1) Mention what is Active Directory?

An active directory is a directory structure used on Microsoft Windows based servers and computers to
store data and information about networks and domains.

2) Mention what are the new features in Active Directory (AD) of Windows server 2012?
 dcpromo (Domain Controller Promoter) with improved wizard: It allows you to view all the steps
and review the detailed results during the installation process
 Enhanced Administrative Center: Compared to the earlier version of active directory, the
administrative center is well designed in Windows 2012. The exchange management console is well
designed
 Recycle bin goes GUI: In windows server 12, there are now many ways to enable the active
directory recycle bin through the GUI in the Active Directory Administrative Center, which was not
possible with the earlier version
 Fine grained password policies (FGPP): In windows server 12 implementing FGPP is much easier
compared to an earlier It allows you to create different password policies in the same domain
 Windows Power Shell History Viewer: You can view the Windows PowerShell commands that
relates to the actions you execute in the Active Directory Administrative Center UI

3) Mention which is the default protocol used in directory services?

The default protocol used in directory services is LDAP ( Lightweight Directory Access Protocol).

4) Explain the term FOREST in AD?

Forest is used to define an assembly of AD domains that share a single schema for the AD. All DC’s in
the forest share this schema and is replicated in a hierarchical fashion among them.

5) Explain what is SYSVOL?

The SysVOL folder keeps the server’s copy of the domain’s public files. The contents such as users,
group policy, etc. of the sysvol folders are replicated to all domain controllers in the domain.

6) Mention what is the difference between domain admin groups and enterprise admins group in AD?
Enterprise Admin Group Domain Admin Group

 Members of this group have complete control of all domains in
the forest
 By default, this group belongs to the administrators group on all
domain controllers in the forest
 As such this group has full control of the forest, add users with
caution
 Members of this group have complete control of the dom
 By default, this group is a member of the administrators g
on all domain controllers, workstations and member servers at
time they are linked to the domain
 As such the group has full control in the domain, add use
caution

7) Mention what system state data contains?

System state data contains

 Contains startup files

 Registry
 Com + Registration Database
 Memory page file
 System files
 AD information
 SYSVOL Folder
 Cluster service information
8) Mention what is Kerberos?

Kerberos is an authentication protocol for network. It is built to offer strong authentication for server/client
applications by using secret-key cryptography.

9) Explain where does the AD database is held? What other folders are related to AD?

AD database is saved in %systemroot%/ntds. In the same folder, you can also see other files; these are
the main files controlling the AD structures they are

 dit
 log
 res 1.log
 log
 chk
10) Mention what is PDC emulator and how would one know whether PDC emulator is working or not?
PDC Emulators: There is one PDC emulator per domain, and when there is a failed authentication
attempt, it is forwarded to PDC emulator. It acts as a “tie-breaker” and it controls the time sync across the
domain.

These are the parameters through which we can know whether PDC emulator is working or not.

 Time is not syncing

 User’s accounts are not locked out
 Windows NT BDCs are not getting updates
 If pre-windows 2000 computers are unable to change their passwords
11) Mention what are lingering objects?

Lingering objects can exists if a domain controller does not replicate for an interval of time that is longer
than the tombstone lifetime (TSL).

12) Mention what is TOMBSTONE lifetime?

Tombstone lifetime in an Active Directory determines how long a deleted object is retained in Active
Directory. The deleted objects in Active Directory is stored in a special object referred as
TOMBSTONE. Usually, windows will use a 60- day tombstone lifetime if time is not set in the forest
configuration.

13) Explain what is Active Directory Schema?

Schema is an active directory component describes all the attributes and objects that the directory service
uses to store data.

14) Explain what is a child DC?

CDC or child DC is a sub domain controller under root domain controller which share name space

15) Explain what is RID Master?

RID master stands for Relative Identifier for assigning unique IDs to the object created in AD.

16) Mention what are the components of AD?

Components of AD includes

 Logical Structure: Trees, Forest, Domains and OU

 Physical Structures: Domain controller and Sites
17) Explain what is Infrastructure Master?

Infrastructure Master is accountable for updating information about the user and group and global
catalogue.

2. What is Native Mode?

When all the domain controllers in a given domain are running Windows 2000 Server. This mode allows
organizations to take advantage of new Active Directory features such as Universal groups, nested group
membership, and inter-domain group membership.

Q3. What is Organizational Units ?

The Organizational Unit (OU)is a critical design factor impacting security, policy, efficiency, and the cost of
administration. Organizational Units are a type of LDAP (X.500) container. It can be thought of as a sub-
domain element with similar properties to domains. They are components internal to domains. OUs are
part of the LDAP name space and not the DNS namespace.

Q4. Do we use clustering in Active Directory? Why?

No one installs Active Directory in a cluster. There is no need of clustering a domain controller. Because
Active Directory provides total redundancy with two or more servers

Q5. What is sites ? What are they used for ?

One or more well-connected (highly reliable and fast) TCP/IP subnets.
A site allows administrators to configure Active Directory access and replication topology to take
advantage of the physical network.
A Site object in Active Directory represents a physical geographic location that hosts networks. Sites
contain objects called Subnets.
Sites can be used to Assign Group Policy Objects, facilitate the discovery of resources, manage active
directory replication, and manage network link traffic.
Sites can be linked to other Sites. Site-linked objects may be assigned a cost value that represents the
speed, reliability, availability, or other real property of a physical resource. Site Links may also be
assigned a schedule.

Q6. What is Domains in Active Directory?

In Windows 2000, a domain defines both an administrative boundary and a security boundary for a
collection of objects that are relevant to a specific group of users on a network. A domain is an
administrative boundary because administrative privileges do not extend to other domains. It is a security
boundary because each domain has a security policy that extends to all security accounts within the
domain. Active Directory stores information about objects in one or more domains.
Domains can be organized into parent-child relationships to form a hierarchy. A parent domain is the
domain directly superior in the hierarchy to one or more subordinate, or child, domains. A child domain
also can be the parent of one or more child domains, as shown below.

Q7. Explain what is SYSVOL?

The SysVOL folder keeps the server’s copy of the domain’s public files. The contents such as users,
group policy, etc. of the sysvol folders are replicated to all domain controllers in the domain.

Q8. Tell me about Infrastructure master?

The Infrastructure Master is used to maintain references to objects in other domains, known as phantoms.
The Infrastructure Master is responsible for fixing up stale references from objects in its domain to objects
in other domains. The Infrastructure Master FSMO role owner is used to continually maintain the
phantoms whenever the objects they refer to are changed or moved in the object’s domain.

Q9. What is Active Directory Recycle Bin?

Active Directory Recycle bin is a feature of Windows Server 2008 AD. It helps to restore accidentally
deleted Active Directory objects without using a backedup AD database, rebooting domain controller or
restarting any services

Q10. Trying to look at the Schema, how can I do that ?

register schmmgmt.dll using this command
c:\windows\system32>regsvr32 schmmgmt.dll
Open mmc –> add snapin –> add Active directory schema
name it as schema.msc
Open administrative tool –> schema.msc

Q11. Mention which is the default protocol used in directory services?

The default protocol used in directory services is LDAP (Lightweight Directory Access Protocol).

Q12. What is LDAP?

LDAP is the directory service protocol that is used to query and update AD. LDAP naming
paths are used to access AD objects and include the following:

Distinguished names

Relative Distinguished names

Q13. What is the purpose of replication in AD ?

The purpose of replication is to distribute the data stored within the directory throughout the organization
for increased availability, performance, and data protection. Systems administrators can tune replication
to occur based on their physical network infrastructure and other constraints.

Q14. What is RODC? Why do we configure RODC?

Read only domain controller (RODC) is a feature of Windows Server 2008 Operating System. RODC is a
read only copy of Active Directory database and it can be deployed in a remote branch office where
physical security cannot be guaranteed. RODC provides more improved security and faster log on time for
the branch office

Q15. What is the port no of Kerbrose ?

88

Q16. What is Mixed Mode?

Allows domain controllers running both Windows 2000 and earlier versions of Windows NT to co-exist in
the domain. In mixed mode, the domain features from previous versions of Windows NT Server are still
enabled, while some Windows 2000 features are disabled. Windows 2000 Server domains are installed in
mixed mode by default. In mixed mode the domain may have Windows NT 4.0 backup domain controllers
present. Nested groups are not supported in mixed mode.

Q17. Mention what is Kerberos?

Kerberos is an authentication protocol for network. It is built to offer strong authentication for server/client
applications by using secret-key cryptography.

Q18. What is stale ?

Stale means references to objects that have been moved or renamed so that the local copy of the remote
object’s name is out of date .

Q19. How do you check currently forest and domain functional levels? Say both GUI and Command line.
To find out forest and domain functional levels in GUI mode, open ADUC, right click on the domain name
and take properties. Both domain and forest functional levels will be listed there. TO find out forest and
domain functional levels, you can use DSQUERY command.

Q20. What is the port no of Global catalog ?

3268
Q21. Explain the term FOREST in AD?
Forest is used to define an assembly of AD domains that share a single schema for the AD. All DC’s in
the forest share this schema and is replicated in a hierarchical fashion among them.

Q22. Minimum Requirement for Installing AD?

Windows Server, Advanced Server, Datacenter Server

Minimum Disk space of 200MB for AD and 50MB for log files

NTFS partition

TCP/IP Installed and Configured to use DNS

Administrative privilege for creating a domain in existing network

Q23. What is SID ?

Security Identifier (SID) is a unique, variable-length identifier used to identify a trustee or security
principal.

Q24. Explain Knowledge Consistency Checker (KCC)

KCC can be expanded as Knowledge Consistency Checker. It is a protocol process running on all domain
controllers, and it generates and maintains the replication topology for replication within sites and between
sites.

Q25. What is the port no of LDAP ?

389

Q26. What are the tools used to check and troubleshoot replication of Active Directory?
We can use command line tools such as repadmin and dcdiag. GUI tool REPLMON can also be used for
replication monitoring and troubleshooting.

Q27. Explain Active Directory Schema ?

Windows 2000 and Windows Server 2003 Active Directory uses a database set of rules called “Schema”.
The Schema is defines as the formal definition of all object classes, and the attributes that make up those
object classes, that can be stored in the directory. As mentioned earlier, the Active Directory database
includes a default Schema, which defines many object classes, such as users, groups, computers,
domains, organizational units, and so on.
These objects are also known as “Classes”. The Active Directory Schema can be dynamically extensible,
meaning that you can modify the schema by defining new object types and their attributes and by defining
new attributes for existing objects. You can do this either with the Schema Manager snap-in tool included
with Windows 2000/2003 Server, or programmatically.