Active Directory (AD) Interview Questions and Answers- Part-2

22. Which is the Default Protocol Used In Directory Services?

Answer-The default protocol used in directory services is LDAP ( Lightweight Directory Access Protocol).

23. What is Mixed Mode?

Answer-Allows domain controllers running both Windows 2000 and earlier versions of Windows NT to co-exist in the domain. In mixed mode, the domain features from previous versions of Windows NT Server are still enabled, while some Windows 2000 features are disabled. Windows 2000 Server domains are installed in mixed mode by default. In mixed mode the domain may have Windows NT 4.0 backup domain controllers present. Nested groups are not supported in mixed mode.

24. What is Native Mode?

Answer-When all the domain controllers in a given domain are running Windows 2000 Server. This mode allows organizations to take advantage of new Active Directory features such as Universal groups, nested group membership, and inter-domain group membership.

25. Explain What is Sysvol?

Answer-The SysVOL folder keeps the server’s copy of the domain’s public files. The contents such as users, group policy, etc. of the sysvol folders are replicated to all domain controllers in the domain.

26. What is Ldap?

Answer-LDAP is the directory service protocol that is used to query and update AD. LDAP naming paths are used to access AD objects and include the following:

Distinguished names

Relative Distinguished names

27. What is Kerberos?

Answer-Kerberos is an authentication protocol for network. It is built to offer strong authentication for server/client applications by using secret-key cryptography.

28. Minimum Requirement For Installing Ad?

Answer-Windows Server, Advanced Server, Datacenter Server

Minimum Disk space of 200MB for AD and 50MB for log files

NTFS partition

TCP/IP Installed and Configured to use DNS

Administrative privilege for creating a domain in existing network

29. What are Lingering Objects?

Answer-Lingering objects can exists if a domain controller does not replicate for an interval of time that is longer than the tombstone lifetime (TSL).

30. What is Tombstone Lifetime?

Answer-Tombstone lifetime in an Active Directory determines how long a deleted object is retained in Active Directory. The deleted objects in Active Directory is stored in a special object referred as TOMBSTONE. Usually, windows will use a 60- day tombstone lifetime if time is not set in the forest configuration.

31. Why We Need Netlogon?

Answer-Maintains a secure channel between this computer and the domain controller for authenticating users and services. If this service is stopped, the computer may not authenticate users and services, and the domain controller cannot register DNS records.”

32. Explain What is Active Directory Schema?

Answer-Schema is an active directory component describes all the attributes and objects that the directory service uses to store data.

33. What is Dns Scavenging?

Answer-Scavenging will help you clean up old unused records in DNS.

34. Explain What is A Child Dc?

Answer-CDC or child DC is a sub domain controller under root domain controller which share name space

35. What is New In Windows Server 2008 Active Directory Domain Services?

Answer-AD Domain Services auditing, Fine-Grained Password Policies,Read-Only Domain Controllers,Restartable Active Directory Domain Services

36. Explain What is Rid Master?

Answer-RID master stands for Relative Identifier for assigning unique IDs to the object created in AD.

37. Explain What are Rodcs? And What are The Major Benefits Of Using Rodcs?

Answer-Read only Domain Controller, organizations can easily deploy a domain controller in locations where physical security cannot be guaranteed.

38. What are The Components Of Ad?

Answer-Components of AD includes
Logical Structure: Trees, Forest, Domains and OU.
Physical Structures: Domain controller and Sites.

39. What is The Number Of Permitted Unsuccessful Log Ons On Administrator Account?

Answer-Unlimited. Remember, though, that it’s the Administrator account, not any account that’s part of the Administrators group.

40. Explain What Is Infrastructure Master?

Answer-Infrastructure Master is accountable for updating information about the user and group and global catalogue.

41. What Hidden Shares Exist On Windows Server 2003 Installation?

Answer-Admin$, Drive$, IPC$, NETLOGON, print$ and SYSVOL.

42. Can You Connect Active Directory To Other 3rd-party Directory Services? Name A Few Options?

Answer-Yes you can Connect Active Directory to other 3rd -party Directory Services such as dictionaries used by SAP, Domino etc with the help of MIIS (Microsoft Identity Integration Server).

43. What is The List Folder Contents Permission On The Folder In Ntfs?

Answer-Same as Read & Execute, but not inherited by files within a folder. However, newly created subfolders will inherit this permission.

44. How Do I Set Up Dns For Other Dcs In The Domain That Are Running Dns?

Answer-For each additional DC that is running DNS, the preferred DNS setting is the parent DNS server (first DC in the domain), and the alternate DNS setting is the actual IP address of network interface.

If you have any questions feel free to contact me on admin@windowstechno.com also follow me on facebook @windowstechno to get updates about new blog posts.

How useful was this post?

Click on a star to rate it!

Leave a Reply