Active Directory Interview Questions – Part 4

By | October 27, 2019

33. What are the data partitions in AD DS?
Each Domain Controller has a copy of the Active Directory database store in a file called NTDS.DIT. The data in this file is divided into partitions. The partition type determines how it will be replicated throughout the forest.

  1. Domain Partition
  2. Global Catalog Partition
  3. Schema Partition
  4. Configuration Partition
  5. Application Partition

34. What are the FSMO roles?
Flexible Single Master Operation (FSMO) role. Currently there are five FSMO roles:
Schema master
Domain naming master
RID master
PDC emulator
Infrastructure master

35. Why we need netlogon Service?
It maintains a secure channel between the computer and the domain controller for authenticating users and services. If this service is stopped the computer may not authenticate users and services, and the domain controller can’t register DNS records.

36. Where is the NETLOGON logs stored?
The NETLOGON logs are stored in C:\Windows\Debug\Netlogon.Log. By default, the size of log file is 20MB.

37. What is the default size of ntds.dit?
10 MB in Server 2000 and 12 MB in Server 2003 & Windows Server 2008.

38. Where is the AD database held and What are other folders related to AD?
AD Database is saved in C:\Windows\ntds. You can see other files also in this folder. These are the main files controlling the AD structure.


When a change is made to the AD database, triggering a write operation, Windows records the transaction in the log file (edb.log). Once written to the log file, the change is then written to the AD database. System performance determines how fast the system writes the data to the AD database from the log file. Any time the system is shut down, all transactions are saved to the database.

During the installation of AD, Windows creates two files: res1.log and res2.log. The initial size of each is 10MB. These files are used to ensure that changes can be written to disk should the system run out of free disk space. The checkpoint file (edb.chk) records transactions committed to the AD database (ntds.dit). During shutdown, a “shutdown” statement is written to the edb.chk file.

Then, during a reboot, AD determines that all transactions in the edb.log file have been committed to the AD database. If, for some reason, the edb.chk file doesn’t exist on reboot or the shutdown statement isn’t present, AD will use the edb.log file to update the AD database. The last file in our list of files to know is the AD database itself, ntds.dit. By default, the file is located in\NTDS, along with the other files we’ve discussed

39. What is ADSIEDIT?
ADSIEDIT :ADSIEdit is a Microsoft Management Console (MMC) snap-in that acts as a low-level editor for Active Directory. It is a Graphical User Interface (GUI) tool. Network administrators can use it for common administrative tasks such as adding, deleting, and moving objects with a directory service. The attributes for each object can be edited or deleted by using this tool. ADSIEdit uses the ADSI application programming interfaces (APIs) to access Active Directory. The following are the required files for using this tool: ADSIEDIT.DLL ADSIEDIT.

40. What is NETDOM command?
NETDOM is a command-line tool that allows management of Windows domains and trust relationships. It is used for batch management of trusts, joining computers to domains, verifying trusts, and secure channels.

41. What is REPADMIN?
This command-line tool assists administrators in diagnosing replication problems between Windows domain controllers. Administrators can use Repadmin to view the replication topology (sometimes referred to as RepsFrom and RepsTo) as seen from the perspective of each domain controller. In addition, Repadmin can be used to manually create the replication topology (although in normal practice this should not be necessary), to force replication events between domain controllers, and to view both the replication metadata and up-to-date vectors.

42. What is AD DS replication?
Active Directory database is replicated between domain controllers. The data replicated between controllers called “data” are also called “naming context”. Only the changes are replicated, once a domain controller has been established. Active Directory uses a multimaster model which means changes can be made on any controller and the changes are sent to all other controllers. The replication path in Active Directory forms a ring which adds reliability to the replication.

Leave a Reply

Your email address will not be published. Required fields are marked *