1) Mention what is Active Directory?
An active directory is a directory structure used on Microsoft Windows based servers and computers to store data and information about networks and domains.
Active Directory (AD) is a directory service developed by Microsoft and used to store objects like User, Computer, printer, Network information, It facilitate to manage your network effectively with multiple Domain Controllers in different location with AD database, able to manage/change AD from any Domain Controllers and this will be replicated to all other DC’s, centralized Administration with multiple geographical location and authenticates users and computers in a Windows domain
2) Mention what are the new features in Active Directory (AD) of Windows server 2012?
- dcpromo (Domain Controller Promoter) with improved wizard: It allows you to view all the steps and review the detailed results during the installation process
- Enhanced Administrative Center: Compared to the earlier version of active directory, the administrative center is well designed in Windows 2012. The exchange management console is well designed
- Recycle bin goes GUI: In windows server 12, there are now many ways to enable the active directory recycle bin through the GUI in the Active Directory Administrative Center, which was not possible with the earlier version
- Fine grained password policies (FGPP): In windows server 12 implementing FGPP is much easier compared to an earlier It allows you to create different password policies in the same domain
- Windows Power Shell History Viewer: You can view the Windows PowerShell commands that relates to the actions you execute in the Active Directory Administrative Center UI
3) Mention which is the default protocol used in directory services?
The default protocol used in directory services is LDAP ( Lightweight Directory Access Protocol).
4) Explain the term FOREST in AD?
Forest is used to define an assembly of AD domains that share a single schema for the AD. All DC’s in the forest share this schema and is replicated in a hierarchical fashion among them.
5) Explain what is SYSVOL?
The SysVOL folder keeps the server’s copy of the domain’s public files. The contents such as users, group policy, etc. of the sysvol folders are replicated to all domain controllers in the domain.
6) Mention what is the difference between domain admin groups and enterprise admins group in AD?
| Enterprise Admin Group | Domain Admin Group |
|
|
7) Mention what system state data contains?
System state data contains
- Contains startup files
- Registry
- Com + Registration Database
- Memory page file
- System files
- AD information
- SYSVOL Folder
- Cluster service information
8) Mention what is Kerberos?
Kerberos is an authentication protocol for network. It is built to offer strong authentication for server/client applications by using secret-key cryptography.
9) Explain where does the AD database is held? What other folders are related to AD?
AD database is saved in %systemroot%/ntds. In the same folder, you can also see other files; these are the main files controlling the AD structures they are
- dit
- log
- res 1.log
- log
- chk
10) Mention what is PDC emulator and how would one know whether PDC emulator is working or not?
The PDC Emulator (Primary Domain Controller) - This role is the most used of all FSMO roles and has the widest range of functions. The domain controller that holds the PDC Emulator role is crucial in a mixed environment where Windows NT 4.0 BDCs are still present.
PDC Emulators: There is one PDC emulator per domain, and when there is a failed authentication attempt, it is forwarded to PDC emulator. It acts as a “tie-breaker” and it controls the time sync across the domain.
These are the parameters through which we can know whether PDC emulator is working or not.
- Time is not syncing
- User’s accounts are not locked out
- Windows NT BDCs are not getting updates
- If pre-windows 2000 computers are unable to change their passwords
11) Mention what are lingering objects?
Lingering objects can exists if a domain controller does not replicate for an interval of time that is longer than the tombstone lifetime (TSL).
12) Mention what is TOMBSTONE lifetime?
Tombstone lifetime in an Active Directory determines how long a deleted object is retained in Active Directory. The deleted objects in Active Directory is stored in a special object referred as TOMBSTONE. Usually, windows will use a 60- day tombstone lifetime if time is not set in the forest configuration.
13) Explain what is Active Directory Schema?
Schema is an active directory component describes all the attributes and objects that the directory service uses to store data.
14) Explain what is a child DC?
CDC or child DC is a sub domain controller under root domain controller which share name space
15) Explain what is RID Master?
RID master stands for Relative Identifier for assigning unique IDs to the object created in AD.
16) Mention what are the components of AD?
Components of AD includes
- Logical Structure: Trees, Forest, Domains and OU
- Physical Structures: Domain controller and Sites
17) Explain what is Infrastructure Master?
Infrastructure Master is accountable for updating information about the user and group and global catalogue.
18) What is LDAP and how the LDAP been used on Active Directory(AD)?
19) What is Schema?
Active directory schema is the set of definitions that define the kinds of object and the type of information about those objects that can be stored in Active Directory
Active directory schema is Collection of object class and there attributes
Object Class = User
Attributes = first name, last name, email, and others
Can we restore a schema partition?
20) Tel me about the FSMO roles?
Schema Master
Domain Naming Master
Infrastructure Master
RID Master
PDC
Schema Master and Domain Naming Master are forest wide role and only available one on each Forest, Other roles are Domain wide and one for each Domain
AD replication is multi master replication and change can be done in any Domain Controller and will get replicated to others Domain Controllers, except above file roles, this will be flexible single master operations (FSMO), these changes only be done on dedicated Domain Controller so it’s single master replication
21) Tel me about Active Directory Database and list the Active Directory Database files?
NTDS.DIT
EDB.Log
EDB.Che
Res1.log and Res2.log
All AD changes didn’t write directly to NTDS.DIT database file, first write to EDB.Log and from log file to database, EDB.Che used to track the database update from log file, to know what changes are copied to database file.
NTDS.DIT: NTDS.DIT is the AD database and store all AD objects, Default location is the %system root%\nrds\nrds.dit, Active Directory database engine is the extensible storage engine which us based on the Jet database
EDB.Log: EDB.Log is the transaction log file when EDB.Log is full, it is renamed to EDB Num.log where num is the increasing number starting from 1, like EDB1.Log
EDB.Che: EDB.Che is the checkpoint file used to trace the data not yet written to database file this indicate the starting point from which data is to be recovered from the log file in case if failure
Res1.log and Res2.log: Res is reserved transaction log file which provide the transaction log file enough time to shutdown if the disk didn’t have enough space.
22) What is use Active Directory Partitions? And
How to find the Active Directory Partitions and there location?
Schema Partition – It store details about objects and attributes. Replicates to all domain controllers in the Forest
DN location is CN=Schema,CN=Configuration,DC=Domainname, DC=com
Configuration Partition – It store details about the AD configuration information like, Site, site-link, subnet and other replication topology information. Replicates to all domain controllers in the Forest
DN Location is CN=Configuration,DC=Domainname,DC=com
Domain Partitions – object information for a domain like user, computer, group, printer and other Domain specific information. Replicates to all domain controllers within a domain
DN Location is DC=Domainname,DC=com
Application Partition – information about applications in Active Directory. Like AD integrated DNS is used there are two application partitions for DNS zones – ForestDNSZones and DomainDNSZones, see more
