JUNO Online Services Ltd Interview Questions on 05-08-2005

1. What is ADS and what are the Functions of ADS?

 ADS is a Directory service which stores all the information in a central location.
 It provides the network accessibility to users, applications and administrators.
 In ADS everything is stored as an Object. It contains Class Objects and Attribute Objects
 All identical objects comes under one class ex. All users comes under User class
 Attributes are the properties of the Object ex. For user – full name, logon name etc

Simplifies Management:
 Eliminates redundant management tasks. Provides a single-point of management
for Windows user accounts, clients, servers, and applications as well as the ability to
synchronize with existing directories.
 Reduces trips to the desktop. Automatically distributes software to users based on
their role in the company, reducing or eliminating multiple trips that system administrators
need to make for software installation and configuration.
 Better maximizes IT resources. Securely delegates administrative functions to all
levels of an organization.
 Lowers total cost of ownership (TCO). Simplifies the management and use of file
and print services by making network resources easier to find, configure, and use.

Strengthens Security:
 It improves password security and management. By providing single sign-on to
network resources with integrated, high-powered security services that are transparent to
end users.
 It ensures desktop functionality. By locking-down desktop configurations and
preventing access to specific client machine operations, such as software installation or
registry editing, based on the role of the end user.
 It speeds e-business deployment. By providing built-in support for secure Internet-
standard protocols and authentication mechanisms such as Kerberos, public key
infrastructure (PKI) and lightweight directory access protocol (LDAP) over secure sockets
layer (SSL).
 It tightly controls security. By setting access control privileges on directory objects
and the individual data elements that make them up.

Extends Interoperability:
 Takes advantage of existing investments and ensures flexibility. Standards-based
interfaces to all features make use of investments and ensure flexibility for future
applications and infrastructure.
 Consolidates management of multiple application directories. Using open interfaces,
connectors, and synchronization mechanisms, organizations can consolidate directories
including Novell's NDS, LDAP, ERP, e-mail, and other mission-critical applications.
 Allows organizations to deploy directory-enabled networking. Network devices from
leading vendors such as Cisco and 3COM can use the directory to let administrators assign
quality of service and allocate network bandwidth to users based on their role in the
company.
 Allows organizations to develop and deploy directory-enabled applications. Using the
fully extensible directory architecture, developers can build applications that deliver
functionality tailored to the needs of the end user.
 2. What are the 4 Partitions of the ADS, explain?

Naming Contexts and Directory Partitions:

Each domain controller in an Active Directory forest includes directory partitions. Directory
partitions are also known as naming contexts. A directory partition is a contiguous portion of the
overall directory that has independent replication scope and scheduling data. By default, the
Active Directory for an enterprise contains the following partitions:

 Schema Partition: Schema holds information on the definition of objects within the
network. The schema partition contains the classSchema and attributeSchema objects that
define the types of objects that can exist in the Active Directory forest. Every domain
controller in the forest has a replica of the same schema partition.

Defines rules for object creation and modification for all objects in the forest. Replicated to all domain
controllers in the forest. Replicated to all domain controllers in the forest, it is known as an enterprise
partition.

 Configuration Partition: Configuration partition holds information relating to the forest

structure. The configuration partition contains replication topology and other configuration
data that must be replicated throughout the forest. Every domain controller in the forest
has a replica of the same configuration partition.

Information about the forest directory structure is defined including trees, domains,
domain trust relationships, and sites (TCP/IP subnet group). Replicated to all domain
controllers in the forest, it is known as an enterprise partition.

 Domain Partition: The domain partition contains the directory objects, such as users
and computers, associated with the local domain. A domain can have multiple domain
controllers and a forest can have multiple domains. Each domain controller stores a full
replica of the domain partition for its local domain, but does not store replicas of the
domain partitions for other domains.

Has complete information about all domain objects (Objects that are part of the domain
including OUs, groups, users and others). Replicated only to domain controllers in the same
domain.

 Application Directory Partitions: The application directory partition provides the

capability of hosting dynamic data in Active Directory, thus allowing ADSI/LDAP access to
it, without significantly impacting network performance. Dynamic data typically changes
more frequently than the replication latency involved in propagating the change to all
replicas of the data. In Windows 2000, the support for dynamic data is limited. Storing
dynamic data in a domain partition can be complicated. The data is replicated to all domain
controllers in the domain, which is often unnecessary and can result in inconsistent data
due to replication latency. This can adversely impact network performance.

3. What are the requirements to install ADS?

  An NTFS partition with enough free space (1 GB)
 An Administrator's username and password

 The correct operating system version

 A NIC

 Properly configured TCP/IP (IP address, subnet mask and - optional - default
gateway)

 A network connection (to a hub or to another computer via a crossover cable)

 An operational DNS server (which can be installed on the DC itself)

 A Domain name that you want to use

 The Windows 2000 or Windows Server 2003 CD media (or at least the i386 folder)

4. Which protocol is used behind the ADS?

Light Weight Directory Access Protocol (LDAP) is used

5. What is the difference between LDAP and DAP?

Lightweight Directory Access Protocol:

LDAP is a communication protocol designed for use on TCP/IP networks. LDAP defines how a
directory client can access a directory server and how the client can perform directory
operations and share directory data. LDAP standards are established by working groups of the
Internet Engineering Task Force (IETF). Active Directory implements the LDAP attribute draft
specifications and the IETF standards for LDAP versions 2 and 3.
As its name implies, LDAP is designed as an efficient method for accessing directory services
without the complexity of other directory service protocols. Because LDAP defines what
operations can be performed to query and modify information in a directory and how
information in a directory can be securely accessed, you can use LDAP to find or enumerate
directory objects and to query or administer Active Directory.

6. What is Schema and Global Catalog Server explain?

Schema: The Schema is a Blue Print of Active Directory. It contains rules for object
instantiation (representation) the schema governs the structure and content of Active
Directory with structure and content rules. Because everything in Active Directory is stored in
objects, the schema is implemented as a number of objects. There is one object for each class
in the schema (classSchema objects) and one for each attribute (attributeSchema
objects). However, there are no objects for the syntaxes; they are hard-coded into Active
Directory. This means that classes and attributes can be created and modified, but syntaxes
cannot.
Global Catalog: The Global catalog is the central repository of information about objects in a
tree or forest, as shown in Figure (D) By default, a global catalog is created automatically on
the initial domain controller in the forest, known as the global catalog server. It stores a full
replica of all object attributes in the directory for its host domain and a partial replica for all
object attributes contained in the directory of every domain in the forest. The partial replica
stores attributes most frequently used in search operations (such as a user's first and last
names, logon name, and so on). Object attributes replicated to the global catalog inherit the
same permissions as in source domains, ensuring that data in the global catalog is secure.

The global catalog performs two key directory roles:

 It enables network logon by providing universal group membership information to a

domain controller when a logon process is initiated.
 It enables finding directory information regardless of which domain in the forest actually
contains the data.

7. If the Laptop is not displaying when u boot it, what is solution?

 Check for the Power Loose connections

 Remove Laptop battery and put it again and connect the power cable
 Wait for 2 minutes and Start the Laptop.

8. If the system performance is slow, how can u speed it?

 Remove Temp Files & Quarantine Files

 Execute the Disk Defragmentation tool
 Check for Viruses and scanned the system
 Check the services and deletes the unnecessary services.
 Check the Virtual Memory settings

9. How u r upgraded Anti Virus from Corporate Edition 9 to 10?

 For client upgradations, by using Symantec System Center Console.

 We push the anti virus into Client.
 Requirements – IE 5.5 or above and 100MB space

10.What is the difference between DNS & WINS?

Domain Name System (DNS) :

1. It resolves Hostnames to IP addresses and vice versa
2. It supports Hierarchical Structure for host names
3. Host name up to 64 Characters (FQDN is up to 255 characters)
4. It works with Windows and Unix
5. DNS works with only TCP/IP protocol
6. DNS is static in NT 4.0 and Dynamic in 2000 onwards

Windows Internet Name Service (WINS) :

1. It resolves NetBIOS names to IP addresses and vice versa
2. It supports Flat structure for NetBIOS names
3. Host name is up to 15 characters (16th character indicates service)
 4. Works with only Windows
5. Works with only TCP/IP Protocol
5. It supports the Dynamic updation of the database

11.If u r connected to the Internet which is used DNS or WINS?

 DNS is used. Because it is having the Hierarchical structure.

12.If u install DNS at the time of promoting the Workstation as DC. Is it creates
any more records?

 Yes, If u install DNS at the time of DCPROMO. The DNS contains the active directory
integrated zones. It wont have the Text zone files. It stores the zone information in the
Active Directory database (NTDS.NIT) file.

13.What is the use of DHCP Server explain the process?

 DHCP client sends special broadcast packet to DHCP Discover Message

 Nearest DHCP server responds by sending DHCP offer message
 DHCP client sends a DHCP request message
 DHCP ACK message broadcasts by DHCP server
 DHCP client configures its TCP/IP stack by using address it accepted from the server.

14.If 2 DHCP servers are available, from which server the client takes IP?

 The client machine typically repeats the discover message several times to make sure it
hears from all the servers, then eventually chooses the "best" server, where what is
"best" is up to the client. It may mean that the addresses the DHCP server has available
offer the longest lease time. Or the client might prefer a server that provides WINS
servers over one that doesn't

15.What are the FSMO Roles (Master Operations) and explain?

Windows 2000 Single-Master Model:

To prevent conflicting updates in Windows 2000, the Active Directory performs updates to
certain objects in a single-master fashion. In a single-master model, only one DC in the entire
directory is allowed to process updates. This is similar to the role given to a primary domain
controller (PDC) in earlier versions of Windows (such as Microsoft Windows NT 3.51 and 4.0), in
which the PDC is responsible for processing all updates in a given domain.

The Windows 2000 Active Directory extends the single-master model found in earlier versions
of Windows to include multiple roles, and the ability to transfer roles to any domain controller
(DC) in the enterprise. Because an Active Directory role is not bound to a single DC, it is
referred to as a Flexible Single Master Operation (FSMO) role. Currently in Windows 2000 there
are five FSMO roles:

Schema Master:
 This DC is the only one that can process updates to the directory schema
 It controls all originating updates to the schema
 It contains master list of object classes and attributes that are used to create all active
directory objects such as users, computers and printers.
  The schema updates are replicated to all Domain Controllers in the Forest.
 Only schema admins group can make modifications to the schema

Domain Naming Master:

 It controls the addition or Removal of domains in the Forest
 It is responsible to ensuring that the domain names are UNIQUE.
 It manages the naming of sites to ensure that a duplicate sites are not created.
 It must also be running as a Global Catalog Server for querying objects in AD.

PDC Emulator:
 It acts as a PDC to supports NT BDC’s and pre windows 2000 based client computers
 Updates password changes from pre windows 2000 based client computers
 Minimizes replication latency for password changes for 2000 based client computers
 Manages the Time synchronization
 Preventing the possibilities of overwriting GPO’s

Relative Identifier (RID) Master:

 It allocates blocks of RIDs to each domain controller in the Domain
 Prevents Object duplication if objects move from one Domain Controller to other.
 Object SID = Domain SID + RID
 It is UNIQUE for each object in AD.
 We can’t create the objects if the RID Master Fails.

Infrastructure Master:
 It is responsible to updating group membership data for groups that have members that
move between two or more domains
 Updates references to Objects and Group membership from other domains.
 The infrastructure master is responsible for managing group and user references.

16.Where is ADS existed physically?

 C:/WINNT/NTDS

Files in Active Directory:

1) NTDS.DIT (Directory database file stores all the AD objects in the Domain Controller)
2) EDB*.LOG (Each transaction is recorded in one or more log files. Each file contains
10MB of space)
3) EDB.CHK (Checkpoint file used by AD engine to track the data not yet written to the
Active Directory database file)
4) RES1.LOG & RES2.LOG (If all disk space is used. Then AD uses this 20MB space for
log files)

17.What is the use of SYSVOL folder?

 The SYSVOL share contains W2K software distribution files, scripts, and ADM templates
as well as the Group Policy Template. An NT administrator would consider Sysvol to be
W2K's version of NETLOGON. Replication in W2K is handled by the File Replication
Service to keep the SYSVOL share synched between W2K domain controllers. In fact,
W2K creates the NETLOGON share for down-level clients, Win9x and Windows NT, under
the SYSVOL structure.
18.Where is Group Policy located physically. What is the use of GPO?

 C:/Winnt/SYSVOL/sysvol/ap.ttsl.com/policies

 We can restrict the Users Desktop environments by using Group Policies.

 We can create GPOs to Sites, Domains and Ous.
 All the GPOs applied based on the Computer / User
 The precedence order for processing GPO’s are LSDOU.
 By using GPOs We can deploy the applications to Clients

19.How can u deploy the applications or patches in clients?

 By using Windows Server Update Services (WSUS 2.0) (for small Organizations)

or

 System Management Server (SMS) 2003 (for Medium/Big Organizations)

20.How can the client OS updates automatically with latest security updates?

 If we have the internet. Select Windows Update option

 It will updates SP, Security Patches and IE and others

21.Tell about the GHOST?

 It is a Symantec Disk Cloning Utility

 We can Clone Disk to Disk or Partition to Partition

22. How can you see the performance of CPU and Memory?

 Go to Task Manager and see the Performance tab

23.What is RAID and explain all Levels?

 RAID is for Fault tolerance and Performance

 RAID 0 to RAID 6 & RAID 10 & RAID 01 are available
 RAID 0 for striped set
 RAID 1 for Disk Mirroring
 RAID 5 for Parity

24.