the host at hop number N does not reply, the hop will be skipped
in the output.
Ping:
It works by sending ICMP “echo request” packets to the target host and listening for ICMP
“echo response” replies. Ping estimates the round-trip time, generally in milliseconds, and
records any packet loss, and prints a statistical summary when finished.
TCPDUMP:
traceroute and ping work on the ICMP protocol and are used for network connectivity testing.
but TCPDUMP is different its a NETWORK PACKET ANALYZER. tcpdump uses libpacp /
winpcap to capture data and uses it extensive protocol definitions build inside to analyze the
captured packets. Its mainly used to debug the protocol of the captured packet which in turn
reveals the network traffic charachterstics.
v What is a metric?
Metrics is a property of a route in computer networking, consisting of any value used by routing
algorithms to determine whether one route should perform better than another (the route with the
lowest metric is the preferred route). The routing table stores only the best possible routes, while
link-state or topological databases may store all other information as well. For example, Routing
Information Protocol uses hopcount (number of hops) to determine the best possible route.
A Metric can include:
 measuring link utilisation (using SNMP)

 number of hops (hop count)
 speed of the path
 packet loss (router congestion/conditions)
 latency (delay)
 path reliability
 path bandwidth
 throughput [SNMP - query routers]
 load
 MTU
v What is a network management system?
A Network Management System (NMS) is a combination of hardware and software used to

monitor and administer a network
Effective planning for a network management system requires that a number of network
management tasks be folded in a single software solution. The network management system
should automate the processes of expense management auditing, asset lifecycle management,
inventory deployment tracking, cost allocation and invoice processing.
v Describe how SNMP works.
The simple network management protocol (SNMP) use for monitoring of network-attached
devices for any conditions that warrant administrative attention. It is use to manage IP network
devices such as servers, routers, switches etc. Administrator can find or manage network
performance, solve problem or even optimize it further. It works at TCP/IP Application layer 5
(L5).
v Describe how WEP works and its strengths and weaknesses
As you probably already know Wired Equivalent Privacy (WEP) is used by companies to secure
their wireless connections from sniffing attacks. You’ve probably also heard that it’s not very
secure. In the first part of this 2 part series I’ll explain the inner workings of WEP and follow it
up next month with why it’s insecure.
Do i need WEP at all?

An authentic user, Bob uses his laptop to check his Gmail account everyday. He has a wireless
card in his laptop which automatically detects his ISP’s wireless access point (WAP) just across
the street. Once he’s connected to the WAP he can go ahead and check his Email. Alice is a
sneaky user who doesn’t want to pay the ISP for access to the Internet. She however knows that
the ISP across the street has an access point which anyone can connect to and access the Internet.
She plugs in her laptop and is soon downloading music from the Internet. WEP was designed to
ensure that users authenticate themselves before using resources, to block out Alice, and allow
Bob. Let’s see how it does this.
How WEP works
WEP uses the RC4 algorithm to encrypt the packets of information as they are sent out from the
access point or wireless network card. As soon as the access point receives the packets sent by
the user’s network card it decrypts them.
Each byte of data will be encrypted using a different packet key. This ensures that if a hacker
does manage to crack this packet key the only information that is leaked is that which is
contained in that packet.
The actual encryption logic in RC4 is very simple. The plain text is XOR-ed with an infinitely
long keystream. The security of RC4 comes from the secrecy of the packet key that’s derived
from the keystream.
v Describe what a VPN is and how it works.
A VPN connection is the extension of a private network that includes links across shared or
public networks, such as the Internet. VPN connections (VPNs) enable organizations to send
data between two computers across the Internet in a manner that emulates the properties of a
point-to-point private link.
Basically, a VPN is a private network that uses a public network (usually the Internet) to connect
remote sites or users together. Instead of using a dedicated, real-world connection such as leased
line, a VPN uses “virtual” connections routed through the Internet from the company’s private
network to the remote site or employee.
VoIP
Describe how VoIP works.
Voice over Internet Protocol (VoIP), is a technology that allows you to make voice calls using a
broadband Internet connection instead of a regular (or analog) phone line. Some VoIP services
may only allow you to call other people using the same service, but others may allow you to call
anyone who has a telephone number – including local, long distance, mobile, and international
numbers. Also, while some VoIP services only work over your computer or a special VoIP
phone, other services allow you to use a traditional phone connected to a VoIP adapter.
Describe methods of QoS.
Quality of service is the ability to provide different priority to different applications, users, or
data flows, or to guarantee a certain level of performance to a data flow.
QOS is Quality of Service: A set of metrics used to measure the quality of transmission and
service available of any given transmission system
Are you familiar with IPv6? If so, what are the major differences between IPv4 and IPv6?
IPv6 is based on IPv4, it is an evolution of IPv4. So many things that we find with IPv6 are
familiar to us. The main differences are:
1.Simplified header format. IPv6 has a fixed length header, which does not include most of the
options an IPv4 header can include. Even though the IPv6 header contains two 128 bit addresses
(source and destination IP address) the whole header has a fixed length of 40 bytes only. This
allows for faster processing.
Options are dealt with in extension headers, which are only inserted after the IPv6 header if
needed. So for instance if a packet needs to be fragmented, the fragmentation header is inserted
after the IPv6 header. The basic set of extension headers is defined in RFC 2460.
2.Address extended to 128 bits. This allows for hierarchical structure of the address space and
provides enough addresses for almost every ‘grain of sand’ on the earth. Important for security
and new services/devices that will need multiple IP addresses and/or permanent connectivity.
3.A lot of the new IPv6 functionality is built into ICMPv6 such as Neighbor Discovery,
Autoconfiguration, Multicast Listener Discovery, Path MTU Discovery.
4.Enhanced Security and QoS Features.
IPv4 means Internet Protocol version 4, whereas IPv6 means Internet Protocol version 6.
IPv4 is 32 bits IP address that we use commonly, it can be 192.168.8.1, 10.3.4.5 or other 32 bits
IP addresses. IPv4 can support up to 232 addresses, however the 32 bits IPv4 addresses are
finishing to be used in near future, so IPv6 is developed as a replacement.
IPv6 is 128 bits, can support up to 2128 addresses to fulfill future needs with better security and
network related features. Here are some examples of IPv6 address:
1050:0:0:0:5:600:300c:326b
ff06::c3
0:0:0:0:0:0:192.1.56.10
What authentication, authorization ad accounting (AAA) mechanisms are you familiar

with? Which ones have you implemented??
RADIUS Server (Remote Access Dialin User Service)
MS IAS (Internet Authenticaion Service)

Leave a Comment
February 18, 2010

Technical Interview Questions (Part 3/4) [EXCHANGE SERVER]
Filed under: Uncategorized — aacable @ 9:40 AM
~!~
Technical Interview Questions (Part 3/4)

[EXCHANGE SERVER]
Edited & Maintained by SYED JAHANZAIB / aacable@hotmail.com
 Tell me a bit about the capabilities of Exchange Server.
Microsoft Exchange is a server that centrally stores a company’s email, files, task lists, calendar
and contact information. General features of Microsoft Exchange Server are following:
 Mobile access
 Centrally stored information
 Shared calendars
 Shared task lists
 Shared contacts
 Outlook Web access
===========================================================
The Capabilities of Exchange Server is for Communicating through Emails,with the help of
Exchange Server one can configure OutLook and can communicate through mails. In Exchange
Server POP3 and SMTP Service plays vital Roles. POP3 Service helps in receiving emails and
SMTP Service helps in Sending Emails.
===========================================================
Microsoft Exchange Server is a client-server, collaborative application product developed by

Microsoft. Exchange’s major features consist of electronic mail, calendaring, contacts and tasks;
support for mobile and web-based access to information; and support for data storage
===========================================================
 What’s the main differences between Exchange 5.5 and Exchange 2000/2003?
 What are the major network infrastructure for installing Exchange 2003?
 What is the latest Exchange 2003 Service Pack? Name a few changes in functionality
in that SP.
The main difference between Exchange 5.5 and Exchange 2000/2003 is in Exchange 2000/2003
we can assign full rights to Users to make changes to Exchange Server without Admin if we
assign rights like creation of Users , assigninig particular user particular right and this can be
done with the help of registry key goto HKCU—Software–Microsoft— ExchangeServer and add
a Dword key and assign a value 1.where as this is not possible in Exchange 5.5.
Exchange 5.5 does not integrate with the NT4 domain or the Windows 2000/2003 Active
Directory in a meaningful way. A single user could be associated with several
different mailboxes. Exchange 2000/2003/2007 integrates tightly with Active Directory, and
there is a 1:1 relationship between mailboxes and AD user accounts. There are other differences,
depending on whether you have a standard or enterprise version as it relates to maximum
database size, but the directory integration is probably
the biggest difference.

The primary differences are…
-Exchange 2000/2003 does not have its own directory or directory service; it uses Active
Directory instead.
-Exchange 2000/2003 uses native components of Windows 2000 (namely, IIS and its SMTP,
NNTP, W3SVC and other components, Kerberos and others) for many core functions.
-SMTP is now a full peer to RPC, and is it the default transport protocol between Exchange
2000/2003 servers.
-Exchange 2000/2003 supports Active/Active clustering and was recently certified for Windows
2000 Datacenter/2003.
-Exchange 2000/2003 scales much higher.
-It boasts conferencing services and instant messaging.
To Instal Exchange Server 2003 the major requirements are a system should be a Domain
Controller with ASP.Net Service started for successful installation of Exchange Server.
Latest Exchange Server 2003 Service Pack is service pack2 (SP2) adds improved mobile e-mail
capabilities, larger storage in Standard Edition, better protection from spam, enhanced security,
advanced mailbox fundamentals, and more.
 What are the disk considerations when installing Exchange (RAID types, locations
and so on).
Exchange 2003 basically requires a server with at least 512MB though 1GB or more is
recommended.
CPU is always an issue, but most servers and even workstations have enough CPU horsepower
for Exchange if you’re not loading your server with anything else that is CPU intensive.
Exchange supports hyper threading feature available with Pentium 4 and other CPUs. If you
need more CPU power you can use Intel Xeon which can offer you more cache and multiple
CPU support.
Today, 64-Bit support is available in some CPUs but is Not support by Exchange 2003 and will
only be available with the next version of Exchange, E12.
Disk configuration is a complex issue and is covered in my article:
http://www.msexchange.org/tutorials/Choosing-Storage-Exchange-Server.html
To make a long story short, today, you can choose either SATA disks for lower end Exchange
servers or SCSI disks if you can afford it. SATA disks can give you more disk space for less
money but are generally slower though by far better than ATA (IDE) disks. You will need some
form of disk redundancy (RAID) so disk failure will not bring you down. Hardware based RAID
is recommended in most cases.
When planning for disk space it is best to leave room for a bit more than double the disk space
expected for the Exchange databases. 32GB or more for the Exchange database partition is
recommended for Exchange Standard edition.
Recommended Server hardware
• Four 1 gigahertz (GHz), 1 megabyte (MB) or 2 MB L2 cache processors
• 4 gigabytes (GB) of Error Correction Code (ECC) RAM
• Two 100 megabits per second (Mbps) or 1000 Mbps network interface cards
• RAID-1 array with two internal disks for the Windows Server 2003 and Exchange
Server 2003 program files
• Two redundant 64-bit fiber Host Bus Adapters (HBAs) to connect to the Storage Area
Network
 Why not install Exchange on the same machine as a DC?
well, this is not a good pratice to so and the reasons behind are :
1. Redundancy and Stability – if the exchange server fails then Domain Controller also fails and
it concludes a big failure…
2. Overload : It may overload your existing server and that can cause a significant performance
problem.
Alternate Answer is :
1-LDAP Port Conflict may Occured
2-Overload
3-Redundancy
 How would you prepare the AD Schema in advance before installing Exchange?
Part of the Exchange installation is to run ForestPrep. ForestPrep extends the AD schema by
adding Exchange-specific properties. If you just start the Exchange setup, it guides you right
through this step.
 What type or permissions do you need in order to install the first Exchange server
in a forest? In a domain?
 How would you verify that the schema was in fact updated?
Exchange Full Administrator at organization Level and Local machine Administrator

Permissions
You need Schema Admin, Domain Admin and Enterprise Admin Permission.
That can be check by accessing the Active directory. When you create new user, you can see
four more attributes or tabs in the user properties. That means the schema has been updated.
 What type of memory optimization changes could you do for Exchange 2003?
 How would you check your Exchange configuration settings to see if they’re right?
Add /3GB switch to boot.ini file and you can use upto 3GB memory instead of 1GB by default.
Once your exchange server configuration is done run the tool EXBPA.exc .This will give you the
correct ficture of your exchange organization.
 What are the Exchange management tools? How and where can you install them?
Exchange Management tools are to monitor, analyze and troubleshoot the Exchange Server. By
default XGE 2K3 is not installed with XGE mgmt tools. we need to download from microsoft or
xge setup and install them.
http://technet.microsoft.com/en-us/library/bb123850(EXCHG.65).aspx
you may install these tools directly on server not need to be XP client
http://www.microsoft.com/downloads/details.aspx?familyid=21e5a788-5993-40a9-bd35-
b14d414e3e16&displaylang=en
These tools are install by default for 2007 Xge server

Ø What types of permissions are configurable for Exchange?
If you modify the default permissions on Exchange Server 2003 mailbox stores and public folder
stores, make sure you maintain the following minimum permissions:
• Administrators group Full Control
• Authenticated Users group Read and Execute, List Folder Contents, and Read
• Creator Owner None
• Server Operators group Modify, Read and Execute, List Folder Contents, Read, and
Write
• System account Full Control
1)Exchange full admin – full control over the exchange organization including permission
2)Exchange Admin – Manage everything within the organization except org permission.
3)Exchange view only administrator – read only administrative access to Exchange organization
 How can you grant access for an administrator to access all mailboxes on a specific
server?
 What is the Send As permission?
1. Start Exchange System Manager.
2. Drill down to your server object within the appropriate Administrative Group. Right-click it
and choose Properties.
3. In the Properties window go to the Security tab.
4. Click Add, click the user or group who you want to have access to the mailboxes, and then
click OK.
5. Be sure that the user or group is selected in the Name box.
6. In the Permissions list, click Allow next to Full Control, and then click OK.
Note: Make sure there is no Deny checkbox selected next to the Send As and Receive As
permissions.
7. Click Ok all the way out.

“Send As” allows one user to send an email as though it came from another user. The recipient
will not be given any indication that the email was composed by someone other than the stated
sender.
“Send As” can only be granted by a system administrator. “Send on Behalf of” may be more
appropriate in many situations, it allows the recipient to be notified both who the author was and
on who’s behalf the email was sent. (See How to grant Send On Behalf Of permission.)
The following procedure will allow system managers to grant users the ability to send as another:
1. Log onto the server running Exchange.

2. Run Active Directory Users and Computers.
3. Under the “View” menu ensure that “Advanced Features” is ticked.
4. Find the user’s account that you want to be able to send as, and open up the account
properties.
5. Select the “Security” tab.
6. Click [Add ...] (under “Group or user names”) and add the user (users or group) that is to
be granted permission to send-as this account.
7. For each account added, highlight the account under “Group or user names” and in the
“Permissions for …” window grant the account “Send As” permission.
8. Click [OK] to close the account properties dialog.
=====================================================================
=====
Send As Permission means user A will be able to access the mail box of user B and reply back to
those mail. Even though user A has replied to the mail, the send address will display user b
email.
=====================================================================
=====
Active Directory Users and Computers or the Exchange Management Shell to grant the Send As
permission for a mailbox. Use the Send As permission in Microsoft Exchange Server to
configure a mailbox so that users other than the mailbox owner can use that mailbox to send
messages. After this permission is granted, any messages that are sent from the mailbox will
appear as if they were sent by the mailbox owner.
 What are Exchange Recipient types? Name 5.
The people and resources that send and receive messages are the core of any messaging and
collaboration system. In an Exchange Server organization, these people and resources are
referred to as recipients.
A recipient is any mail-enabled object in the Active Directory directory service to which
Exchange can deliver or route messages. This topic discusses the recipient types that are
supported in Microsoft Exchange Server 2007.
User mailbox
A mailbox that is assigned to an individual user in your Exchange organization. It typically

contains messages, calendar items, contacts, tasks, documents, and other important business data.
Linked mailbox
A mailbox that is assigned to an individual user in a separate, trusted forest.
Shared mailbox
A mailbox that is not primarily associated with a single user and is generally configured to allow
logon access for multiple users.
Legacy mailbox
A mailbox that resides on a server running Exchange Server 2003 or Exchange 2000 Server.
Room mailbox
A resource mailbox that is assigned to a meeting location, such as a conference room,

auditorium, or training room. Room mailboxes can be included as resources in meeting
requests, providing a simple and efficient way of organizing meetings for your users.
=====================================================================
=========
In exchange 2003,
1.Mail-enabled user
2.Mailbox enabled user.
3.DL
4.Contact
5.Mail-Enabled public folder
 You created a mailbox for a user, yet the mailbox does not appear in ESM. Why?
 What’s the difference between Exchange 2003 Std. and Ent. editions when related to
storage options and size?
Generally, when you create a mailbox for a user. The user’s e-mail address will be updated in the
GAL. During the regular update interval. But in order for you to be able to view the mail box.
The user has to access the Exchange server (either through MS outlook or OWA). Then you will
be able to view the user’s mail box.
OR if you send a test mail to that id then the mailbox will be populated in the ESM
Ø What are Query Based Distribution groups?
A query-based distribution group provides the same functionality as a standard distribution

group. However, instead of specifying static user memberships, you can use an LDAP query (for
example, “All full-time employees in my company”) to dynamically build membership in a
query-based distribution group.
This reduces administrative costs because of the dynamic nature of the distribution group.
However, query-based distribution groups have a higher performance cost for queries whose
outcome produces many results.
This cost is in terms of server resources, such as high CPU usage and increased memory usage.
This increased usage occurs because every time an e-mail message is sent to a query-based
distribution group, an LDAP query is executed against Active Directory to determine its
membership.
Standard Edition
1. One storage group
2. 2 Databases max per Server
3. 16 GB DB Size and 72 GB with SP2
4. x.400 connectors not included
Enterprise Edition
1. Four Storage group
2. 20 Databases
3. 16 TB DB size limited by hardware
4. Clustering Supported
5. x.400 connectors included
 What are System Public Folders? Where would you find them?
In Exchange Server 2003, public folders can be used to share information between a group of
users. In smaller organizations where only one Exchange server is typically installed, one public
folder instance can exist.
Where there are multiple Exchange servers and you need to provide fast access to public folder
information, then you would probably have to create an additional public folder
instance.
Public folders can be created through:
• Outlook 2003
• Outlook XP
• Outlook 2000
• Exchange System Manager
• Windows Explorer
• Internet clients
• Web browsers
To View
Click Start, All Programs, Microsoft Exchange, and then select Exchange System Manager.
Exchange System Manager opens. In the left pane, expand the Public Folders container. All
existing folders in the public folder tree are displayed.
 What are virtual servers? When would you use more than one?
 What is a Mail Relay? Name a few known mail relay software or hardware options.
Exchange Virtual Server is a clustered Exchange installation. When Exchange is installed on a

Windows Server 2003 cluster, it is configured as an Exchange Virtual Server that can be
passed between cluster nodes transparently to Exchange clients.
1. SMTP Virtual Server, 2. HTTP Virtual Server, 3.POP3 Virtual Server, 4. IMAP4 Virtual
Server and so on
===========================================================
To access a network application or resource in a nonclustered environment, network clients must
connect to a physical server (that is, a specific computer on the network identified by a unique
network name and Internet protocol (IP) address). If that server fails, access to the application or
resource is impossible.
Through server clusters, Windows Server 2003, Enterprise Edition and Windows Server 2003,
Datacenter Edition enable the creation of virtual servers. Unlike a physical server,
a virtual server is not associated with a specific computer and can be failed over like a group. If
the node hosting the virtual server fails, clients can still access its
resources using the same server name.
A virtual server is a group that contains:
A Network Name resource.
An IP Address resource.
All other resources, including applications, to be accessed by the clients of the virtual server.
Other virtual servers.
exchange server uses protocol virtual server
1.smtp virtual server
2.imap virtual server
3.http virtual server
4.pop3 virtual server
Often referred to as an e-mail server, a device and/or program that routes an e-mail to the correct
destination. Mail relays are typically used within local networks to transmit e-mails among local
users. (For example, all of the student and faculty e-mail of a college campus.) Mail relays are
particularly useful in e-mail aliasing where multiple e-mail addresses are used but the mail relay
forwards all messages to the specified e-mail addresses to one single address.
A mail relay is different than an open relay, where an e-mail server processes a mail message
that that neither originates or ends with a user that is within the server’s local domain (i.e., local
IP range).
============================================
Often referred to as an e-mail server, a device and/or program that routes an e-mail to the correct
destination. Mail relays are typically used within local networks to transmit e-mails among local
users.
(For example, all of the student and faculty e-mail of a college campus.) Mail relays are
particularly useful in e-mail aliasing where multiple e-mail addresses are used but
the mail relay forwards all messages to the specified e-mail addresses to one single address.
A mail relay is different than an open relay, where an e-mail server processes a mail message
that that neither originates or ends with a user that is within the server’s
local domain (i.e., local IP range).
Mail relay Softwares:
1.NoticeWare Email Server 4.3
2. Flash Mailer 20.
 What is a Smart Host? Where would you configure it?
A smart host is a type of mail relay server which allows an SMTP server to route e-mail to an
intermediate mail server rather than directly to the recipient’s server.
Often this smart host requires authentication from the sender to verify that the sender has
privileges to have mail forwarded through the smart host.
This is an important distinction from an open relay that will forward mail from the sender
without authentication. Common authentication techniques include SMTP-AUTH and POP
before SMTP.
1.Use for backup mail (secondary MX) services
When configured to be a backup mail server (not the primary MX record) a smart host
configuration will accept mail on behalf of the primary mail server if it were to go offline. When
the primary mail server comes back online, mail is subsequently delivered via the smart host.
2.Use in spam control efforts
Some ISPs, in an effort to reduce e-mail spam originating at their customer’s IP addresses, will
not allow their customers to communicate directly with the recipient’s mail
server via the default SMTP port number 25. In this case the customer has no choice but to use
the smart host provided by the ISP.A growing number of systems also verify the sending system
against known lists of cable modem and DSL networks and will not accept SMTP connections
from these systems to reduce the amount of incoming spam. Field tests have shown
this can have a sizable impact on the number of spam messages one receives and it is expected to
become more and more common
3.Use in centralizing email services
When a host runs its own local mail server, a smart host is often used to transmit all mail to other
systems through a central mail server. This is used to ease the management of
a single mail server with aliases, security, and Internet access rather than maintaining numerous
local mail servers.
 What are Routing Groups? When would you use them?
A routing group is a logical collection of servers used to control mail flow and public folder
referrals. In a routing group, all servers communicate and transfer messages
directly to one another.
In a routing group, all servers communicate and transfer messages directly to one another, as
follows:
1. A user in your Exchange organization uses a mail client to send mail to another user.
2. Using SMTP, the sender’s client submits this mail to the SMTP virtual server on the
Exchange server on which the client’s mailbox resides.
3. The Exchange server looks up the recipient of the mail message to determine which
server the recipient’s mailbox resides on.
4. One of two things occurs:

• If the recipient’s mailbox is on the same Exchange server, Exchange delivers the
message to the recipient’s mailbox.
• If the recipient’s mailbox is on another Exchange server, the first Exchange server
sends the message to the recipient’s home mailbox server, and it is the recipient’s home mailbox
server that delivers the message to the recipient’s mailbox.
==========================================================
To accommodate varying network connectivity across servers.
To restrict the usage of a connector to users in a particular area.

USES OF THIS GROUP:
Allows scheduling and control of mail flow. You can restrict connector use to a particular
routing group or schedule the use of a connector.
Allows you to control usage based on message size or content by using connector restrictions.
==========================================================
Routing group is a logical collection exchange server.they communicate each other directly
using RPC protocl over SMTP but if Exchange server exist into two diffenent groups,then
communcation will take place b/n these groups,if one of routing group connector esixt b/n
routing groups mentioned below..
1 – Routing group conncetor
2 – Smtp Connector,
 What are the types of Connectors you can use in Exchange?

 What is the cost option in Exchange connectors? What is the cost option in Exchange
connectors? If you add a cost from 1 through 100 to any Exchange Server connector’s
Address Space tab, any messages that use that connector take the new cost into
consideration when e-mail is routed.
• Routing group connector
The routing group connector is the recommended connector for connecting routing groups that
are in the same Exchange organization. This connector uses SMTP to transfer messages to other
servers running Exchange Server 2003. The routing group connector can only be used to connect
routing groups.
• SMTP connector
The SMTP connector establishes a messaging route between two routing groups or between a
routing group and a non-Exchange SMTP host. Although the routing group connector and the
SMTP connector use SMTP as the transport protocol, the SMTP connector provides additional
functionality in that it can be used to connect an Exchange organization with any SMTP server.
• X.400 connector
The X.400 connector establishes an X.400 messaging route between two routing groups or
between a routing group and an X.400 system. Like the routing group connector and the
SMTP connector, an X.400 connector can be used to link Exchange routing groups. Generally,
X.400 connectors are used only when connecting to other X.400 messaging systems.
Exchange Server 2003 supports the following optional connectors that you can use to connect the
organization to non-Exchange messaging systems:
• Exchange Calendar Connector
Exchange Calendar Connector is used for exchanging free/busy information between an

Exchange organization and a Lotus Notes or Novell GroupWise messaging system.
• Exchange Connector for Lotus Notes
• Exchange Connector for Novell GroupWise
Routing cost typically ranges from 1 through 99. The default is 1. If the cost of a route is set to 1,
other routes are used only if that route does not work. If the cost of a route is set to 100, that
route is used only when all other routes does not work.
Lowest cost has Highest priority.
What is the Link State Table? How would you view it?
Every Exchange server maintains its own routing table, called the link state table, dynamically in
memory, based on Active Directory and link state information, as follows:
• Routing-related Active Directory information. This information is stored in attributes
of the organization object, routing group objects, connector objects, and
server objects. These objects reside in the configuration directory partition and define the routing
topology of the entire Exchange organization.
• Link state information This information specifies whether each connector in the
routing topology is available (up) or unavailable (down). Link state information is
dynamic and might change when a connector experiences transfer problems or when transfer
issues are resolved.
View Link state table
you can use to view Link state table in Exchange Server 2000/2003 WinRoute tool
(Winroute.exe)
 How would you configure mail transfer security between 2 routing groups?
To configure security setting in routing group get a certificate from the CA you install it on the
IIS server which runs on Microsoft Exchange Server 2003. The certificate can also be used for
secure Web Outlook session. Once you successfully install the TLS\SSL certificate, you can
precede with TLS configuration on the Exchange 2003 SMTP server
What is the Routing Group Master? Who holds that role?
When you create a routing group, the first server in that routing group is assigned the role of
routing group master.
The routing group master keeps track of the link state information and propagates it to the other
servers in the routing group, and other servers communicate back any changes in link state.
For example, if a member server tries to contact another server over a connector, and this link is
unavailable, the member server immediately notifies the routing group master.
Likewise, when a non-master receives new link state information, it immediately transfers the
link state information to the master, so that other servers can receive the information about the
routing change
 What is DS2MB?
Metabase update service, also referred to as the directory service/metabase synchronization

process, or DS2MB (because this process is implemented in DS2MB.dll) is a component in
Exchange Server 2003 that is used to synchronize several Exchange configuration settings in
Active Directory with counterpart settings in the IIS metabase. The function of DS2MB is to
replicate configuration information from Active Directory to the local IIS metabase.
==============================================
DS2MB is short for Directory Service to Metabase and the purpose of this process is to transfer
configuration information from Active Directory to the IIS Metabase. The
configuration is stored in the IIS Metabase instead of the registry mainly for performance and
scalability reasons. The DS2MB process is a one-way write from Active Directory to the IIS
Metabase, which means that the Metabase never writes back to Active Directory
 What is Forms Based Authentication?
Exchange Server 2003 has greatly improved the Outlook Web Access (or OWA for short)
experience when compared to older Exchange versions. Instead of entering the username and
password in an annoying pop-up screen, when configured with Forms-Based Authentication (or
FBA for short), OWA will display a logon screen that enables the user to select various options
and get a generally better look for the logon process.
 How would you configure OWA’s settings on an Exchange server?

http://www.petri.co.il/configuring_forms_based_authentication_in_exchange_2003.htm
Ø What is DSACCESS?
It is a exchange process to communicate with AD
DSACCESS: Means also communicate with Acdive Directory in Exchange Server
DSAccess implements a directory access cache that stores recently accessed information for a
configurable length of time. This reduces the number of queries made to global catalog servers
Its very simple answer is that when exchenge clients send request to access his/her mailbox ,that
time exchange sent cliets request for authentication to dc and for this it maintains a dsaccess
profile in which it maintains the name of DC and GC server and according to this profile it
sends authentication request to clients nearest dc means dsaccess is a process which works as
bridge between exchnage server and dc to pass AD releated query from exchange server to
Domain controller.
Ø What are Recipient Policies?
When you install Exchange for the first time, it determines the format of the SMTP address
you’ll want for your users based on your organization name and the DNS name of your
domain. It places the result into an Active Directory object called a Recipient Policy
A recipient policy that manages e-mail addresses has the following characteristics:
• It applies to a selected group of recipients.
• It always contains information about the address types that are to be applied to those
recipients.
• It is given a priority, so that administrators can control which address is applied as the
primary address to a recipient that may appear in more than one policy
 What is the RUS?
RUS (Recipient Update Service) is responsible for making updates to e-mail addresses, and it
does this based on recipient policy changes. These updates are made at a specific interval that is
defined for the service. You can view the update interval and modify it as necessary.
RUS works hand in hand with GAL (Global Address List). Together they generate the list of
addresses that users see in Outlook. I think of Exchange 2003′s RUS as a little engine which
runs an LDAP query, the results are to build or update the Users’ property sheets and the
Address Lists.
Here is a list of the jobs that RUS performs:
- Updates proxyAddresses attribute controlled by recipient policies.
- Initializes the homeMDB, homeMTA and msExchHomeServerName attributes. Also the

legacyExchangeDN and msExchMailboxGUID if appropriate.
- Sets the showInAddressBook (or hideDLMembership).
- Sets the ACL on the Microsoft Exchange System Objects (Check with ADSI Edit)
- Populates the group called Exchange Enterprise Servers in Active Directory.
Ø How can you create multiple GALs and allow the users to only see the one related to
them?
This step-by-step article describes how to create Global Address Lists and how to set security
levels on the Global Address Lists so only specific groups can view them.
When you use Exchange 2003 in a hosting environment, you must create multiple Global
Address Lists. The address lists typically have different user accounts listed in them based on the
Lightweight Directory Access Protocol (LDAP) filter that you create. By default, all the users in
the Exchange 2003 organization can view all the defined Global Address Lists. This may not be
acceptable in some situations; for example, it would not be acceptable at a company that that
serves as an e-mail host for other companies. However, you can restrict access to a particular set
of users for specific address lists.
For more step by step guide, look into
http://web.archive.org/web/20041121012214/http://support.microsoft.com/default.aspx?kbid=82
2940
Ø What is a Front End server? In what scenarios would you use one?
A fornt-end server is a server which is for load balancing / user security purpose. this server
doesnot hold any mailbox stores or public folders. using this fornt-end server we can increase
limitation ie.firewall, where other than users or admins cannot handle mailbox stores since these
mailbox store are kept in back-end servers.
front-end servers handles in coming client connections. in large org. front-end servers simplifies
admins with UNIFIED NAMESPACE, FIREWALL, AND REDUCED OVERHEAD SSL.
Microsoft® Exchange Server 2003 and Microsoft Exchange 2000 Server support using a server
architecture that distributes server tasks among front-end and back-end servers. In this
architecture, a front-end server accepts requests from clients and proxies them to the appropriate
back-end server for processing.
Ø What type of authentication is used on the front end servers?
1. Basic Authendication
2. NTLM Authendication
Ø When would you use NLB?
NLB is used for network load Balancing when there is a heavy information flow and network
traffic. I can also be useful for applications which interact with users or database.
like Oracle, SQL, Exchange, etc.
A single computer running Windows can provide a limited level of server reliability and scalable
performance. However, by combining the resources of two or more computers running one of the
products in the Windows Server 2003 family into a single cluster, Network Load Balancing can
deliver the reliability and performance that Web servers and other
mission-critical servers need.
 How would you achieve incoming mail redundancy?
One can configure two routing group connector with different cost. Lets say primary with 10 and
secondary RGC with 20 and both are pointing to different bridgehead servers. We can then setup
a rule in smart host that if primary bridgehead server ip not reposing, start delivering emails to
secondary bridgehead server.
==========================================
There is an option in the mailbox store of the first routing group in the server that contains the
mail box of a user. Drill down till the sorage group, right click and
select properties, in general tab, you can find “Archive all messages sent or received by
mailboxes on this store. create a mail box enabled account called “master” (or anything you may
like ) and select the account by browsing the accounts. so that user collects all the sent and
received mails thrugh this store. Create a outlook account in a seperate machine for the user and
bingo … u have all the mails.
 What are the 4 types of Exchange backups?
1.normal
2.copy
3.incremental
4.differential
5.daily
 What is the Dial-Tone server scenario?
See if a Database gets corrupt and if it is large, it would take hours to restore it and this would
mean downtime. WIth Dial Tone recovery method what you do is, create an empty Database, for
mails flow to continue and in the meantime use RSG to recover DB from backup. Once recovery
is done, you merge recovered DB and new DB into one, this means no mail is lost.
For more info, see http://www.msexchange.org/tutorials/Exchange-Dial-tone-Restore-Method-
Part1.html
 When would you use offline backup?
OFFLINE BACKUP is simply flat file copy of the .edb and .stm file {database]
its taken when your stores are down and you have no other option except for hard repair to get
the database clean
 How do you re-install Exchange on a server that has crashed but with AD intact?
If you have multiple DCs then you can reinstall it using the disaster recovery switch. This will
pullup the information from AD and reinstall it the way it was before after that you will have to
restore the back up
If this was the only DC+Exchange Server than you will have to restore from backup (SYStem
state bakcup) .
 What are the e00xxxxx.log files?
E#######.log are the secondary transaction logs. They are number sequentially starting with
E0000001.log using the hexadecimal numbering format and are 5MB in size.
E##.log is the current transaction log for the database. Once the log file reaches 5MB in size it is
renamed E#######.log and a new E##.log is created. As with the checkpoint file the ##
represents the Storage Group identifier. While the new E##.log file is being created you will see
a file called Edbtmp.log which is a template for Exchange server log files.
 What is the e00.chk file?
The E##.chk file maintains the checkpoint for the Storage Group. The ## represents the Storage
Group number with the First Storage Group file called E00.chk. This checkpoint file keeps track
of the last committed transaction. If you are ever forced to perform a recovery, this file contains
the point at which the replaying of transaction logs starts.
 What is circular logging? When would you use it?
In order to understand Circular logging, perhaps it is best to understand Exchange server

Transaction logs in general.
Exchange uses transaction logs to add information such as e-mails, users and changes to the
relevant database files on the disk of your Exchange server. In a default Exchange installation
you will find them in the C:\program files\exchsrvr\mdbdata folder (they look like EBD.log
and Edb0xxxxx.log), the other files in that folder are typically the Priv1.edb/Pub1.edb and
Priv1.stm/Pub.stm files (Exchange Database and Streaming file plus the equivalent public folder
databases) and an Edb.chk (checkpoint) file – more on this later.
The most recent transactions (data changes) are held in the Edb.log file when this file reaches
around 5 MB in size another file called Edbtmp.log is created which temporarily takes over from
the Edb.log accepting new changes to the database whilst the Edb.log is renamed to
Edb00001.log.
After the Edb.log file has been renamed, the Edbtmp.log is renamed to Edb.log and then the
process continues at every 5 Mb interval. – got that? – nope clear as mud I guess, think of it this
way – when the Edb.log file gets to 5 MB another file comes in that takes over from it, whilst
Edb.log gets a new name, then the interim file becomes the new Edb.log.
Exchange uses a process which is called “read ahead” transaction logs, this means that each
transaction is placed within the log, the database cache and then into the relevant database itself.
When the operation is written to the database the checkpoint (Edb.chk) is incremented which
signals the position in the log files where the database is in a consistent (or clean) state – more on
that in a minute.
This means that any amount of your transaction logs can be considered either active (not
committed) or inactive (committed), if for any reason the store service is terminated (crash,
power cut etc) Exchange will automatically recover the next time the server starts – this happens
by Exchange “rolling forward” all of the transactions in the logs which bring us up to the marker
in the checkpoint file (Edb.chk).
Logs will continue to be created until a full online backup of Exchange has been completed
(using NTBackup or another vendors product) where the process of backing up will commit all
transactions to the database in the log files, and then flush (delete) the files and then the system is
ready to start again. It is at this point that I will say that UNDER NO CIRCUMSTANCES
SHOULD YOU EVER MANUALLY DELETE THE TRANSACTION LOGS it is possible
to identify unused logs – but – it is much easier to allow a backup product to do it for you.
Ok, I hear you ask, but what is Circular Logging?, well when Circular logging is enabled
Exchange behaves in exactly the same way – but the key difference is when the checkpoint file is
incremented the inactive part of the transaction log is overwritten by new transactions (rather
than a new log being created). Now this in some aspects is Ok as you are still fairly protected in
regard to hardware and software failures, but, you are not protected against media failures.
It is still possible to see more than one transaction log in the directory (for example if a large
number of large sized mails are being sent – each log can only be 5 MB so if a 6 MB mail is sent
that will produce an additional log) – and again these logs will not be cleared until a full online
backup is completed. However generally speaking when Circular logging is enabled less log files
are created.
Consistencies;
If a database has not closed down gracefully it is said to be inconsistent. When this happens the
database believes that it is still in communication with the transaction logs, however not all of
the information from the logs may not have been committed to the database.
When the Database next starts up this situation is noticed, and the STORE process will attempted
to commit the missing data from the logs (this is called replaying). If however the some logs that
are required are missing the Database will not mount, and you will be left in the situation of
having to use ESEUTIL to recover the database or return to a recent backup where the database
was consistent (this is beyond the scope of this article – but I will cover it at some point).
Summary;
Circular logging may at first glances seem like a bad idea, but it does have its uses in some
Exchange environments – for example Front-End Servers (where there is no mailbox data) and
relay servers (again no mailboxes) can make great use of it – however, for Database servers it is
essential that Circular logging is not used as it will put you in the position of not having full
control over your restoration processes.
 What’s the difference between online and offline defrag?
Online defrag is an automated process which runs daily. The process rearranges mailbox store
and public folder store data more efficiently, eliminating unused storage space. Online
defragmentation makes additional database space available by detecting and removing database
objects that are no longer being used. The defragmentation process provides more database space
without actually changing the file size of the database.
http://www.petri.co.il/defragment_exchange_2000_2003_server_databases.htm
Offline drag is a more complicated process. It compacts the exchange database and shrink to its
right size. It is a time consuming process too. You usually do it when your exchange database is
growing to its limits.
http://searchexchange.techtarget.com/tip/0,289483,sid43_gci1086459,00.html
http://www.msexchange.org/tutorials/Defragmenting-Exchange-Database.html
 How would you know if it is time to perform an offline defrag of your Exchange
stores?
You need to do offline defrag only when needed.. in some issue like the database size limit
exceeding to the max. when you do offline defrag.. it cleans up the white space on the database
and hence helps to create large amount of space… this takes a very long time and runs at a speed
of 4-5GB /hr
 How would you monitor Exchange’s services and performance? Name 2 or 3

options.
Exchange Monitor 2003 Tool

SolarWind Exchange Monitor Tool
 What is Direct Push? What are the requirements to run it?
Direct Push provides end-users by providing close to real over the air (OTA) push technology.
The DirectPush technology keeps your mobile device up-to-date by delivering e-mail, Calendar,
Contacts and Tasks directly to your device, allowing you to react quickly to changes in your
mailbox. AUTD v1 did the same thing but DirectPush offers several benefits.
The cool thing about the DirectPush technology is that it maintains an HTTPS connection
between the Exchange server and the mobile device, a session which is kept alive by using
heartbeats. This way the Exchange server can notify a mobile device whether or not there’s a
change in the associated mailbox, and if a change occurs in the mailbox, the server can initiate a
synchronization. Since the device keeps an open session to the Exchange server, some of you
might think this could become rather expensive. But fear not because the device simply sits there
and waits for a response, it doesn’t send or receive any data when it’s in this pending state. Said
in another way, no data will travel over the wire, unless a change is detected in the mailbox, or
the heartbeat expires.
http://www.msexchange.org/tutorials/Exchange-2003-Mobile-Messaging-Part1-Microsoft-
DirectPush-technology.html
Requirements:
Server-side
As the DirectPush feature is a new technology included in Exchange 2003 SP2, it’s required
that you apply Exchange 2003 SP2 at least on the Exchange 2003 front-end servers in your
organization. Note that I say front-end servers, because your back-end servers can run anything
from Exchange 2003 RTM, SP1 to SP2 as long as you have one or more front-end servers with
SP2 applied. But although DirectPush doesn’t require it, I still recommended you upgrade the
back-end servers to SP2 as well, not because you will gain any advantage out of doing so when it
comes to the DirectPush technology, but because the service pack is packed with new great
features and improvements as well as a lot of bug fixes. You can read more about the stuff
included in Exchange 2003 SP2 in a previous article of mine.
Note:
In addition to the above requirements it’s highly recommended you adjust the time-out values for
HTTPS connection in your firewall (more on this later in the article).
Client Side:
Another requirement in order to make use of the DirectPush technology is that the mobile
devices need to run Windows Mobile 5.0. In addition the devices need to have the Messaging
and Security Feature Pack (MSFP) installed. Although Microsoft shipped firmware that included
the MSFP to mobile device manufactures back in October 2005, new firmware releases with the
MSFP included have been heavily delayed. But March 2006 seemed to be the month where
things started to kick off. Both i-mate and Qtek as well as Orange have finally released new
firmware updates with the MSFP included, although so far only for their newer models.
Note:
The Messaging and Security Feature Pack (MSFP) is also known as the Adaption Kit Update 2
(AKU2)
 What are the issues with connecting Outlook from a remote computer to your
mailbox?
To connect Outlook from remote computer, you can have several issues depending on how you
are connected to the exchange server. You have to be specific with your setup.
Some issues could be,

1. Network connectivity – The remote computer must be able to communicate with the exchange
server
2. Password Issues – If using RPC over HTTP, the system keeps prompting for the User
password.
 What is RPC over HTTP? What are the requirements to run it?
RPC over HTTP/S is a cool method for connecting your Outlook 2003 client to the corporate
Exchange Server 2003 from the Internet or WAN, without the need to establish a VPN session to
the corporate LAN and/or needing to open many ports on your corporate firewall. The only ports
you’ll need to open on your firewall are TCP 80 and, if using SSL, TCP 443.
In the past remote users where forced to use a VPN to connect Outlook to the corporate
Exchange servers or be forced to use the limited features available in Outlook Web Access. With
the release of Exchange 2003 and Outlook 2003 a new connectivity option was introduced: RPC
over HTTPS. RPC over HTTPS tunnels remote procedure calls through an HTTPS connection
allowing you to connect to the Exchange server when outside the corporate LAN without
needing to establish a VPN connection. To understand how to troubleshoot issues, you need to
be aware of what is going on when an RPC connection is made.
Server requirements
RPC over HTTP/S requires Windows Server 2003 and Exchange Server 2003. RPC over
HTTP/S also requires Windows Server 2003 in a Global Catalog role.
Client requirements
 The client computer must be running Microsoft Windows XP Professional Service Pack 1
(SP1) or later.
 What is S/MIME? What are the usage scenarios for S/MIME?
S/MIME: Secure/Multipurpose Internet Mail Extensions. S/MIME provides Digital Signatures

and Message Encryption, as SMTP is inherently not secure.
Please Refer: http://technet.microsoft.com/en-us/library/aa995740(EXCHG.65).aspx
 How do you enable SSL on OWA?

Outlook Web Access (or OWA for short) is one of Exchange Server’s best features, allowing
you to connect to your corporate mailbox from virtually any spot on earth as long as you have an
Internet connection and a decent web browser.
You can read more about OWA in the featured links at the bottom of this article.
OWA transmits traffic to and from the web browser in HTTP (based upon TCP, port 80) and in
clear text, meaning that anyone could potentially “listen” to your talk and grab frames and
valuable information from the net.
To secure the transmission of information between Exchange Server 2003 and Outlook Web
Access clients, you can encrypt the information being transmitted by using SSL (Secure Sockets
Layer).
For step by step Guide, Follow this link
http://www.petri.co.il/configure_ssl_on_owa.htm
What do you need to consider when using a client-type AV software on an Exchange

server?
First thing, make sure your anti-virus is exchange aware or just exclude the databases from the
real-time scan.
You need to make sure that it doesn’t scan any of the following:
1. EXCHSRV folder
2. INETSRV
3. INETPUB
 What are the different clustering options in Exchange 2003? Which one would you
choose and why.
Windows Clustering technologies can help you achieve scalability, availability, reliability, and
fault tolerance for your Exchange 2003 organization. A cluster consists of individual computers
(also called nodes) that function cohesively in a Cluster service. These computers act as network
service providers or as reserve computers that assume the responsibilities of failed nodes.
Depending on how you configure your cluster, clustering can simplify the process of recovering
a single server from disasters.
In a clustering environment, Exchange runs as a virtual server (not as a stand-alone server)

because any node in a cluster can assume control of a virtual server. If the node running the EVS
experiences problems, the EVS goes offline for a brief period until another node takes control of
the EVS. All recommendations for Exchange clustering are for active/passive configurations. For
information about active/passive and active/active cluster configurations, see “Cluster
Configurations” later in this topic.
A recommended configuration for your Exchange 2003 cluster is a four-node cluster comprised
of three active nodes and one passive node. Each of the active nodes contains one EVS. This
configuration is cost-effective because it allows you to run three active Exchange servers, while
maintaining the failover security provided by one passive server.
To create Exchange 2003 clusters, you must use Windows Clustering.

Windows Clustering is a feature of Windows Server 2003, Enterprise Edition and Windows
Server 2003, Datacenter Edition. The Windows Cluster service controls all aspects of Windows
Clustering.
When you run Exchange 2003 Setup on a Windows Server 2003 cluster node, the cluster-aware
version of Exchange is automatically installed.
Leave a Comment
Technical Interview Questions (Part 2/3) ACTIVE DIRECTORY]

~!~
ACTIVE DIRECTORY]
 What is Active Directory?
An active directory is a directory structure used on Microsoft Windows based computers and
servers to store information and data about networks and domains. It is primarily used for online
information and was originally created in 1996. It was first used with Windows 2000.
An active directory (sometimes referred to as an AD) does a variety of functions including the
ability to rovide information on objects, helps organize these objects for easy retrieval and
access, allows access by end users and administrators and allows the administrator to set security
up for the directory.
Active Directory is a hierarchical collection of network resources that can contain users,
computers, printers, and other Active Directories. Active Directory Services (ADS) allow
administrators to handle and maintain all network resources from a single location . Active
Directory stores information and settings in a central database
 What is LDAP?
The Lightweight Directory Access Protocol, or LDAP , is an application protocol for querying
and modifying directory services running over TCP/IP. Although not yet widely implemented,
LDAP should eventually make it possible for almost any application running on virtually any
computer platform to obtain directory information, such as email addresses and public keys.
Because LDAP is an open protocol, applications need not worry about the type of server hosting
the directory.
 Can you connect Active Directory to other 3rd-party Directory Services? Name a
few options.
-Yes you can connect other vendors Directory Services with Microsoft’s version.
-Yes, you can use dirXML or LDAP to connect to other directories (ie. E-directory from Novell
or NDS (Novel directory System).
-Yes you can Connect Active Directory to other 3rd -party Directory Services such as dictonaries
used by SAP, Domino etc with the help of MIIS ( Microsoft Identity Integration Server )
 Where is the AD database held? What other folders are related to AD?
AD Database is saved in %systemroot%/ntds. You can see other files also in this folder. These
are the main files controlling the AD structure
ntds.dit
edb.log
res1.log
res2.log
edb.chk
When a change is made to the Win2K database, triggering a write operation, Win2K records the
transaction in the log file (edb.log). Once written to the log file, the change is then written to the
AD database. System performance determines how fast the system writes the data to the AD
database from the log file. Any time the system is shut down, all transactions are saved to the
database.
During the installation of AD, Windows creates two files: res1.log and res2.log. The initial size
of each is 10MB. These files are used to ensure that changes can be written to disk should the
system run out of free disk space. The checkpoint file (edb.chk) records transactions committed
to the AD database (ntds.dit). During shutdown, a “shutdown” statement is written to the edb.chk
file. Then, during a reboot, AD determines that all transactions in the edb.log file have been
committed to the AD database. If, for some reason, the edb.chk file doesn’t exist on reboot or the
shutdown statement isn’t present, AD will use the edb.log file to update the AD database.
The last file in our list of files to know is the AD database itself, ntds.dit. By default, the file is
located in\NTDS, along with the other files we’ve discussed
 What is the SYSVOL folder?

- All active directory data base security related information store in SYSVOL folder and its only
created on NTFS partition.
- The Sysvol folder on a Windows domain controller is used to replicate file-based data among
domain controllers. Because junctions are used within the Sysvol folder structure, Windows NT
file system (NTFS) version 5.0 is required on domain controllers throughout a Windows
distributed file system (DFS) forest.
This is a quote from microsoft themselves, basically the domain controller info stored in files
like your group policy stuff is replicated through this folder structure
 Name the AD NCs and replication issues for each NC
*Schema NC, *Configuration NC, Domain NC

Schema NC This NC is replicated to every other domain controller in the forest. It contains
information about the Active Directory schema, which in turn defines the different object classes
and attributes within Active Directory.
Configuration NC Also replicated to every other DC in the forest, this NC contains forest-wide
configuration information pertaining to the physical layout of Active Directory, as well as
information about display specifiers and forest-wide Active Directory quotas.
Domain NC This NC is replicated to every other DC within a single Active Directory domain.
This is the NC that contains the most commonly-accessed Active Directory data: the actual
users, groups, computers, and other objects that reside within a particular Active Directory
domain.
 What are application partitions? When do I use them
Application directory partitions: These are specific to Windows Server 2003 domains.
An application directory partition is a directory partition that is replicated only to specific
domain controllers. A domain controller that participates in the replication of a particular
application directory partition hosts a replica of that partition. Only Domain controllers running
Windows Server 2003 can host a replica of an application directory partition.
 How do you create a new application partition
http://wiki.answers.com/Q/How_do_you_create_a_new_application_partition
 How do you view replication properties for AD partitions and DCs?
By using replication monitor
go to start > run > type replmon
 What is the Global Catalog?

The global catalog contains a complete replica of all objects in Active Directory for its Host
domain, and contains a partial replica of all objects in Active Directory for every other domain in
the forest.
The global catalog is a distributed data repository that contains a searchable, partial
representation of every object in every domain in a multidomain Active Directory forest. The
global catalog is stored on domain controllers that have been designated as global catalog servers
and is distributed through multimaster replication. Searches that are directed to the global catalog
are faster because they do not involve referrals to different domain controllers.
In addition to configuration and schema directory partition replicas, every domain controller in a
Windows 2000 Server or Windows Server 2003 forest stores a full, writable replica of a single
domain directory partition. Therefore, a domain controller can locate only the objects in its
domain. Locating an object in a different domain would require the user or application to provide
the domain of the requested object.
The global catalog provides the ability to locate objects from any domain without having to
know the domain name. A global catalog server is a domain controller that, in addition to its full,
writable domain directory partition replica, also stores a partial, read-only replica of all other
domain directory partitions in the forest. The additional domain directory partitions are partial
because only a limited set of attributes is included for each object. By including only the
attributes that are most used for searching, every object in every domain in even the largest forest
can be represented in the database of a single global catalog server.
 How do you view all the GCs in the forest?
C:\>repadmin/showreps
domain_controller
OR
You can use Replmon.exe for the same purpose.
OR
AD Sites and Services and nslookup gc._msdcs.%USERDNSDOMAIN%
 Why not make all DCs in a large forest as GCs?
The reason that all DCs are not GCs to start is that in large (or even Giant) forests the DCs would
all have to hold a reference to every object in the entire forest which could be quite large and
quite a replication burden.
For a few hundred, or a few thousand users even, this not likely to matter unless you have really
poor WAN lines.
 Trying to look at the Schema, how can I do that?
adsiedit.exe
option to view the schema
register schmmgmt.dll using this command
c:\windows\system32>regsvr32 schmmgmt.dll
Open mmc –> add snapin –> add Active directory schema
name it as schema.msc
Open administrative tool –> schema.msc
 What are the Support Tools? Why do I need them?
Support Tools are the tools that are used for performing the complicated tasks easily. These can
also be the third party tools. Some of the Support tools include DebugViewer,
DependencyViewer, RegistryMonitor, etc. -edit by Casquehead I beleive this question is
reffering to the Windows Server 2003 Support Tools, which are included with Microsoft
Windows Server 2003 Service Pack 2. They are also available for download here:
http://www.microsoft.com/downloads/details.aspx?familyid=96A35011-FD83-419D-939B-
A772EA2DF90&displaylang=en
You need them because you cannot properly manage an Active Directory network without them.
Here they are, it would do you well to familiarize yourself with all of them.
Acldiag.exe
Adsiedit.msc
Bitsadmin.exe
Dcdiag.exe
Dfsutil.exe
Dnslint.exe
Dsacls.exe
Iadstools.dll
Ktpass.exe
Ldp.exe
Netdiag.exe
Netdom.exe
Ntfrsutl.exe
Portqry.exe
Repadmin.exe
Replmon.exe
Setspn.exe
> What is REPLMON? What is ADSIEDIT? What is NETDOM? What is REPADMIN?

ADSIEdit is a Microsoft Management Console (MMC) snap-in that acts as a low-level editor for
Active Directory. It is a Graphical User Interface (GUI) tool. Network administrators can use it
for common administrative tasks such as adding, deleting, and moving objects with a directory
service. The attributes for each object can be edited or deleted by using this tool. ADSIEdit uses
the ADSI application programming interfaces (APIs) to access Active Directory. The following
are the required files for using this tool:
· ADSIEDIT.DLL
· ADSIEDIT.MSC
Regarding system requirements, a connection to an Active Directory environment and Microsoft

Management Console (MMC) is necessary
A: Replmon is the first tool you should use when troubleshooting Active Directory replication
issues. As it is a graphical tool, replication issues are easy to see and somewhat easier to
diagnose than using its command line counterparts. The purpose of this document is to guide you
in how to use it, list some common replication errors and show some examples of when
replication issues can stop other network installation actions.
for more go to http://www.techtutorials.net/articles/replmon_howto_a.html
NETDOM is a command-line tool that allows management of Windows domains and trust
relationships. It is used for batch management of trusts, joining computers to domains, verifying
trusts, and secure channels
A:
Enables administrators to manage Active Directory domains and trust relationships from the
command prompt.
Netdom is a command-line tool that is built into Windows Server 2008. It is available if you
have the Active Directory Domain Services (AD DS) server role installed. To use netdom, you
must run the netdom command from an elevated command prompt. To open an elevated
command prompt, click Start, right-click Command Prompt, and then click Run as
administrator.
REPADMIN.EXE is a command line tool used to monitor and troubleshoot replication on a

computer running Windows. This is a command line tool that allows you to view the replication
topology as seen from the perspective of each domain controller.
REPADMIN is a built-in Windows diagnostic command-line utility that works at the Active
Directory level. Although specific to Windows, it is also useful for diagnosing some Exchange
replication problems, since Exchange Server is Active Directory based.
REPADMIN doesn’t actually fix replication problems for you. But, you can use it to help
determine the source of a malfunction.
 What are sites? What are they used for?
Active directory sites, which consist of well-connected networks defined by IP subnets that help
define the physical structure of your AD, give you much better control over replication traffic
and authentication traffic than the control you get with Windows NT 4.0 domains.
Using Active Directory, the network and its objects are organized by constructs such as domains,
trees, forests, trust relationships, organizational units (OUs), and sites.
 What’s the difference between a site link’s schedule and interval?
Schedule enables you to list weekdays or hours when the site link is available for replication to
happen in the give interval. Interval is the re occurrence of the inter site replication in given
minutes. It ranges from 15 – 10,080 mins. The default interval is 180 mins.
 What is the KCC?
The KCC is a built-in process that runs on all domain controllers and generates replication
topology for the Active Directory forest. The KCC creates separate replication topologies
depending on whether replication is occurring within a site (intrasite) or between sites (intersite).
The KCC also dynamically adjusts the topology to accommodate new domain controllers,
domain controllers moved to and from sites, changing costs and schedules, and domain
controllers that are temporarily unavailable.
 What is the ISTG? Who has that role by default?
Intersite Topology Generator (ISTG), which is responsible for the connections among the sites.
By default Windows 2003 Forest level functionality has this role. By Default the first Server has
this role. If that server can no longer preform this role then the next server with the highest
GUID then takes over the role of ISTG.

What are the requirements for installing AD on a new server?
· An NTFS partition with enough free space (250MB minimum)
· An Administrator’s username and password
· The correct operating system version
· A NIC
· Properly configured TCP/IP (IP address, subnet mask and – optional – default gateway)
· A network connection (to a hub or to another computer via a crossover cable)
· An operational DNS server (which can be installed on the DC itself)
· A Domain name that you want to use
· The Windows 2000 or Windows Server 2003 CD media (or at least the i386 folder)
From the Petri IT Knowledge base. For more info, follow this link:
http://www.petri.co.il/active_directory_installation_requirements.htm
 What can you do to promote a server to DC if you’re in a remote location with slow
WAN link?
First available in Windows 2003, you will create a copy of the system state from an existing DC
and copy it to the new remote server. Run “Dcpromo /adv”. You will be prompted for the
location of the system state files
 How can you forcibly remove AD from a server, and what do you do later? • Can I
get user passwords from the AD database?
Demote the server using dcpromo /forceremoval, then remove the metadata from Active
directory using ndtsutil. There is no way to get user passwords from AD that I am aware of, but
you should still be able to change them.
Another way out too
Restart the DC is DSRM mode
a. Locate the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions
b. In the right-pane, double-click ProductType.
c. Type ServerNT in the Value data box, and then click OK.
Restart the server in normal mode
its a member server now but AD entries are still there. Promote teh server to a fake domain say
ABC.com and then remove gracefully using DCpromo. Else after restart you can also use
ntdsutil to do metadata as told in teh earlier post
 What tool would I use to try to grab security related packets from the wire?
you must use sniffer-detecting tools to help stop the snoops. … A good packet sniffer would be
“ethereal”
www.ethereal.com
 Name some OU design considerations ?
OU design requires balancing requirements for delegating administrative rights – independent of

Group Policy needs – and the need to scope the application of Group Policy. The following OU
design recommendations address delegation and scope issues:
Applying Group Policy An OU is the lowest-level Active Directory container to which you can
assign Group Policy settings.
Delegating administrative authority
usually don’t go more than 3 OU levels
 What is tombstone lifetime attribute?
The number of days before a deleted object is removed from the directory services. This assists
in removing objects from replicated servers and preventing restores from reintroducing a deleted
object. This value is in the Directory Service object in the configuration NIC by default 2000 (60
days) 2003 (180 days)

What do you do to install a new Windows 2003 DC in a Windows 2000 AD?
If you plan to install windows 2003 server domain controllers into an existing windows 2000
domain or upgrade a windows 2000 domain controllers to windows server 2003, you first need to
run the Adprep.exe utility on the windows 2000 domain controllers currently holding the schema
master and infrastructure master roles. The adprep / forestprer command must first be issued on
the windows 2000 server holding schema master role in the forest root doman to prepare the
existing schema to support windows 2003 active directory. The adprep /domainprep command
must be issued on the sever holding the infrastructure master role in the domain where 2000
server will be deployed.
 What do you do to install a new Windows 2003 R2 DC in a Windows 2003 AD?
A. If you’re installing Windows 2003 R2 on an existing Windows 2003 server with SP1
installed, you require only the second R2 CD-ROM. Insert the second CD and the r2auto.exe will
display the Windows 2003 R2 Continue Setup screen.
If you’re installing R2 on a domain controller (DC), you must first upgrade the schema to the R2
version (this is a minor change and mostly related to the new Dfs replication engine). To update
the schema, run the Adprep utility, which you’ll find in the Cmpnents\r2\adprep folder on the
second CD-ROM. Before running this command, ensure all DCs are running Windows 2003 or
Windows 2000 with SP2 (or later)
 How would you find all users that have not logged on since last month?
http://wiki.answers.com/Q/How_would_you_find_all_users_that_have_not_logged_on_s
ince_last_month
 What are the DScommands?
New DS (Directory Service) Family of built-in command line utilities for Windows Server 2003
Active Directory
New DS built-in tools for Windows Server 2003

The DS (Directory Service) group of commands are split into two families. In one branch are
DSadd, DSmod, DSrm and DSMove and in the other branch are DSQuery and DSGet.
When it comes to choosing a scripting tool for Active Directory objects, you really are spoilt for
choice. The the DS family of built-in command line executables offer alternative strategies to
CSVDE, LDIFDE and VBScript.
Let me introduce you to the members of the DS family:
DSadd – add Active Directory users and groups

DSmod – modify Active Directory objects
DSrm – to delete Active Directory objects
DSmove – to relocate objects
DSQuery – to find objects that match your query attributes
DSget – list the properties of an object
 What are the FSMO roles? Who has them by default? What happens when each one
fails?
FSMO stands for the Flexible single Master Operation
It has 5 Roles: -
 Schema Master:
The schema master domain controller controls all updates and modifications to the schema. Once
the Schema update is complete, it is replicated from the schema master to all other DCs in the
directory. To update the schema of a forest, you must have access to the schema master. There
can be only one schema master in the whole forest.
 Domain naming master:

The domain naming master domain controller controls the addition or removal of domains in the
forest. This DC is the only one that can add or remove a domain from the directory. It can also
add or remove cross references to domains in external directories. There can be only one domain
naming master in the whole forest.
 Infrastructure Master:
When an object in one domain is referenced by another object in another domain, it represents
the reference by the GUID, the SID (for references to security principals), and the DN of the
object being referenced. The infrastructure FSMO role holder is the DC responsible for updating
an object’s SID and distinguished name in a cross-domain object reference. At any one time,
there can be only one domain controller acting as the infrastructure master in each domain.
Note: The Infrastructure Master (IM) role should be held by a domain controller that is not a
Global Catalog server (GC). If the Infrastructure Master runs on a Global Catalog server it will
stop updating object information because it does not contain any references to objects that it does
not hold. This is because a Global Catalog server holds a partial replica of every object in the
forest. As a result, cross-domain object references in that domain will not be updated and a
warning to that effect will be logged on that DC’s event log. If all the domain controllers in a
domain also host the global catalog, all the domain controllers have the current data, and it is not
important which domain controller holds the infrastructure master role.
 Relative ID (RID) Master:
The RID master is responsible for processing RID pool requests from all domain controllers in a
particular domain. When a DC creates a security principal object such as a user or group, it
attaches a unique Security ID (SID) to the object. This SID consists of a domain SID (the same
for all SIDs created in a domain), and a relative ID (RID) that is unique for each security
principal SID created in a domain. Each DC in a domain is allocated a pool of RIDs that it is
allowed to assign to the security principals it creates. When a DC’s allocated RID pool falls
below a threshold, that DC issues a request for additional RIDs to the domain’s RID master. The
domain RID master responds to the request by retrieving RIDs from the domain’s unallocated
RID pool and assigns them to the pool of the requesting DC. At any one time, there can be only
one domain controller acting as the RID master in the domain.
 PDC Emulator:
The PDC emulator is necessary to synchronize time in an enterprise. Windows 2000/2003

includes the W32Time (Windows Time) time service that is required by the Kerberos
authentication protocol. All Windows 2000/2003-based computers within an enterprise use a
common time. The purpose of the time service is to ensure that the Windows Time service uses a
hierarchical relationship that controls authority and does not permit loops to ensure appropriate
common time usage.
The PDC emulator of a domain is authoritative for the domain. The PDC emulator at the root of
the forest becomes authoritative for the enterprise, and should be configured to gather the time
from an external source. All PDC FSMO role holders follow the hierarchy of domains in the
selection of their in-bound time partner.
:: In a Windows 2000/2003 domain, the PDC emulator role holder retains the following
functions:
:: Password changes performed by other DCs in the domain are replicated preferentially to the
PDC emulator.
Authentication failures that occur at a given DC in a domain because of an incorrect password

are forwarded to the PDC emulator before a bad password failure message is reported to the user.
Account lockout is processed on the PDC emulator.
Editing or creation of Group Policy Objects (GPO) is always done from the GPO copy found in
the PDC Emulator’s SYSVOL share, unless configured not to do so by the administrator.
The PDC emulator performs all of the functionality that a Microsoft Windows NT 4.0 Server-
based PDC or earlier PDC performs for Windows NT 4.0-based or earlier clients.
This part of the PDC emulator role becomes unnecessary when all workstations, member servers,
and domain controllers that are running Windows NT 4.0 or earlier are all upgraded to Windows
2000/2003. The PDC emulator still performs the other functions as described in a Windows
2000/2003 environment.
 What FSMO placement considerations do you know of?
Windows 2000/2003 Active Directory domains utilize a Single Operation Master method called
FSMO (Flexible Single Master Operation), as described in Understanding FSMO Roles in
Active Directory.
In most cases an administrator can keep the FSMO role holders (all 5 of them) in the same spot
(or actually, on the same DC) as has been configured by the Active Directory installation
process. However, there are scenarios where an administrator would want to move one or more
of the FSMO roles from the default holder DC to a different DC.
Windows Server 2003 Active Directory is a bit different than the Windows 2000 version when
dealing with FSMO placement. In this article I will only deal with Windows Server 2003 Active
Directory, but you should bear in mind that most considerations are also true when planning
Windows 2000 AD FSMO roles
 What’s the difference between transferring a FSMO role and seizing one? Which
one should you NOT seize? Why?
Certain domain and enterprise-wide operations that are not good for multi-master updates are
performed by a single domain controller in an Active Directory domain or forest. The domain
controllers that are assigned to perform these unique operations are called operations masters or
FSMO role holders.
The following list describes the 5 unique FSMO roles in an Active Directory forest and the
dependent operations that they perform:
 Schema master – The Schema master role is forest-wide and there is one for each forest.
This role is required to extend the schema of an Active Directory forest or to run the
adprep /domainprep command.
 Domain naming master – The Domain naming master role is forest-wide and there is one
for each forest. This role is required to add or remove domains or application partitions to
or from a forest.
 RID master – The RID master role is domain-wide and there is one for each domain. This
role is required to allocate the RID pool so that new or existing domain controllers can
create user accounts, computer accounts or security groups.
 PDC emulator – The PDC emulator role is domain-wide and there is one for each
domain. This role is required for the domain controller that sends database updates to
Windows NT backup domain controllers. The domain controller that owns this role is
also targeted by certain administration tools and updates to user account and computer
account passwords.
 Infrastructure master – The Infrastructure master role is domain-wide and there is one for
each domain. This role is required for domain controllers to run the adprep /forestprep
command successfully and to update SID attributes and distinguished name attributes for
objects that are referenced across domains.
The Active Directory Installation Wizard (Dcpromo.exe) assigns all 5 FSMO roles to the first
domain controller in the forest root domain. The first domain controller in each new child or tree
domain is assigned the three domain-wide roles. Domain controllers continue to own FSMO
roles until they are reassigned by using one of the following methods:
 An administrator reassigns the role by using a GUI administrative tool.

 An administrator reassigns the role by using the ntdsutil /roles command.
 An administrator gracefully demotes a role-holding domain controller by using the
Active Directory Installation Wizard. This wizard reassigns any locally-held roles to an
existing domain controller in the forest. Demotions that are performed by using the
dcpromo /forceremoval command leave FSMO roles in an invalid state until they are
reassigned by an administrator.
We recommend that you transfer FSMO roles in the following scenarios:
 The current role holder is operational and can be accessed on the network by the new
FSMO owner.
 You are gracefully demoting a domain controller that currently owns FSMO roles that
you want to assign to a specific domain controller in your Active Directory forest.
 The domain controller that currently owns FSMO roles is being taken offline for
scheduled maintenance and you need specific FSMO roles to be assigned to a “live”
domain controller. This may be required to perform operations that connect to the FSMO
owner. This would be especially true for the PDC Emulator role but less true for the RID
master role, the Domain naming master role and the Schema master roles.
We recommend that you seize FSMO roles in the following scenarios:
 The current role holder is experiencing an operational error that prevents an FSMO-
dependent operation from completing successfully and that role cannot be transferred.
 A domain controller that owns an FSMO role is force-demoted by using the dcpromo
/forceremoval command.
 The operating system on the computer that originally owned a specific role no longer
exists or has been reinstalled.
As replication occurs, non-FSMO domain controllers in the domain or forest gain full knowledge
of changes that are made by FSMO-holding domain controllers. If you must transfer a role, the
best candidate domain controller is one that is in the appropriate domain that last inbound-
replicated, or recently inbound-replicated a writable copy of the “FSMO partition” from the
existing role holder. For example, the Schema master role-holder has a distinguished name path
of CN=schema,CN=configuration,dc=<forest root domain>, and this mean that roles reside in
and are replicated as part of the CN=schema partition. If the domain controller that holds the
Schema master role experiences a hardware or software failure, a good candidate role-holder
would be a domain controller in the root domain and in the same Active Directory site as the
current owner. Domain controllers in the same Active Directory site perform inbound replication
every 5 minutes or 15 seconds.
A domain controller whose FSMO roles have been seized should not be permitted to
communicate with existing domain controllers in the forest. In this scenario, you should either
format the hard disk and reinstall the operating system on such domain controllers or forcibly
demote such domain controllers on a private network and then remove their metadata on a
surviving domain controller in the forest by using the ntdsutil /metadata cleanup command.
The risk of introducing a former FSMO role holder whose role has been seized into the forest is
that the original role holder may continue to operate as before until it inbound-replicates
knowledge of the role seizure. Known risks of two domain controllers owning the same FSMO
roles include creating security principals that have overlapping RID pools, and other problems.
Transfer FSMO roles
To transfer the FSMO roles by using the Ntdsutil utility, follow these steps:
1. Log on to a Windows 2000 Server-based or Windows Server 2003-based member

computer or domain controller that is located in the forest where FSMO roles are being
transferred. We recommend that you log on to the domain controller that you are
assigning FSMO roles to. The logged-on user should be a member of the Enterprise
Administrators group to transfer Schema master or Domain naming master roles, or a
member of the Domain Administrators group of the domain where the PDC emulator,
RID master and the Infrastructure master roles are being transferred.
2. Click Start, click Run, type ntdsutil in the Open box, and then click OK.
3. Type roles, and then press ENTER.Note To see a list of available commands at any one
of the prompts in the Ntdsutil utility, type ?, and then press ENTER.
4. Type connections, and then press ENTER.
5. Type connect to server servername, and then press ENTER, where servername is the
name of the domain controller you want to assign the FSMO role to.
6. At the server connections prompt, type q, and then press ENTER.
7. Type transfer role, where role is the role that you want to transfer. For a list of roles that
you can transfer, type ? at the fsmo maintenance prompt, and then press ENTER, or see
the list of roles at the start of this article. For example, to transfer the RID master role,
type transfer rid master. The one exception is for the PDC emulator role, whose syntax is
transfer pdc, not transfer pdc emulator.
8. At the fsmo maintenance prompt, type q, and then press ENTER to gain access to the
ntdsutil prompt. Type q, and then press ENTER to quit the Ntdsutil utility.
Seize FSMO roles
To seize the FSMO roles by using the Ntdsutil utility, follow these steps:
1. Log on to a Windows 2000 Server-based or Windows Server 2003-based member

computer or domain controller that is located in the forest where FSMO roles are being
seized. We recommend that you log on to the domain controller that you are assigning
FSMO roles to. The logged-on user should be a member of the Enterprise Administrators
group to transfer schema or domain naming master roles, or a member of the Domain
Administrators group of the domain where the PDC emulator, RID master and the
Infrastructure master roles are being transferred.
2. Click Start, click Run, type ntdsutil in the Open box, and then click OK.
3. Type roles, and then press ENTER.
4. Type connections, and then press ENTER.
5. Type connect to server servername, and then press ENTER, where servername is the
name of the domain controller that you want to assign the FSMO role to.
6. At the server connections prompt, type q, and then press ENTER.
7. Type seize role, where role is the role that you want to seize. For a list of roles that you
can seize, type ? at the fsmo maintenance prompt, and then press ENTER, or see the list
of roles at the start of this article. For example, to seize the RID master role, type seize
rid master. The one exception is for the PDC emulator role, whose syntax is seize pdc,
not seize pdc emulator.
8. At the fsmo maintenance prompt, type q, and then press ENTER to gain access to the
ntdsutil prompt. Type q, and then press ENTER to quit the Ntdsutil utility.Notes
o Under typical conditions, all five roles must be assigned to “live” domain
controllers in the forest. If a domain controller that owns a FSMO role is taken out
of service before its roles are transferred, you must seize all roles to an
appropriate and healthy domain controller. We recommend that you only seize all
roles when the other domain controller is not returning to the domain. If it is
possible, fix the broken domain controller that is assigned the FSMO roles. You
should determine which roles are to be on which remaining domain controllers so
that all five roles are assigned to a single domain controller. For more information
about FSMO role placement, click the following article number to view the article
in the Microsoft Knowledge Base: 223346
(http://support.microsoft.com/kb/223346/ ) FSMO placement and optimization on
Windows 2000 domain controllers
o If the domain controller that formerly held any FSMO role is not present in the
domain and if it has had its roles seized by using the steps in this article, remove it
from the Active Directory by following the procedure that is outlined in the
following Microsoft Knowledge Base article: 216498
(http://support.microsoft.com/kb/216498/ ) How to remove data in active
directory after an unsuccessful domain controller demotion
o Removing domain controller metadata with the Windows 2000 version or the
Windows Server 2003 build 3790 version of the ntdsutil /metadata cleanup
command does not relocate FSMO roles that are assigned to live domain
controllers. The Windows Server 2003 Service Pack 1 (SP1) version of the
Ntdsutil utility automates this task and removes additional elements of domain
controller metadata.
o Some customers prefer not to restore system state backups of FSMO role-holders
in case the role has been reassigned since the backup was made.
o Do not put the Infrastructure master role on the same domain controller as the
global catalog server. If the Infrastructure master runs on a global catalog server it
stops updating object information because it does not contain any references to
objects that it does not hold. This is because a global catalog server holds a partial
replica of every object in the forest.
To test whether a domain controller is also a global catalog server:
1. Click Start, point to Programs, point to Administrative Tools, and then click Active
Directory Sites and Services.
2. Double-click Sites in the left pane, and then locate the appropriate site or click Default-
first-site-name if no other sites are available.
3. Open the Servers folder, and then click the domain controller.
4. In the domain controller’s folder, double-click NTDS Settings.
5. On the Action menu, click Properties.
6. On the General tab, view the Global Catalog check box to see if it is selected.
For more information about FSMO roles, click the following article numbers to view the articles
in the Microsoft Knowledge Base:
 How do you configure a “stand-by operation master” for any of the roles?
1. Open Active Directory Sites and Services.

2. Expand the site name in which the standby operations master is located to display the
Servers folder.
3. Expand the Servers folder to see a list of the servers in that site.
4. Expand the name of the server that you want to be the standby operations master to
display its NTDS Settings.
5. Right-click NTDS Settings, click New, and then click Connection.
6. In the Find Domain Controllers dialog box, select the name of the current role holder,
and then click OK.
7. In the New Object-Connection dialog box, enter an appropriate name for the Connection
object or accept the default name, and click OK.
 How do you backup AD?
Backing up Active Directory is essential to maintain an Active Directory database. You can back
up Active Directory by using the Graphical User Interface (GUI) and command-line tools that
the Windows Server 2003 family provides.
You frequently backup the system state data on domain controllers so that you can restore the
most current data. By establishing a regular backup schedule, you have a better chance of
recovering data when necessary.
To ensure a good backup includes at least the system state data and contents of the system disk,
you must be aware of the tombstone lifetime. By default, the tombstone is 60 days. Any backup
older than 60 days is not a good backup. Plan to backup at least two domain controllers in each
domain, one of at least one backup to enable an authoritative restore of the data when necessary.
System State Data

Several features in the windows server 2003 family make it easy to backup Active Directory.
You can backup Active Directory while the server is online and other network function can
continue to function.
System state data on a domain controller includes the following components:
Active Directory system state data does not contain Active Directory unless the server, on which
you are backing up the system state data, is a domain controller. Active Directory is present only
on domain controllers.
The SYSVOL shared folder: This shared folder contains Group policy templates and logon
scripts. The SYSVOL shared folder is present only on domain controllers.
The Registry: This database repository contains information about the computer’s configuration.
System startup files: Windows Server 2003 requires these files during its initial startup phase.
They include the boot and system files that are under windows file protection and used by
windows to load, configure, and run the operating system.
The COM+ Class Registration database: The Class registration is a database of information
about Component Services applications.
The Certificate Services database: This database contains certificates that a server running
Windows server 2003 uses to authenticate users. The Certificate Services database is present
only if the server is operating as a certificate server.
System state data contains most elements of a system’s configuration, but it may not include all
of the information that you require recovering data from a system failure. Therefore, be sure to
backup all boot and system volumes, including the System State, when you back up your server.
Restoring Active Directory
In Windows Server 2003 family, you can restore the Active Directory database if it becomes
corrupted or is destroyed because of hardware or software failures. You must restore the Active
Directory database when objects in Active Directory are changed or deleted.
Active Directory restore can be performed in several ways. Replication synchronizes the latest
changes from every other replication partner. Once the replication is finished each partner has an
updated version of Active Directory. There is another way to get these latest updates by Backup
utility to restore replicated data from a backup copy. For this restore you don’t need to configure
again your domain controller or no need to install the operating system from scratch.
Active Directory Restore Methods

You can use one of the three methods to restore Active Directory from backup media: primary
restore, normal (non authoritative) restore, and authoritative restore.
Primary restore: This method rebuilds the first domain controller in a domain when there is no
other way to rebuild the domain. Perform a primary restore only when all the domain controllers
in the domain are lost, and you want to rebuild the domain from the backup.
Members of Administrators group can perform the primary restore on local computer, or user
should have been delegated with this responsibility to perform restore. On a domain controller
only Domain Admins can perform this restore.
Normal restore: This method reinstates the Active Directory data to the state before the backup,
and then updates the data through the normal replication process. Perform a normal restore for a
single domain controller to a previously known good state.
Authoritative restore: You perform this method in tandem with a normal restore. An authoritative
restore marks specific data as current and prevents the replication from overwriting that data.
The authoritative data is then replicated through the domain.
Perform an authoritative restore individual object in a domain that has multiple domain
controllers. When you perform an authoritative restore, you lose all changes to the restore object
that occurred after the backup. Ntdsutil is a command line utility to perform an authoritative
restore along with windows server 2003 system utilities. The Ntdsutil command-line tool is an
executable file that you use to mark Active Directory objects as authoritative so that they receive
a higher version recently changed data on other domain controllers does not overwrite system
state data during replication.
 How do you restore AD?
Restoring Active Directory :

In Windows Server 2003 family, you can restore the Active Directory database if it becomes
corrupted or is destroyed because of hardware or software failures. You must restore the Active
Directory database when objects in Active Directory are changed or deleted.
Active Directory restore can be performed in several ways. Replication synchronizes the latest
changes from every other replication partner. Once the replication is finished each partner has an
updated version of Active Directory. There is another way to get these latest updates by Backup
utility to restore replicated data from a backup copy. For this restore you don’t need to configure
again your domain controller or no need to install the operating system from scratch.
Active Directory Restore Methods

You can use one of the three methods to restore Active Directory from backup media: primary
restore, normal (non authoritative) restore, and authoritative restore.
Primary restore: This method rebuilds the first domain controller in a domain when there is no
other way to rebuild the domain. Perform a primary restore only when all the domain controllers
in the domain are lost, and you want to rebuild the domain from the backup.
Members of Administrators group can perform the primary restore on local computer, or user
should have been delegated with this responsibility to perform restore. On a domain controller
only Domain Admins can perform this restore.
Normal restore: This method reinstates the Active Directory data to the state before the backup,
and then updates the data through the normal replication process. Perform a normal restore for a
single domain controller to a previously known good state.
Authoritative restore: You perform this method in tandem with a normal restore. An
authoritative restore marks specific data as current and prevents the replication from overwriting
that data. The authoritative data is then replicated through the domain.
Perform an authoritative restore individual object in a domain that has multiple domain
controllers. When you perform an authoritative restore, you lose all changes to the restore object
that occurred after the backup. Ntdsutil is a command line utility to perform an authoritative
restore along with windows server 2003 system utilities. The Ntdsutil command-line tool is an
executable file that you use to mark Active Directory objects as authoritative so that they receive
a higher version recently changed data on other domain controllers does not overwrite system
state data during replication.
METHOD
A.
You can’t restore Active Directory (AD) to a domain controller (DC) while the Directory Service
(DS) is running. To restore AD, perform the following steps.
Reboot the computer.

At the boot menu, select Windows 2000 Server. Don’t press Enter. Instead, press F8 for
advanced options. You’ll see the following text. OS Loader V5.0
Windows NT Advanced Options Menu

Please select an option:
Safe Mode
Safe Mode with Networking
Safe Mode with Command Prompt
Enable Boot Logging

Enable VGA Mode
Last Known Good Configuration
Directory Services Restore Mode (Windows NT domain controllers only)
Debugging Mode
Use | and | to move the highlight to your choice.

Press Enter to choose.
Scroll down, and select Directory Services Restore Mode (Windows NT domain controllers
only).
Press Enter.
When you return to the Windows 2000 Server boot menu, press Enter. At the bottom of the
screen, you’ll see in red text Directory Services Restore Mode (Windows NT domain controllers
only).
The computer will boot into a special safe mode and won’t start the DS. Be aware that during
this time the machine won’t act as a DC and won’t perform functions such as authentication.
Start NT Backup.
Select the Restore tab.
Select the backup media, and select System State.
Click Start Restore.
Click OK in the confirmation dialog box.
After you restore the backup, reboot the computer and start in normal mode to use the restored
information. The computer might hang after the restore completes; Sometimes it takes a 30-
minute wait on some machines.
 How do you change the DS Restore admin password?
When you promote a Windows 2000 Server-based computer to a domain controller, you are
prompted to type a Directory Service Restore Mode Administrator password. This password is
also used by Recovery Console, and is separate from the Administrator password that is stored in
Active Directory after a completed promotion.
The Administrator password that you use when you start Recovery Console or when you press
F8 to start Directory Service Restore Mode is stored in the registry-based Security Accounts
Manager (SAM) on the local computer. The SAM is located in the\System32\Config folder. The
SAM-based account and password are computer specific and they are not replicated to other
domain controllers in the domain.
For ease of administration of domain controllers or for additional security measures, you can
change the Administrator password for the local SAM. To change the local Administrator
password that you use when you start Recovery Console or when you start Directory Service
Restore Mode, use the following method.
1. Log on to the computer as the administrator or a user who is a member of the Administrators
group. 2. Shut down the domain controller on which you want to change the password. 3. Restart
the computer. When the selection menu screen is displayed during restar, press F8 to view
advanced startup options. 4. Click the Directory Service Restore Mode option. 5. After you log
on, use one of the following methods to change the local Administrator password: • At a
command prompt, type the following command:
net user administrator
• Use the Local User and Groups snap-in (Lusrmgr.msc) to change the Administrator password.
6. Shut down and restart the computer. You can now use the Administrator account to log on to
Recovery Console or Directory Services Restore Mode using the new password.
 Why can’t you restore a DC that was backed up 4 months ago?
Because of the tombstone life which is set to only 60 days
 What are GPOs?
Group Policy gives you administrative control over users and computers in your network. By
using Group Policy, you can define the state of a user’s work environment once, and then rely on
Windows Server 2003 to continually force the Group Policy settings that you apply across an
entire organization or to specific groups of users and computers.
Group Policy Advantages
You can assign group policy in domains, sites and organizational units.
All users and computers get reflected by group policy settings in domain, site and organizational
unit.
No one in network has rights to change the settings of Group policy; by default only
administrator has full privilege to change, so it is very secure.
Policy settings can be removed and can further rewrite the changes.
Where GPO’s store Group Policy Information
Group Policy objects store their Group Policy information in two locations:
Group Policy Container: The GPC is an Active Directory object that contains GPO status,
version information, WMI filter information, and a list of components that have settings in the
GPO. Computers can access the GPC to locate Group Policy templates, and domain controller
does not have the most recent version of the GPO, replication occurs to obtain the latest version
of the GPO.
Group Policy Template: The GPT is a folder hierarchy in the shared SYSVOL folder on a
domain controller. When you create GPO, Windows Server 2003 creates the corresponding GPT
which contains all Group Policy settings and information, including administrative templates,
security, software installation, scripts, and folder redirection settings. Computers connect to the
SYSVOL folder to obtain the settings.
The name of the GPT folder is the Globally Unique Identifier (GUID) of the GPO that you
created. It is identical to the GUID that Active Directory uses to identify the GPO in the GPC.
The path to the GPT on a domain controller is systemroot\SYSVOL\sysvol.
Managing GPOs
To avoid conflicts in replication, consider the selection of domain controller, especially because
the GPO data resides in SYSVOL folder and the Active Directory. Active Directory uses two
independent replication techniques to replicate GPO data among all domain controllers in the
domain. If two administrator’s changes can overwrite those made by other administrator,
depends on the replication latency. By default the Group Policy Management console uses the
PDC Emulator so that all administrators can work on the same domain controller.
WMI Filter
WMI filters is use to get the current scope of GPOs based on attributes of the user or computer.
In this way, you can increase the GPOs filtering capabilities beyond the security group filtering
mechanisms that were previously available.
Linking can be done with WMI filter to a GPO. When you apply a GPO to the destination
computer, Active Directory evaluates the filter on the destination computer. A WMI filter has
few queries that active Directory evaluates in place of WMI repository of the destination
computer. If the set of queries is false, Active Directory does not apply the GPO. If set of queries
are true, Active Directory applies the GPO. You write the query by using the WMI Query
Language (WQL); this language is similar to querying SQL for WMI repository.
Planning a Group Policy Strategy for the Enterprise

When you plan an Active Directory structure, create a plan for GPO inheritance, administration,
and deployment that provides the most efficient Group Policy management for your
organization.
Also consider how you will implement Group Policy for the organization. Be sure to consider the
delegation of authority, separation of administrative duties, central versus decentralized
administration, and design flexibility so that your plan will provide for ease of use as well as
administration.
Planning GPOs
Create GPOs in way that provides for the simplest and most manageable design — one in which
you can use inheritance and multiple links.
Guidelines for Planning GPOs

Apply GPO settings at the highest level: This way, you take advantage of Group Policy
inheritance. Determine what common GPO settings for the largest container are starting with the
domain and then link the GPO to this container.
Reduce the number of GPOs: You reduce the number by using multiple links instead of creating
multiple identical GPOs. Try to link a GPO to the broadest container possible level to avoid
creating multiple links of the same GPO at a deeper level.
Create specialized GPOs: Use these GPOs to apply unique settings when necessary. GPOs at a
higher level will not apply the settings in these specialized GPOs.
Disable computer or use configuration settings: When you create a GPO to contain settings for
only one of the two levels-user and computer-disable the logon and prevents accidental GPO
settings from being applied to the other area.
 What is the order in which GPOs are applied?
Local, Site, Domain, OU
Group Policy settings are processed in the following order:
1:- Local Group Policy object-each computer has exactly one Group Policy object that is stored
locally. This processes for both computer and user Group Policy processing.
2:- Site-Any GPOs that have been linked to the site that the computer belongs to are processed
next. Processing is in the order that is specified by the administrator, on the Linked Group Policy
Objects tab for the site in Group Policy Management Console (GPMC). The GPO with the
lowest link order is processed last, and therefore has the highest precedence.
3:- Domain-processing of multiple domain-linked GPOs is in the order specified by the

administrator, on the Linked Group Policy Objects tab for the domain in GPMC. The GPO with
the lowest link order is processed last, and therefore has the highest precedence.
4:- Organizational units-GPOs that are linked to the organizational unit that is highest in the
Active Directory hierarchy are processed first, then GPOs that are linked to its child
organizational unit, and so on. Finally, the GPOs that are linked to the organizational unit that
contains the user or computer are processed.
At the level of each organizational unit in the Active Directory hierarchy, one, many, or no
GPOs can be linked. If several GPOs are linked to an organizational unit, their processing is in
the order that is specified by the administrator, on the Linked Group Policy Objects tab for the
organizational unit in GPMC. The GPO with the lowest link order is processed last, and
therefore has the highest precedence.
This order means that the local GPO is processed first, and GPOs that are linked to the
organizational unit of which the computer or user is a direct member are processed last, which
overwrites settings in the earlier GPOs if there are conflicts. (If there are no conflicts, then the
earlier and later settings are merely aggregated.)
 Name a few benefits of using GPMC.
Microsoft released the Group Policy Management Console (GPMC) years ago, which is an
amazing innovation in Group Policy management. The tool provides control over Group Policy
in the following manner:
 Easy administration of all GPOs across the entire Active Directory Forest
 View of all GPOs in one single list
 Reporting of GPO settings, security, filters, delegation, etc.
 Control of GPO inheritance with Block Inheritance, Enforce, and Security Filtering
 Delegation model
 Backup and restore of GPOs
 Migration of GPOs across different domains and forests
With all of these benefits, there are still negatives in using the GPMC alone. Granted, the GPMC
is needed and should be used by everyone for what it is ideal for. However, it does fall a bit short
when you want to protect the GPOs from the following:
 Role based delegation of GPO management

 Being edited in production, potentially causing damage to desktops and servers
 Forgetting to back up a GPO after it has been modified
 Change management of each modification to every GPO
 How can you determine what GPO was and was not applied for a user? Name a few
ways to do that.
Simply use the Group Policy Management Console created by MS for that very purpose, allows
you to run simulated policies on computers or users to determine what policies are enforced.
Link in sources
 What are administrative templates?
Administrative Templates are a feature of Group Policy, a Microsoft technology for centralised
management of machines and users in an Active Directory environment.
Administrative Templates facilitate the management of registry-based policy. An ADM file is

used to describe both the user interface presented to the Group Policy administrator and the
registry keys that should be updated on the target machines. An ADM file is a text file with a
specific syntax which describes both the interface and the registry values which will be changed
if the policy is enabled or disabled.
ADM files are consumed by the Group Policy Object Editor (GPEdit). Windows XP Service
Pack 2 shipped with five ADM files (system.adm, inetres.adm, wmplayer.adm, conf.adm and
wuau.adm). These are merged into a unified “namespace” in GPEdit and presented to the
administrator under the Administrative Templates node (for both machine and user policy).
 What’s the difference between software publishing and assigning?
ANS An administrator can either assign or publish software applications.
Assign Users
The software application is advertised when the user logs on. It is installed when the user clicks
on the software application icon via the start menu, or accesses a file that has been associated
with the software application.
Assign Computers
The software application is advertised and installed when it is safe to do so, such as when the
computer is next restarted.
Publish to users
The software application does not appear on the start menu or desktop. This means the user may
not know that the software is available. The software application is made available via the
Add/Remove Programs option in control panel, or by clicking on a file that has been associated
with the application. Published applications do not reinstall themselves in the event of accidental
deletion, and it is not possible to publish to computers.
 Can I deploy non-MSI software with GPO?
How to create a third-party Microsoft Installer package

http://support.microsoft.com/kb/257718/
 You want to standardize the desktop environments (wallpaper, My Documents,

Start menu, printers etc.) on the computers in one department. How would you do
that?
Login on client as Domain Admin user change whatever you need add printers etc go to system-
User profiles copy this user profile to any location by select Everyone in permitted to use after
copy change ntuser.dat to ntuser.man and assgin this path under user profile
~!~
Leave a Comment
February 17, 2010

Technical Interview Questions (Part 1/3) [Networking] Edited & Maintained by
SYED JAHANZAIB / aacable@hotmail.com

[Networking]
1. What is an IP address?
2. What is a subnet mask?

3. What is ARP?
4. What is ARP Cache Poisoning?
5. What is the ANDing process?
6. What is a default gateway? What happens if I don’t have one?
7. Can a workstation computer be configured to browse the Internet and

yet NOT have a default gateway?
8. What is a subnet?
9. What is APIPA?
10. What is an RFC? Name a few if possible (not necessarily

the numbers, just the ideas behind them)
11. What is RFC 1918?
12. What is CIDR?
13. You have the following Network ID: 192.115.103.64/27.

What is the IP range for your network?
14. You have the following Network ID: 131.112.0.0. You need at least
500 hosts per network. How many networks can you create? What subnet
mask will you use?
15. You need to view at network traffic. What will you use? Name a few
tools
16. How do I know the path that a packet takes to the destination?
17. What does the ping 192.168.0.1 -l 1000 -n 100 command do?
18. What is DHCP? What are the benefits and drawbacks of using it?
19. Describe the steps taken by the client and DHCP server in order to
obtain an IP address.
20. What is the DHCPNACK and when do I get one? Name 2 scenarios.
21. What ports are used by DHCP and the DHCP clients?
22. Describe the process of installing a DHCP server in an AD
infrastructure.
23. What is DHCPINFORM?
24. Describe the integration between DHCP and DNS.
25. What options in DHCP do you regularly use for an MS Network?
26. What are User Classes and Vendor Classes in DHCP?
27. How do I configure a client machine to use a specific User Class?
28. What is the BOOTP protocol used for, where might you find it in
windows network infrastructure?
29. DNS zones – describe the differences between the 4 types.
30. DNS record types – describe the most important ones.
31. Describe the process of working with an external domain name
32. Describe the importance of DNS to AD.
33. Describe a few methods of finding an MX record for a remote domain

on the Internet.
34. What does “Disable Recursion” in DNS mean?
35. What could cause the Forwarders and Root Hints to be grayed out?
36. What is a “Single Label domain name” and what sort of issues can it
cause?
37. What is the “in-addr.arpa” zone used for?
38. What are the requirements from DNS to support AD?
39. How do you manually create SRV records in DNS?
40. Name 3 benefits of using AD-integrated zones.
41. What are the benefits of using Windows 2003 DNS when using AD-
integrated zones?
42. You installed a new AD domain and the new (and first) DC has not
registered its SRV records in DNS. Name a few possible causes.
43. What are the benefits and scenarios of using Stub zones?
44. What are the benefits and scenarios of using Conditional Forwarding?
45. What are the differences between Windows Clustering, Network Load
Balancing and Round Robin, and scenarios for each use?
46. How do I work with the Host name cache on a client computer?
47. How do I clear the DNS cache on the DNS server?
48. What is the 224.0.1.24 address used for?
49. What is WINS and when do we use it?
50. Can you have a Microsoft-based network without any WINS server on
it? What are the “considerations” regarding not using WINS?
51. Describe the differences between WINS push and pull replications.
52. What is the difference between tombstoning a WINS record and simply
deleting it?
53. Name the NetBIOS names you might expect from a Windows 2003 DC that
is registered in WINS.
54. Describe the role of the routing table on a host and on a router.
55. What are routing protocols? Why do we need them? Name a few.
56. What are router interfaces? What types can they be?
57. In Windows 2003 routing, what are the interface filters?
58. What is NAT?
59. What is the real difference between NAT and PAT?
60. How do you configure NAT on Windows 2003?
61. How do you allow inbound traffic for specific hosts on Windows 2003
NAT?
62. What is VPN? What types of VPN does Windows 2000 and beyond work
with natively?
63. What is IAS? In what scenarios do we use it?
64. What’s the difference between Mixed mode and Native mode in AD when
dealing with RRAS?
65. What is the “RAS and IAS” group in AD?
66. What are Conditions and Profile in RRAS Policies?
67. What types or authentication can a Windows 2003 based RRAS work
with?
68. How does SSL work?
69. How does IPSec work?
70. How do I deploy IPSec for a large number of computers?
71. What types of authentication can IPSec use?
72. What is PFS (Perfect Forward Secrecy) in IPSec?
73. How do I monitor IPSec?
74. Looking at IPSec-encrypted traffic with a sniffer. What packet types

do I see?
75. What can you do with NETSH?
76. How do I look at the open ports on my machine?
“ANSWERS”
1) What is an IP address?
An Internet Protocol (IP) address is a numerical label that is assigned to devices

participating in a computer network utilizing the Internet
an IP address is a 32-bit number thatidentifies each sender or receiver of information that
is sent in packets across the lan/Internet.
An IP address has two parts: the identifier of a particular network on the Internet and an
identifier of the particular device (which can be a server or a workstation) within that
network. On the Internet itself – that is, between the router that move packets from one
point to another along the route – only the network part of the address is looked at.
2) What is a subnet mask?
A subnet mask allows you to identify which part of an IP address is reserved for the
network, and which part is available for host use. If you look at the IP address alone,
especially now with classless inter-domain routing, you can’t tell which part of the address
is which. Adding the subnet mask, or netmask, gives you all the information you need to
calculate network and host portions of the address with ease. In summary, knowing the
subnet mask can allow you to easily calculate whether IP addresses are on.
Subnetting enables the network administrator to further divide the host part of the address
into two or more subnets.
3) What is ARP?
Short for Address Resolution Protocol, a network layer protocol used to convert an IP
address into a physical address (called a DLC address), such as an Ethernet address. A host
wishing to obtain a physical address broadcasts an ARP request onto the TCP/IP network.
The host on the network that has the IP address in the request then replies with its physical
hardware address.
ARP is a very important part of IP networking. ARP is used to connect OSI Layer 3
(Network) to OSI Layer 2 (Data- Link). For most of us, that means that ARP is used to link
our IP addressing to our Ethernet addressing (MAC Addressing). For you to communicate
with any device on your network, you must have the Ethernet MAC address for that
device. If the device is not on your LAN, you go through your default gateway (your
router). In this case, your router will be the destination MAC address that your PC will
communicate with.
4) What is ARP Cache Poisoning?

a method of attacking an Ethernet LAN by updating the target computer’s ARP cache with
both a forged ARP request and reply packets in an effort to change the Layer 2 Ethernet
MAC address (i.e., the address of the network card) to one that the attacker can monitor.
Because the ARP replies have been forged, the target computer sends frames that were
meant for the original destination to the attacker’s computer first so the frames can be
read. A successful APR attempt is invisible to the user.
ARP cache poisoning, also known as ARP spoofing, is the process of falsifying the source
Media Access Control (MAC) addresses of packets being sent on an Ethernet network. It is
a MAC layer attack that can only be carried out when an attacker is connected to the same
local network as the target machines, limiting its effectiveness only to networks connected
with switches, hubs, and bridges; not routers.
5) What is the ANDing process?
In order to determine whether a destination host is local or remote, a computer will

perform a simple mathematical computation referred to as an AND operation. While the
sending host does this operation internally, understanding what takes place is the key to
understanding how an IP-based system knows whether to send packets directly to a host or
to a router.
Notice that when the resulting AND values are converted back to binary, it becomes clear
that the two hosts are on different networks. Computer A is on subnet 192.168.56.0, while
the destination host is on subnet 192.168.64.0, which
means that Computer A will next be sending the data to a router. Without ANDing,
determining local and remote hosts can be difficult. Once you’re very familiar with
subnetting and calculating ranges of addresses, recognizing local and remote hosts will
become much more intuitive. Whenever you’re in doubt as to whether hosts are local or
remote, use the ANDing process. You should also notice that the ANDing process always
produces the subnet ID of a given host.
6) What is a default gateway? What happens if I don’t have one?
A default gateway is used by a host when an IP packet’s destination address belongs to

someplace outside the local subnet. The default gateway address is usually an interface
belonging to the LAN‘s border router.
In computer networking, a default network gateway is the device that passes traffic from
the local subnet to devices
on other subnets. The default gateway often connects a local network to the Internet,
although internal gateways for connecting two local networks also exist.
7) Can a workstation computer be configured to browse the Internet and yet NOT have a
default gateway?
If we are using public ip address, we can browse the internet. If it is having an intranet
address a gateway is needed as a router or firewall to communicate with internet.
What is a subnet?
A portion of a network which shares a network address in which each component is

identified by a subnet number.
A subnet is a logical organization of network address ranges used to separate hosts and
network devices from each other to serve a design purpose.
In many cases, subnets are created to serve as physical or geographical separations similar
to those found between rooms, floors, buildings, or cities.
9) What is APIPA?
Short for Automatic Private IP Addressing, a feature of later Windows operating systems.
With APIPA, DHCP clients can automatically self-configure an IP address and subnet
mask when a DHCPserver isn’t available. When a DHCP client boots up, it first looks for a
DHCP server in order to obtain an IP address and subnet mask. If the client is unable to
find the information, it uses APIPA to automatically configure itself with an IP address
from a range that has been reserved especially for Microsoft. The IP address range is
169.254.0.1 through 169.254.255.254. The client also configures itself with a default class B
subnet mask of 255.255.0.0. A client uses the self- configured IP address until a DHCP
server becomes available.
The APIPA service also checks regularly for the presence of a DHCP server (every five
minutes, according to Microsoft). If it detects a DHCP server on the network, APIPA stops,
and the DHCP server replaces the APIPA networking addresses with dynamically assigned
addresses.
APIPA is meant for non routed small business environments,

usually less than 25 clients.
10) What is an RFC? Name a few if possible (not necessarily the numbers, just the ideas
behind them)
Short for Request for Comments, a series of notes about the Internet, started in 1969 (when
the Internet was the ARPANET). An Internet Document can be submitted to the IETF by
anyone, but the IETF decides if the document becomes an RFC. Eventually, if it gains
enough interest, it may evolve into an Internet standard.
Each RFC is designated by an RFC number. Once published, an RFC never changes.
Modifications to an original RFC are assigned a new RFC number.
11) What is RFC 1918?
RFC 1918 is Address Allocation for Private Internets The Internet Assigned Numbers
Authority (IANA) has reserved the
following three blocks of the
IP address space for private internets: 10.0.0.0 -
10.255.255.255 (10/8 prefix) 172.16.0.0 – 172.31.255.255
(172.16/12 prefix) 192.168.0.0 – 192.168.255.255
(192.168/16 prefix) We will refer to the first block as “24-bit block”, the second as “20-bit
block”, and to the third as “16-bit” block. Note that (in pre-CIDR notation) the first block
is nothing but a single class A network number, while the second block is a set of 16
contiguous class B network numbers, and third block is a set of 256 contiguous class C
network numbers.
12) What is CIDR?
CIDR (Classless Inter-Domain Routing, sometimes known as supernetting) is a way to

allocate and specify the Internet addresses used in inter-domain routing more flexibly than
with the original system of Internet Protocol (IP) address classes. As a result, the number
of available Internet addresses has been greatly increased.
13. You have the following Network ID:

192.115.103.64/27.What is the IP range for your network?
It ranges from 192.115.103.64 – 192.115.103.96
But the usable address are from 192.115.103.64 -

192.115.103.94
192.115.103.95 – it is the broadcast address

192.115.103.96 – will be the ip address of next range
we can use 30 hosts in this network
14.You have the following Network ID: 131.112.0.0. You need at least 500 hosts per
network. How many networks can you create? What subnet mask will you use?
If you need 500 users then 2^9th would give you 512 (remember the first and last are
network and broadcast), 510 usable. So of your 32 bits you would turn the last 9 off for
host and that would give you give you a 255.255.254.0 subnet mask
(11111111.11111111.11111110.00000000).
Now that we know that
we can see that you have the first 7 of your third octet turned on so to figure out how many
subnets you have us the formula
2^7th= 128. So you can have 128 subnets with 500 people on them.
15.You need to view at network traffic. What will you use? Name a few tools
winshark or tcp dump , or ethereal (available in our file server)
16. How do I know the path that a packet takes to the destination?
use “tracert” command-line
17. What does the ping 192.168.0.1 -l 1000 -n 100 command do?
The ping command will send roundtrip packets to a destination ( other PC, router, printer,
etc. ) and see how long it takes. The 192.168.0.1
is the destination ( which, by the way is a typical default IP address of a router. ) The -l
1000 is how big the packet should be in bytes. The default is 32, if the -l parameter is not
used. And the -n 100 is saying to send it 100 times. The default is 4, when this parameter is
not used.
18. What is DHCP? What are the benefits and drawbacks of using it?
Benefits:
1. DHCP minimizes configuration errors caused by manual IP address configuration.
2. Reduced network administration.
Disadvantage
Your machine name does not change when you get a new IP address. The DNS (Domain
Name System) name is associated with your IP address and therefore does change. This
only presents a problem if other clients try to access your machine by its DNS name.
19.Describe the steps taken by the client and DHCP server in order to obtain an IP address.
* At least one DHCP server must exist on a network.

Once the DHCP server software is installed, you create a DHCP scope, which is a pool of IP
addresses that the server manages. When clients log on, they request an IP address from
the server, and the server provides an IP address from its pool of available addresses.
* DHCP was originally defined in RFC 1531 (Dynamic Host Configuration Protocol,
October 1993) but the most recent update is RFC 2131 (Dynamic Host Configuration
Protocol, March 1997). The IETF Dynamic Host Configuration (dhc) Working Group is
chartered to produce a protocol for automated allocation, configuration, and management
of IP addresses and TCP/IP protocol stack parameters.
20. What is the DHCPNACK and when do I get one? Name 2 scenarios.
Recently I saw a lot of queries regarding when the Microsoft DHCP server issues a NAK to
DHCP clients.For simplification purposes, I am listing down the possible scenarios in
which the server should NOT issue a NAK. This should give you a good understanding of
DHCP NAK behavior.When a DHCP server receives a DHCPRequest with a previously
assigned address specified, it first checks to see if it came from the local segment by
checking the GIADDR field. If it originated from the local segment, the DHCP server
compares the requested address to the IP address and subnet mask belonging to the local
interface that received the request.
DHCP server will issue a NAK to the client ONLY IF it is sure that the client, “on the local
subnet”, is asking for an address that doesn’t exist on that subnet.The server will send a
NAK EXCEPT in the following scenarios:-
1. Requested address from possibly the same subnet but not in the address pool of the
server:-
This can be the failover scenario in which 2 DHCP servers are serving the same subnet so
that when one goes down, the other should not NAK to clients which got an IP from the
first server.
2. Requested address on a different subnet:-

If the Address is from the same superscope to which the subnet belongs, DHCP server will
ACK the REQUEST.
21. What ports are used by DHCP and the DHCP clients?
Requests are on UDP port 68, Server replies on UDP 67
22. Describe the process of installing a DHCP server in an AD infrastructure.
Use Add/Remove program wizard . . .
23. What is DHCPINFORM?
DHCPInform is a DHCP message used by DHCP clients to obtain DHCP options. While
PPP remote access clients do not use DHCP to obtain IP addresses for the remote access
connection, Windows 2000 and Windows 98 remote access clients use the DHCPInform
message to obtain DNS server IP addresses, WINS server IP addresses, and a DNS domain
name. The DHCPInform message is sent after the IPCP negotiation is concluded. The
DHCPInform message received by the remote access server is then forwarded to a DHCP
server. The remote access server forwards DHCPInform messages only if it has been
configured with the DHCP Relay Agent..
24. Describe the integration between DHCP and DNS.
Traditionally, DNS and DHCP servers have been configured and managed one at a time.
Similarly, changing authorization rights for a particular user on a group of devices has
meant visiting each one and making configuration changes. DHCP integration with DNS
allows the aggregation of these tasks across devices, enabling a company’s network services
to scale in step with the growth of network users, devices, and policies, while reducing
administrative operations and costs.
This integration provides practical operational efficiencies that lower total cost of
ownership. Creating a DHCP network automatically creates an associated DNS zone, for
example, reducing the number of tasks required of network administrators. And
integration of DNS and DHCP in the same database instance provides unmatched
consistency between service and management views of IP address-centric network services
data.
25.What options in DHCP do you regularly use for an MS network?
Automatic providing IP address
Subnet mask
DNS server
Domain name
Default getaway or router
26. What are User Classes and Vendor Classes in DHCP?
Microsoft Vendor Classes

The following list contains pre-defined vendor classes that are available in Windows 2000
DHCP server.
Class Data Class Name Description MSFT 5.0 Microsoft Windows

2000 options Class that includes all Windows 2000 DHCP
clients. MSFT 98 Microsoft
Windows 98 options Class that includes all Windows 98 and
Microsoft Windows Millennium Edition (Me) DHCP clients. MSFT
Microsoft options Class that includes
all Windows 98, Windows Me, and Windows 2000 DHCP clients.
If you have non-Microsoft DHCP clients, you can define other vendor-specific classes on
the DHCP server. When you define such classes, make sure the vendor class identifier that
you define matches the identifier used by the clients.
User Classes
The following list contains pre-defined user classes that

are available in Windows 2000 DHCP server.
Collapse this tableExpand this table
Class ID Class Type Description Unspecified Default user

class All DHCP clients that have no user class specified.
RRAS.Microsoft Default Routing and Remote Access class All Dial-Up Networking (DUN)
clients. Bootp Default Bootp class All Bootp clients
In addition to these pre-defined classes, you can also add custom user classes for Windows
2000 DHCP clients. When you configure such classes, you must specify a custom identifier
that corresponds to the user
class defined on the DHCP server.
27.How do I configure a client machine to use a specific User Class?
The command to configure a client machine to use a specific user class is
ipconfig /setclassid “<Name of your Network card>” <Name of the class you created on
DHCP and you want to join (Name is case sensitive)>
Eg:
ipconfig /setclassid ” Local Area Network” Accounting
28. What is the BOOTP protocol used for, where might you find it in Windows network
infrastructure?
BootP (RFC951) provides
* a unique IP address to the requester (using port 67) similar to the DHCP request on port
68 AND
* can provide (where supported) the ability to boot a system without a hard drive (ie: a
diskless client)
Apple OS X 10.* Server supports BootP (albeit) renamed as NetBoot. The facility allows
the Admin to maintain a selected set of configurations as boot images and then assign sets
of client systems to share(or boot from) that image. For example Accounting, Management,
and Engineering departments have elements in common, but which can be unique from
other
departments. Performing upgrades and maintenance on three images is far more
productive that working on all client systems individually.
Startup is obviously network intensive, and beyond 40-50 clients, the Admin needs to
carefully subnet the infrastructure, use gigabit switches, and host the images local to the
clients to avoid saturating the network. This will expand the number of BootP servers and
multiply the number of images, but the productivity of 1 BootP server per 50 clients is
undeniable
Sunmicro, Linux, and AIX RS/600 all support BootP.

To date, Windows does not support booting “diskless clients”.
29. DNS zones – describe the differences between the 4 types.
Dns zone is actual file which contains all the records for a specific domain.
i)Forward Lookup Zones :-
This zone is responsible to resolve host name to ip.
ii)Reverse Lookup Zones :-
This zone is responsible to resolve ip to host name.
iii)Stub Zone :-
Stubzone is read only copy of primary zone.but it contains

only 3 records viz
the SOA for the primary zone, NS record and a Host (A) record.
30. DNS record types – describe the most important ones. Type of Record What it does
A (Host) Classic resource record. Maps hostname to IP(ipv4)
PTR Maps IP to hostname (Reverse of A (Host)
AAAA Maps hostname to ip (ipv6)
Cname Canonical name, in plain English an alias.such as Web Server,FTP Server, Chat
Server
NS Identifies DNS name servers. Important for forwarders
MX Mail servers, particularly for other domains.MX records required to deliver internet
email.
_SRV Required for Active Directory. Whole family of underscore service,records, for
example, gc = global catalog.
SOA Make a point of finding the Start of Authority (SOA) tab at the
DNS Server.
31. Describe the process of working with an external domain name
Serving Sites with External Domain Name Servers , If you host Web sites on this server
and have a standalone DNS server acting as a primary (master) name server for your sites,
you may want to set up your control panel’s DNS server to function as a secondary (slave)
name server:
To make the control panel’s DNS server act as a secondary name server:
1. Go to Domains > domain name > DNS Settings (in the Web Site group).
2. Click Switch DNS Service Mode.
3. Specify the IP address of the primary (master) DNS server.
4. Click Add.
5. Repeat steps from 1 to 5 for each Web site that needs to have a secondary name server
on this machine.
To make the control panel’s DNS server act as a primary for a zone:
2. Click Switch DNS Service Mode. The original resource records for the zone will be
restored.
If you host Web sites on this server and rely entirely on other machines to perform the
Domain Name Service for your sites (there are two external name servers – a primary and
a secondary), switch off the control panel’s DNS service for each site served by external
name servers.
To switch off the control panel’s DNS service for a site

served by an external name server:
2. Click Switch Off the DNS Service in the Tools group.
Turning the DNS service off for the zone will refresh the screen, so that only a list of name
servers remains.
Note: The listed name server records have no effect on the system. They are only presented
on the screen as clickable links to give you a chance to validate the configuration of the
zone maintained on the external authoritative name servers.
1. Repeat the steps from 1 to 3 to switch off the local domain name service for each site
served by external name servers.
If you wish to validate the configuration of a zone maintained on authoritative name

servers:
2. Add to the list the entries pointing to the
appropriate name servers that are authoritative for the zone: click Add, specify a name
server, and click OK. Repeat this for each name server you would like to test. The records
will appear in the list.
1. Click the records that you have just created. Parallels Plesk Panel will retrieve the zone
file from a remote name server and check the resource records to make sure that domain’s
resources are properly resolved.
The results will be interpreted and displayed on the screen.
32. Describe the importance of DNS to AD.
When you install Active Directory on a server, you promote the server to the role of a
domain controller for a specified domain. When completing this process, you are prompted
to specify a DNS domain name for the Active Directory domain for which you are joining
and promoting the server.If during this process, a DNS server authoritative for the domain
that you
specified either cannot be located on the network or does not support the DNS dynamic
update protocol, you are prompted with the option to install a DNS server. This option is
provided because a DNS server is required to locate this server or other domain controllers
for members of an Active Directory domain
33.Describe a few methods of finding an MX record for a remote domain on the Internet.
In order to find MX Records for SMTP domains you can use Command-line tools such as
NSLOOKUP or DIG. You can also use online web services that allow you to perform quick
searches and display the information in a convenient manner.
34. What does “Disable Recursion” in DNS mean?
In the Windows 2000/2003 DNS console (dnsmgmt.msc), under a server’s Properties ->
Forwarders tab is the setting Do not use recursion for this domain. On the Advanced tab
you will find the confusingly similar option Disable recursion (also disables forwarders).
Recursion refers to the action of a DNS server querying additional DNS servers (e.g. local
ISP DNS or the root DNS servers) to resolve queries that it cannot resolve from its own
database
35. What could cause the Forwarders and Root Hints to be grayed out?
Win2K configured your DNS server as a private root server
36. What is a “Single Label domain name” and what sort of issues can it cause?
Single-label names consist of a single word like “contoso”.
• Single-label DNS names cannot be registered by using an Internet registrar.
• Client computers and domain controllers that joined to single-label domains require
additional configuration to ynamically register DNS records in
single-label DNS zones. • Client computers and domain controllers may require additional
configuration to resolve DNS queries in single-label DNS zones.
• By default, Windows Server 2003-based domain members, Windows XP-based domain
members, and Windows 2000-based domain members do not perform dynamic updates to
single-label DNS zones.
• Some server-based applications are incompatible with single-label domain names.
Application support may not exist in the initial release of an application, or support may be
dropped in a future release. For example,
Microsoft Exchange Server 2007 is not supported in environments in which single-label
DNS is
used.
• Some server-based applications are incompatible with the domain rename feature that is
supported in Windows Server 2003 domain controllers and in Windows Server 2008
domain controllers. These incompatibilities either block or complicate the use of the
domain rename feature when you try to rename a single-label DNS name to a fully
qualified domain name.
37. What is the “in-addr.arpa” zone used for?
When creating DNS records for your hosts, A records make sense. After all, how can the
world find your mail server unless the IP address of that server is associated with its
hostname within a DNS database? However, PTR records aren’t as easily understood. If
you already have a zone file, why
does there have to be a separate in-addr.arpa zone containing PTR records matching your
A records? And who should be making those PTR records–you or your provider? Let’s
start by defining in-addr.arpa. .arpa is actually a TLD like .com or .org. The name of the
TLD comes from Address and Routing Parameter Area and it has been designated by the
IANA to be used exclusively for Internet infrastructure purposes. In other words, it is an
important zone and an integral part of the inner workings of DNS. The
RFC for DNS (RFC 1035) has an entire section on the in-addr.arpa domain. The first two
paragraphs in that section state the purpose of the domain: “The Internet uses a special
domain to support gateway location and Internet address to host mapping. Other classes
may employ a similar
strategy in other domains. The intent of this domain is to provide a guaranteed method to
perform host address to host name mapping, and to facilitate queries to locate all gateways
on a particular network in the Internet. Note that both of these services are similar to
functions that could be performed by inverse queries; the difference is that this part of the
domain name space is structured according to address, and hence can guarantee that the
appropriate data can be located without an exhaustive search of the domain space.” In
other words, this zone provides a database of all allocated networks and the DNS reachable
hosts within those networks. If your assigned network does not appear in this zone, it
appears to be unallocated. And if your hosts don’t have a PTR record in this database, they
appear to be unreachable through DNS. Assuming an A record exists for a host, a missing
PTR record may or may not impact on the DNS reachability of that host, depending upon
the applications running on that host. For example, a mail server will definitely be
impacted as PTR records are used in mail header checks and by most anti-SPAM
mechanisms. Depending upon your web server configuration, it may also depend upon an
existing PTR record. This is why the DNS RFCs recommend that every A record has an
associated PTR record. But who should make and host those PTR records? Twenty years
ago when you could buy a full Class C network address (i.e. 254 host addresses) the answer
was easy: you. Remember, the in-addr.arpa zone is concerned with delegated network
addresses. In other words, the owner of the network address is authoritative (i.e.
responsible) for the host PTR records associated with that network address space. If you
only own one or two host addresses within a network address space, the provider you
purchased those addresses from needs to host your PTR records as the provider is the
owner of (i.e. authoritative for) the network address. Things are a bit more interesting if
you have been delegated a CIDR block of addresses. The in-addr.arpa zone assumes a
classful addressing scheme where a Class A address is one octet (or /8), a Class B is 2 octets
(or /16) and a Class C is 3 octets (or /24). CIDR allows for delegating address space outside
of these boundaries–say a /19 or a /28. RFC 2317 provides a best current practice for
maintaining in-addr.arpa with these types of network allocations. Here is a summary
regarding PTR records: • Don’t wait until users complain about DNS unreachability–be
proactive and ensure there is an associated PTR record for every A record. • If your
provider hosts your A records, they should also host your PTR records. • If you only have
one or two assigned IP addresses, your provider should host your PTR records as they are
authoritative for the network those hosts belong to. • If you own an entire network address
(e.g. a Class C
address ending in 0), you are responsible for hosting your PTR records. • If you are
configuring an internal DNS server within the private address ranges (e.g. 10.0.0.0 or
192.168.0.0), you are responsible for your own internal PTR records. • Remember: the key
to PTR hosting is knowing who is authoritative for the network address for your domain.
When in doubt, it probably is not you.
38. What are the requirements from DNS to support AD?

When you install Active Directory on a member server, the member server is promoted to
a domain controller. Active Directory uses DNS as the location mechanism for domain
controllers, enabling computers on the network to obtain IP addresses of domain
controllers. During the installation of Active Directory, the service (SRV) and address (A)
resource records are dynamically registered in DNS, which are necessary for the successful
functionality of the domain controller locator (Locator) mechanism.
To find domain controllers in a domain or forest, a client queries DNS for the SRV and A
DNS resource records of the domain controller, which provide the client with the names
and IP addresses of the domain controllers. In this context, the SRV and A resource
records are referred to as Locator DNS resource records. When adding a domain
controller to a forest, you are updating a DNS zone hosted on a DNS server with the
Locator DNS resource records and identifying the domain controller. For this reason, the
DNS zone must allow dynamic updates (RFC 2136) and the DNS server hosting that zone
must support the SRV resource records (RFC 2782) to advertise the Active Directory
directory service. For more information about RFCs, see DNS RFCs.
If the DNS server hosting the authoritative DNS zone is not a server running Windows
2000 or Windows Server 2003, contact your DNS administrator to determine if the DNS
server supports the required standards. If the server does not support the required
standards, or
the authoritative DNS zone cannot be configured to allow dynamic updates, then
modification is required to your existing DNS infrastructure.
39. How do you manually create SRV records in DNS?

this is on windows server
go to run —> dnsmgmt.msc
rightclick on the zone you want to add srv record to and choose “other new record” and
choose service location(srv)…..
40. Name 3 benefits of using AD-integrated zones.
1. you can give easy name resolution to ur clients.
2. By creating AD- integrated zone you can also trace hacker and spammer by creating
reverse zone.
3. AD integrated zoned all for incremental zone transfers which on transfer changes and
not the entire zone. This reduces zone transfer traffic.
4. AD Integrated zones suport both secure and dmanic updates.
5. AD integrated zones are stored as part of the active directory and support domain-wide
or forest-wide replication through application pertitions in AD.
41. What are the benefits of using Windows 2003 DNS when using AD-integrated zones?
Advantages:
DNS supports Dynamic registration of SRV records registered by a Active Directory server
or a domain controller during promotion. With the help of SRV records client machines
can find domain controllers in the network.
1. DNS supports Secure Dynamic updates. Unauthorized access is denied.
2. Exchange server needs internal DNS or AD DNS to locate Global Catalog servers.
3. Active Directory Integrated Zone. If you have more than
one domain controller (recommended) you need not worry about
zone replication. Active Directory replication will take care of DNS zone replication also.
4. If your network use DHCP with Active Directory then no other DHCP will be able to
service client requests coming from different network. It is because DHCP server is
authorized in AD and will be the only server to participate on network to provide IP
Address information to client machines.
5. Moreover, you can use NT4 DNS with Service Pack 4 or later. It supports both SRV
record registration and Dynamic Updates.
Using Microsoft DNS gives the following benefits:

If you implement networks that require secure updates.
If you want to take benefit of Active Directory replication.
If you want to integrate DHCP with DNS for Low-level clients
to register their Host records in Zone database.
42. You installed a new AD domain and the new (and first) DC has not registered its SRV
records in DNS. Name a few possible causes.
The machine cannot be configured with DNS client her own

The DNS service cannot be run
43. What are the benefits and scenarios of using Stub zones?
One of the new features introduced in the Windows Server 2003-based implementation of
DNS are stub zones. Its main purpose is to provide name resolution in domains, for which a
local DNS server is not authoritative. The stub zone contains only a few records:
- Start of Authority (SOA)

record pointing to a remote DNS server that is considered to be the best source of
information about the target DNS domain, – one or more Name Server (NS) records
(including the entry associated with the SOA record), which are authoritative for the DNS
domain represented by the stub zone, – corresponding A records for each of the NS entries
(providing IP addresses of the servers). While you can also provide name resolution for a
remote domain by either creating a secondary zone (which was a common approach in
Windows Server 2000 DNS implementation) or delegation (when dealing with a contiguous
namespace), such approach forces periodic zone transfers, which are not needed when stub
zones are used. Necessity to traverse network in order to obtain individual records hosted
on the remote Name Servers is mitigated to some extent by caching process, which keeps
them on the local server for the duration of their Time-to-Live (TTL) parameter. In
addition, records residing in a stub zone are periodically validated and refreshed in order
to avoid lame delegations.
44. What are the benefits and scenarios of using Conditional Forwarding?
45. What are the differences between Windows Clustering, Network Load Balancing and
Round Robin, and scenarios for each use?
I will make a few assumptions here:
1) By “Windows Clustering Network Load Balancing” you mean Windows Network

Load Balancing software included in Windows Server software a.k.a NLB., and
2) By Round Robin, you mean DNS Round Robin meaning the absence of a software or
hardware load balancing device, or the concept of the Round Robin algorithm available in
just about every load balancing solution.
Microsoft NLB is designed for a small number (4 – 6) of Windows Servers and a low to
moderate number of new connections per second, to provide distribution of web server
requests to multiple servers in a virtual resource pool. Some would call this a “cluster”, but
there are suttle differences between a clustered group of devices and a more loosely
configured virtual pool. From the standpoint of scalability and performance, almost all
hardware load balancing solutions are superior to this and other less known software load
balancing solutions [e.g. Bright Tiger circa 1998].
DNS Round Robin is an inherent load balancing method built into DNS. When you resolve
an IP address that has more than one A record, DNS hands out different resolutions to
different requesting local DNS servers. Although there are several factors effecting the
exact resulting algorithm (e.g. DNS caching, TTL, multiple DNS servers [authoritative or
cached]), I stress the term “roughly” when I say it roughly results in an even distribution of
resolutions to each of the addresses specified for a particular URL. It does not however,
consider availability, performance, or any other metric and is completely static. The basic
RR algorithm is available in many software and hardware load balancing solutions and
simply hands the next request to the next resource and starts back at the first resource
when it hits the last one.
NLB is based on proprietary software, meant for small groups of Windows servers only on
private networks, and is dynamic in nature (takes into account availability of a server, and
in some cases performance). “Round Robin”, DNS or otherwise, is more generic, static in
nature (does not take into account anything but the resource is a member of the resource
pool and each member is equal), and ranges from DNS to the default static load balancing
method on every hardware device in the market.
46. How do I work with the Host name cache on a client computer?
47. How do I clear the DNS cache on the DNS server?
To clear the server names cache
* Using the Windows interface
* Using a command line
Using the Windows interface
1. Open DNS.
2. In the console tree, click the applicable DNS server.
Where?
* DNS/applicable DNS server
3. On the Action menu, click Clear Cache.
Notes
* To perform this procedure, you must be a member of the Administrators group on the
local computer, or you must have been delegated the appropriate authority. If the
computer is joined to a domain, members of the Domain Admins group might be able to
perform this procedure. As a security best practice, consider using Run as to perform this
procedure.
* To open DNS, click Start, click Control Panel,

double-click Administrative Tools, and then double-click DNS.
Using a command line
1. Open Command Prompt.
2. Type the following command and then press ENTER:
Dnscmd ServerName /clearcache
48. What is the 224.0.1.24 address used for?
WINS server group address. Used to support autodiscovery and dynamic configuration of
replication for WINS servers. For more information, see WINS replication
overview WINS server group address. Used to support autodiscovery and dynamic
configuration of replication for WINS servers.
49. What is WINS and when do we use it?
In the Windows Server family, the primary means for client computer to locate and
communicate with other computers on an Internet Protocol (IP) network is by using
Domain Name
System (DNS). However, clients that use older versions of Windows, such as Windows NT
4.0, use network basic I/O system (NetBIOS) names for network communication. Some
applications that run on Windows Server 2003 may also use NetBIOS names for network
communication. Using NetBIOS names requires a method of resolving NetBIOS names to
IP . Using a WINS server is essential for any Windows client computer to work with other
Windows computers over the Internet. In addition, using a WINS server is essential for any
Windows client computer at Indiana University that intends to use Microsoft network
resources. To use WINS services, you must insert into your TCP/IP networking
configuration the IP address of the WINS servers you wish to use.
50. Can you have a Microsoft-based network without any WINS server on it? What are the
“considerations” regarding not using WINS?
51. Describe the differences between WINS push and pull replications.
To replicate database entries between a pair of WINS servers, you must configure each
WINS server as a pull partner, a push partner, or both with the other WINS server.
* A push partner is a WINS server that sends a message to its pull partners, notifying them
that it has new WINS database entries. When a WINS server’s pull partner responds to the
message with a replication request, the WINS server sends (pushes) copies of its new WINS
database entries (also known as replicas) to the requesting pull partner.
* A pull partner is a WINS server that pulls WINS database entries from its push partners
by requesting any new WINS database entries that the push partners have. The pull
partner requests the new WINS database entries that have a higher version number than
the last entry the pull
partner received during the most recent replication.
52. What is the difference between tombstoning a WINS record and simply deleting it?
Simple deletion removes the records that are selected in the WINS console only from the
local WINS server you are currently managing. If the WINS records deleted in this way
exist in WINS data replicated to other WINS servers on your network, these additional
records are not fully removed.
Also, records that are simply deleted on only one server can reappear after replication
between the WINS server where simple deletion was used and any of its replication
partners. Tombstoning marks the selected records as tombstoned, that is, marked locally as
extinct and immediately released from active use by the local WINS server. This method
allows the tombstoned records to remain present in the server database for purposes of
subsequent replication of these records to other servers. When the tombstoned records are
replicated, the tombstone status is updated and applied by other WINS servers that store
replicated copies of these records. Each replicating WINS server then updates and
tombstones
53. Name the NetBIOS names you might expect from a Windows 2003 DC that is registered
in WINS.
54. Describe the role of the routing table on a host and on

a router.
During the process of routing, decisions of hosts and routers are aided by a database of
routes known as the routing table. The routing table is not exclusive to a router. Depending
on the routable protocol, hosts may also have a routing table that may be used to decide the
best router for the packet to be forwarded. Host-based routing tables are optional for the
Internet Protocol, as well as obsolete routable protocols such as IPX.
55. What are routing protocols? Why do we need them? Name a few.
A routing protocol is a protocol that specifies how routers communicate with each other,
disseminating information that enables them to select routes between any two nodes on a
computer network, the choice of the route being done by routing algorithms. Each router
has a prior knowledge only of networks attached to it directly. A routing protocol shares
this information first among immediate neighbors, and then throughout the network. This
way, routers gain knowledge of the topology of the network. For a discussion of the
concepts behind routing protocols, see: Routing.
The term routing protocol may refer specifically to one operating at layer three of the OSI
model, which similarly disseminates topology information between routers.
Many routing protocols used in the public Internet are defined in documents called
RFCs.[1][2][3][4]
Although there are many types of routing protocols, two major classes are in widespread
use in the Internet:
link-state routing protocols, such as OSPF and IS-IS; and
path vector or distance vector protocols, such as BGP, RIP
and EIGRP.
56. What are router interfaces? What types can they be?
Routers can have many different types of connectors; from Ethernet, Fast Ethernet, and
Token Ring to Serial and ISDN ports. Some of the available configurable items are logical
addresses (IP,IPX), media types, bandwidth, and administrative commands. Interfaces are
configured in interface mode which you get to from global configuration mode after
logging in.
The media type is Ethernet, FastEthernet, GigabitEthernet,
Serial, Token-ring, or other media types. You must keep in
mind that a 10Mb Ethernet interface is the only kind of Ethernet interface called Ethernet.
A 100Mb Ethernet interface is called a FastEthernet interface and a 1000Mb Ethernet
interface is called a GigabitEthernet interface.
57. In Windows 2003 routing, what are the interface filters?
58. What is NAT?
Windows Server 2003 provides network address translation (NAT) functionality as a part
of the Routing and Remote Access service. NAT enables computers on small- to medium-
sized organizations with private networks to access resources on the Internet or other
public network. The
computers on a private network are configured with reusable private Internet Protocol
version 4 (IPv4) addresses; the computers on a public network are configured with globally
unique IPv4 (or, rarely at present, Internet Protocol version 6 [IPv6]) addresses. A typical
deployment is a small office or home office (SOHO), or a medium-sized businesss, that uses
Routing and Remote Access NAT technology to enable computers on the internal corporate
network to connect to resources on the Internet without having to deploy a proxy server.
59. What is the real difference between NAT and PAT?
Take NAT (Network Address Translation) and PAT (Port Address Translation). NAT
allows you to translate or map one IP address onto another single ip address. PAT on the
other hand is what is most commonly referred to as NAT. In a PAT system you have a
single or group of public IP addresses that are translated to multiple internal ip addresses
by mapping the TCP/UDP ports to different ports. This means that by using some “magic”
on a router or server you can get around problems that you might have with two web
browsers sending a request out the same port.
60. How do you configure NAT on Windows 2003?
http://www.windowsnetworking.com/articles_tutorials/NAT_Windows_2003_Setup_Config
uration.html
Configure Routing and Remote Access

To activate Routing and Remote Access, follow these steps:
1. Click Start, point to All Programs, point to

Administrative Tools, and then click Routing and Remote Access.
2. Right-click your server, and then click Configure and
Enable Routing and Remote Access.
3. In the Routing and Remote Access Setup Wizard, click
Next, click Network address translation (NAT), and then
click Next.
4. Click Use this public interface to connect to the
Internet, and then click the network adapter that is
connected to the Internet. At this stage you have the option
to reduce the risk of unauthorized access to your network.
To do so, click to select the Enable security on the
selected interface by setting up Basic Firewall check box.
5. Examine the selected options in the Summary box, and
then click Finish.
Configure dynamic IP address assignment for private network

clients
You can configure your Network Address Translation computer
to act as a Dynamic Host Configuration Protocol (DHCP)
server for computers on your internal network. To do so,
follow these steps:

2. Expand your server node, and then expand IP Routing.
3. Right-click NAT/Basic Firewall, and then click Properties.
4. In the NAT/Basic Firewall Properties dialog box, click the Address Assignment tab.
5. Click to select the Automatically assign IP addresses
by using the DHCP allocator check box. Notice that default
private network 192.168.0.0 with the subnet mask of
255.255.0.0 is automatically added in the IP address and the Mask boxes. You can keep the
default values, or you can
modify these values to suit your network.
6. If your internal network requires static IP assignment for some computers — such as for
domain controllers or for DNS servers — exclude those IP addresses from the DHCP pool.
To do this, follow these steps:
1. Click Exclude.
2. In the Exclude Reserved Addresses dialog box,
click Add, type the IP address, and then click OK.
3. Repeat step b for all addresses that you want to exclude.
4. Click OK.
Configure name resolution

To configure name resolution, follow these steps:

2. Right-click NAT/Basic Firewall, and then click Properties.
3. In the NAT/Basic Firewall Properties dialog box, click the Name Resolution tab.
4. Click to select the Clients using Domain Name System
(DNS) check box. If you use a demand-dial interface to
connect to an external DNS server, click to select the
Connect to the public network when a name needs to be
resolved check box, and then click the appropriate dial-up
interface in the list.
61. How do you allow inbound traffic for specific hosts on Windows 2003 NAT?
You can use the Windows Server 2003 implementation of IPSec to compensate for the
limited protections provided by applications for network traffic, or as a network-layer
foundation of a defense-in-depth strategy. Do not use IPSec as a replacement for other user
and application security
controls, because it cannot protect against attacks from within established and trusted
communication paths. Your authentication strategy must be well defined and implemented
for the potential security provided by IPSec to be realized, because authentication verifies
the identity and trust of the computer at the other end of the connection.
62. What is VPN? What types of VPN does Windows 2000 and beyond work with natively?
VPN gives extremely secure connections between private

networks linked through the Internet. It allows remote
computers to act as though they were on the same secure,
local network.
L2TP (layer 2 tunneling protocol )
vpn server is also know as L2TP server in native mode & in

PPTP in mixed mode
63. What is IAS? In what scenarios do we use it?
IAS is called as Internet Authentication Service. It’s used by for configuring centralised
authentication using RADIUS server.
64. What’s the difference between Mixed mode and Native mode in AD when dealing with
RRAS?
When you are in Mixed mode certain options in the dial-in tab of the user proeprties are
disabled. And some of the RRAS policies are also disabled. So if you want high level
security with all the advanced feature then change the AD to Native mode.
65. What is the “RAS and IAS” group in AD?
Used for managing security and allowing administration for the respective roles of the
server.
66. What are Conditions and Profile in RRAS Policies?
The conditions and profiles are used to set some restrictions based on the media type,
connection method, group membership and lot more. So if used matches those conditions
mentioned in the profile then he can allowed /
denied access to RAS / VPN server.
67. What types or authentication can a Windows 2003 based RRAS work with?
It supports authentication methods like MSCHAPv2, MSCHAP, SPAP, EAP, Digest

authentication. ( You can check it by going to properties of your server in RRAS )
68. How does SSL work?
Internet communication typically runs through multiple program layers on a server before
getting to the requested data such as a web page or cgi scripts.
The outer layer is the first to be hit by the request. This is the high level protocols such as
HTTP (web server), IMAP (mail server), and FTP (file transfer).
Determining which outer layer protocol will handle the request depends on the type of
request made by the client. This high level protocol then processes the request through the
Secure Sockets Layer. If the request is for a non-secure connection it passes through to the
TCP/IP layer and the server application or data.
If the client requested a secure connection the ssl layer initiates a handshake to begin the
secure communication process. Depending on the SSL setup on the server, it may require
that a secure connection be made before allowing communication to pass through to the
TCP/IP layer in which
case a non-secure request will send back an error asking for them to retry securely (or
simply deny the non-secure
connection).
69. How does IPSec work?
IPSec is an Internet Engineering Task Force (IETF) standard suite of protocols that
provides data authentication, integrity, and confidentiality as data is transferred between
communication points across IP networks. IPSec provides data security at the IP packet
level. A packet is a data bundle that is organized for transmission across a network, and it
includes a header and payload (the data in the packet). IPSec emerged as a viable network
security standard because enterprises wanted to ensure that data could be securely
transmitted over the Internet. IPSec protects against possible security exposures by
protecting data while in transit.
70. How do I deploy IPSec for a large number of computers?
Just use this program Server and Domain Isolation Using IPsec and Group Policy
71. What types of authentication can IPSec use?
Deploying L2TP/IPSec-based Remote Access
Deploying L2TP-based remote access VPN connections using Windows Server 2003
consists of the following:
* Deploy certificate infrastructure
* Deploy Internet infrastructure
* Deploy AAA infrastructure
* Deploy VPN servers
* Deploy intranet infrastructure
* Deploy VPN clients
* Implantar certificado infra-estrutura

* Implantar infra-estrutura Internet
* Implantar infra-estrutura AAA
* Implementar VPN servidores
* Implantar intranet infra-estrutura
* Implementar clientes VPN
72. What is PFS (Perfect Forward Secrecy) in IPSec?
In an authenticated key-agreement protocol that uses public key cryptography, perfect

forward secrecy (or PFS) is the property that ensures that a session key derived from a set
of long-term public and private keys will not be compromised if one of the (long-term)
private keys is compromised in the future. Forward secrecy has been used as a synonym for
perfect forward secrecy [1], since the term perfect has been controversial in this context.
However, at least one reference [2] distinguishes perfect forward secrecy from forward
secrecy with the additional property that an agreed key will not be compromised even if
agreed keys derived from the same long-term keying material in a subsequent run are
compromised.
73. How do I monitor IPSec?
To test the IPSec policies, use IPSec Monitor. IPSec Monitor (Ipsecmon.exe) provides
information about which IPSec policy is active and whether a secure channel between
computers is established.
74. Looking at IPSec-encrypted traffic with a sniffer. What packet types do I see?
You can see the packages to pass, but you can not see its
contents
IPSec Packet Types

IPSec packet types include the authentication header (AH) for data integrity and the
encapsulating security payload (ESP) for data confidentiality and integrity. The
authentication header (AH) protocol creates an envelope that provides integrity, data
origin identification and protection against replay attacks. It authenticates every packet as
a defense against session-stealing attacks. Although the IP header itself is outside the AH
header, AH also provides limited verification of it by not allowing changes to the IP header
after packet creation (note that this usually precludes the use of AH in NAT environments,
which modify packet headers at the point of NAT). AH packets use IP protocol 51. The
encapsulating security payload (ESP) protocol provides the features of AH (except for IP
header authentication), plus encryption. It can also be used in a null encryption mode that
provides the AH protection against replay attacks and other such attacks, without
encryption or IP header
authentication. This can allow for achieving some of the benefits of IPSec in a NAT
environment that would not ordinarily work well with IPSec. ESP packets use IP protocol
50.
75. What can you do with NETSH?
Netsh is a command-line scripting utility that allows you to, either locally or remotely,
display, modify or script the network configuration of a computer that is currently
running.
76. How do I look at the open ports on my machine?
Windows: Open a command prompt (Start button -> Run-> type

“cmd”), and type:
netstat -a
Linux: Open an SSH session and type:
netstat -an

Describe The OSI Model

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Describe The OSI Model

Uploaded by

Copyright:

Available Formats

Describe the OSI model.

Application Layers Usage Example :

6. Presentation Layer : MIME · XDR ·

5. Session Layer : Named Pipes · NetBIOS · SAP

4. Transport Layer : TCP · UDP · PPTP · SCTP · SSL · TLS

3. Network Layer : IP · ICMP · IPsec · IGMP · IPX · AppleTalk

v What is a VLAN? What is an ELAN? What is the difference?

VLAN — Virtual Local Area Network

ELAN — Emulated Local Area Network

Difference between these two are as follows:-

v Describe Ethernet packet contents: min./max. size, header.

Lower limit of frame size has the following reasons:

v Describe TCP/IP and its protocols.

ATM (asynchronous transfer mode) is a dedicated-connection switching technology that

Advantages and Disadvantages of ATM

v What are the maximum distances for CAT5 cabling?

Gigabit Ethernet (over copper), 1000baseT

Speed: 1000 Mbps

Fast Ethernet, 100baseT

Speed: 100 Mbps

Twisted Pair Ethernet, 10baseT

Thick Ethernet, 10 base 5

v Describe what a broadcast storm is.

v How do you distinguish a DNS problem from a network problem?

When u are not able to ping anything its network problem

v Describe the principle of multi-layer switching.

Multilayer switching is usually implemented through a fast hardware such as a higher-density

Generic Cut-Through Routing:

ATM-Based Cut-Through Routing:

A Metric can include:

 measuring link utilisation (using SNMP)

v What is a network management system?

A Network Management System (NMS) is a combination of hardware and software used to

v Describe how SNMP works.

v Describe how WEP works and its strengths and weaknesses

Do i need WEP at all?

How WEP works

v Describe what a VPN is and how it works.

Describe how VoIP works.

What authentication, authorization ad accounting (AAA) mechanisms are you familiar

RADIUS Server (Remote Access Dialin User Service)

MS IAS (Internet Authenticaion Service)

February 18, 2010

Filed under: Uncategorized — aacable @ 9:40 AM

Technical Interview Questions (Part 3/4)

Edited & Maintained by SYED JAHANZAIB / aacable@hotmail.com

 Tell me a bit about the capabilities of Exchange Server.

Microsoft Exchange Server is a client-server, collaborative application product developed by

the biggest difference.

-Exchange 2000/2003 scales much higher.

-It boasts conferencing services and instant messaging.

Disk configuration is a complex issue and is covered in my article:

Recommended Server hardware

• Four 1 gigahertz (GHz), 1 megabyte (MB) or 2 MB L2 cache processors

• 4 gigabytes (GB) of Error Correction Code (ECC) RAM

 Why not install Exchange on the same machine as a DC?

Exchange Full Administrator at organization Level and Local machine Administrator

These tools are install by default for 2007 Xge server

• Administrators group Full Control

• Creator Owner None

• System account Full Control

1. Start Exchange System Manager.

3. In the Properties window go to the Security tab.