Windows Sever 2013 Active directory Interview Questions and Answers
>What is the default size of ntds.dit ?
10 MB in Server 2000 and 12 MB in Server 2003 .
>Where is the AD database held and What are other folders related to AD ?
AD Database is saved in %systemroot%/ntds. You can see other files also in this folder. These are the main files controlling the AD structure.
When a change is made to the Win2K database, triggering a write operation, Win2K records the transaction in the log file (edb.log). Once written to the log file, the change is then written to the AD database. System performance determines how fast the system writes the data to the AD database from the log file. Any time the system is shut down, all transactions are saved to the database.
During the installation of AD, Windows creates two files: res1.log and res2.log. The initial size of each is 10MB. These files are used to ensure that changes can be written to disk should the system run out of free disk space. The checkpoint file (edb.chk) records transactions committed to the AD database (ntds.dit). During shutdown, a "shutdown" statement is written to the edb.chk file.
Then, during a reboot, AD determines that all transactions in the edb.log file have been committed to the AD database. If, for some reason, the edb.chk file doesn't exist on reboot or the shutdown statement isn't present, AD will use the edb.log file to update the AD database.
The last file in our list of files to know is the AD database itself, ntds.dit. By default, the file is located in\NTDS, along with the other files we've discussed
>What FSMO placement considerations do you know of ?
Windows 2000/2003 Active Directory domains utilize a Single Operation Master method called FSMO (Flexible Single Master Operation), as described in Understanding FSMO Roles in Active Directory.
In most cases an administrator can keep the FSMO role holders (all 5 of them) in the same spot (or actually, on the same DC) as has been configured by the Active Directory installation process.
However, there are scenarios where an administrator would want to move one or more of the FSMO roles from the default holder DC to a different DC.
Windows Server 2003 Active Directory is a bit different than the Windows 2000 version when dealing with FSMO placement.
In this article I will only deal with Windows Server 2003 Active Directory, but you should bear in mind that most considerations are also true when planning Windows 2000 AD FSMO roles
>What do you do to install a new Windows 2003 R2 DC in a Windows 2003 AD?
If you're installing Windows 2003 R2 on an existing Windows 2003 server with SP1 installed, you require only the second R2 CD-ROM.
Insert the second CD and the r2auto.exe will display the Windows 2003 R2 Continue Setup screen.
If you're installing R2 on a domain controller (DC), you must first upgrade the schema to the R2 version (this is a minor change and mostly related to the new Dfs replication engine).
To update the schema, run the Adprep utility, which you'll find in the Components\r2\adprep folder on the second CD-ROM.
Before running this command, ensure all DCs are running Windows 2003 or Windows 2000 with SP2 (or later).
Here's a sample execution of the Adprep /forestprep
Before running adprep, all Windows 2000 domain controllers in the forest should be upgraded to Windows 2000 Service Pack 1 (SP1) with QFE 265089, or to Windows 2000 SP2 (or later).
QFE 265089 (included in Windows 2000 SP2 and later) is required to prevent potential domain controller corruption.
[User Action] If ALL your existing Windows 2000 domain controllers meet this requirement, type C and then press ENTER to continue. Otherwise, type any other key and press ENT ER to quit.
C Opened Connection to SAV
DALDC01 SSPI Bind succeeded Current Schema Version is 30 Upgrading schema to version 31 Connecting to "SAVDALDC01" Logging in as current user using SSPI Importing directory from file "C:\WINDOWS\system32\sch31.ldf" Loading entries... 139 entries modified successfully.
The command has completed successfully Adprep successfully updated the forest-wide information.
After running Adprep, install R2 by performing these steps:
1. Click the "Continue Windows Server 2003 R2 Setup" link, as the figureshows.
2. At the "Welcome to the Windows Server 2003 R2 Setup Wizard" screen, click Next.
3. You'll be prompted to enter an R2 CD key (this is different from your existing Windows 2003 keys) if the underlying OS wasn't installed from R2 media (e.g., a regular Windows 2003 SP1 installation).
Enter the R2 key and click Next. Note: The license key entered for R2 must match the underlying OS type, which means if you installed Windows 2003 using a volume-license version key, then you can't use a retail or Microsoft Developer Network (MSDN) R2 key.
4. You'll see the setup summary screen which confirms the actions to be performed (e.g., Copy files). Click Next.
5. After the installation is complete, you'll see a confirmation dialog box. Click Finish
>What is OU ?
Organization Unit is a container object in which you can keep objects such as user accounts, groups, computer, printer . applications and other (OU). In organization unit you can assign specific permission to the user's. organization unit can also be used to create departmental limitation.
>Name some OU design considerations ?
OU design requires balancing requirements for delegating administrative rights - independent of Group Policy needs - and the need to scope the application of Group Policy.
The following OU design recommendations address delegation and scope issues:
Applying Group Policy An OU is the lowest-level Active Directory container to which you can assign Group Policy settings. Delegating administrative authority
usually don't go more than 3 OU levels.