Windows Server 2012 Active Directory Interview Questions
> What are the new AD features in Windows Server 2008 ?
AD DS includes many new features that are not available in previous versions of Windows Server Active Directory. These new features make it possible for organizations to deploy AD DS more simply and securely and to administer it more efficiently.
- AD DS: Auditing
- AD DS: Fine-Grained Password Policies
- AD DS: Read-Only Domain Controllers
- AD DS: Restartable Active Directory Domain Services
- AD DS: Database Mounting Tool (Snapshot Viewer or Snapshot Browser)
- AD DS: User Interface Improvements
- AD DS: Owner Rights
> What are the new AD features in Windows Server 2008 R2 ?
Active Directory Domain Services in the Windows Server 2008 R2 operating system includes many new features that help improve Active Directory manageability, supportability, and performance.
- Active Directory Recycle Bin
- Active Directory module for Windows PowerShell and Windows PowerShell cmdlets
- Active Directory Administrative Center
- Active Directory Best Practices Analyzer
- Active Directory Web Services
- Authentication mechanism assurance
- Offline domain join
- Managed Service Accounts
- Active Directory Management Pack
- Bridgehead Server Selection
> What are the new AD features in Windows Server 2012 ?
You can use Active Directory Domain Services in Windows Server 2012 to more rapidly and easily deploy domain controllers (on-premises and in the cloud), increase flexibility when auditing and authorizing access to files, and more easily perform administrative tasks at scale (locally or remotely) through consistent graphical and scripted management experiences.
- Virtualization that just works->Rapid deployment with cloning & Safer virtualization of domain controllers. - Simplified deployment and upgrade preparation -> Using AD DS Configuration Wizard. - Simplified management -> Dynamic Access Control,DirectAccess Offline Domain Join,AD FS,Windows PowerShell History Viewer,Active Directory Recycle Bin User Interface,Fine-Grained Password Policy User Interface,Active Directory Replication and Topology Windows PowerShell cmdlets,Active Directory Based Activation & Group Managed Service Accounts. - AD DS Platform Changes -> AD DS Claims in AD FS,Relative ID Improvements,Deferred Index Creation & Kerberos Enhancements.
>Why we need netlogon Service ?
It maintains a secure channel between the cumputer and the domain controller for authenticating users and services. If this service is stopped the computer may not authenticate users and services, and the domain controller cant register DNS records.
> Where is the NETLOGON logs stored ?
The NETLOGON logs are stored in C:\Windows\Debug\Netlogon.Log. By default the size of log file is 20MB.
>Briefly explain how Active Directory authentication works ?
When a user logs into the network, the user provides a username and password. The computer sends this username and password to the KDC which contains the master list of unique long term keys for each user. The KDC creates a session key and a ticket granting ticket. This data is sent to the user’s computer. The user’s computer runs the data through a one-way hashing function that converts the data into the user’s master key, which in turn enables the computer to communicate with the KDC, to access the resources of the domain.