>What is domain controller?
A Domain controller (DC) is a server that responds to security authentication requests (logging in, checking permissions, etc.) within the Windows Server domain. A domain is a concept introduced in Windows NT whereby a user may be granted access to a number of computer resources with the use of a single username and password combination.
>What is LDAP?
Lightweight Directory Access Protocol LDAP is the industry standard directory access protocol, making Active Directory widely accessible to management and query applications. Active Directory supports LDAPv3 and LDAPv2. >What is KCC?
KCC (knowledge consistency checker) is used to generate replication topology for inter site replication and for intra-site replication. Within a site replication traffic is done via remote procedure calls over ip, while between sites it is done through either RPC or SMTP. >Where is the AD database held? What other folders are related to AD? The AD data base is store in c:\windows\ntds\NTDS.DIT. >What is the SYSVOL folder? The sysVOL folder stores the server’s copy of the domain’s public files. The contents such as group policy, users etc of the sysvol folder are replicated to all domain controllers in the domain. >Where are the Window s NT Primary Domain Controller (PDC) and its Backup Domain Controller (BDC) in Server 2003? The Active Directory replaces them. Now all domain controllers share a multi master peer-to-peer read and write relationship that hosts copies of the Active Directory. >Cannot create a new universal user group. Why? Universal groups are allowed only in native-mode Windows Server 2003 environments. Native mode requires that all domain controllers be promoted to Windows Server 2003 Active Directory. >What is LSDOU?
Its group policy inheritance model, where the policies are applied toLocal machines, Sites, Domains and Organizational Units.
>Why doesn’t LSDOU w ork under Window s NT?
If the NTConfig.pol file exists, it has the highest priority among the numerous policies.
>How many number of permitted unsuccessful logons on Administrator account? Unlimited. Remember, though, that it’s the Administrator account, not any account that’s part of the Administrators group. > What’s the difference betw een guest accounts in Server 2003 and other editions?
More restrictive in Windows Server 2003.
> How many passw ords by default are remembered w hen you check “Enforce Passw ord History Remembered”?
User’s last 6 passwords.
> Can GC Server and Infrastructure place in single server?
No, As Infrastructure master does the same job as the GC. It does not work together.
> Which is service in your w indow s is responsible for replication of Domain controller to another domain controller.
KCC generates the replication topology.
> What Intrasite and Intersite Replication? Intrasite is the replication within the same site & intersite the replication between sites. > What is lost & found folder in ADS? It’s the folder where you can find the objects missed due to conflict. Ex: you created a user in OU which is deleted in other DC & when replication happed ADS didn’t find the OU then it will put that in Lost & Found Folder. > What is Garbage collection? Garbage collection is the process of the online defragmentation of active directory. It happens every 12 Hours. > What System State data contains? Contains Startup files, Registry Com + Registration Database Memory Page file System files AD information Cluster Service information SYSVOL Folder
>What is the difference betw een Window s 2000 Active Directory and Window s 2003 Active Directory? Is there any difference in 2000 Group Polices and 2003 Group Polices? What is meant by ADS and ADS services in Window s 2003? Windows 2003 Active Directory introduced a number of new security features, as well as convenience features such as the ability to rename a domain controller and even an entire domain Windows Server 2003 also introduced numerous changes to the default settings that can be affected by Group Policy – you can see a detailed list of each available setting and which OS is required to support it by downloading the Group Policy Settings Reference. ADS stands for Automated Deployment Services, and is used to quickly roll out identically-configured servers in large-scale enterprise environments. You can get more information from the ADS homepage. >I w ant to setup a DNS server and Active Directory domain. What do I do first? If I install the DNS service first and name the zone ‘name.org’ can I name the AD domain ‘name.org’ too? Not only can you have a DNS zone and an Active Directory domain with the same name, it’s actually the preferred way to go if at all possible. You can install and configure DNS before installing Active Directory, or you can allow the Active Directory Installation Wizard (dcpromo) itself install DNS on your server in the background. >How do I determine if user accounts have local administrative access? You can use the net local group administrators command on each workstation (probably in a login script so that it records its information to a central file for later review). This command will enumerate the members of the Administrators group on each machine you run it on. Alternately, you can use the Restricted Groups feature of Group Policy to restrict the membership of Administrators to only those users you want to belong.
>Why am I having trouble printing w ith XP domain users?
In most cases, the inability to print or access resources in situations like this one will boil down to an issue with name resolution, either DNS or WINS/NetBIOS. Be sure that your Windows XP clients’ wireless connections are configured with the correct DNS and WINS name servers, as well as with the appropriate NetBIOS over TCP/IP settings. Compare your wireless settings to your wired LAN settings and look for any discrepancies that may indicate where the functional difference may lie.
>What is the ISTG? Who has that role by default?
inbound replication from intra-site replication partners. For inter-site replication, one domain controller per site has the responsibility of evaluating the inter-site replication topology and creating Active Directory Replication Connection objects for appropriate bridgehead servers within its site. The domain controller in each site that owns this role is referred to as the Inter-Site Topology Generator (ISTG).
