Windows Server 2003 Active Directory Interview Questions

techiebird.com/ad2.html

TechieBird

>What is the difference between Windows 2000 Active Directory and Windows 2003 Active
Directory? Is there any difference in 2000 Group Polices and 2003 Group Polices? What is meant
by ADS and ADS services in Windows 2003?
Windows 2003 Active Directory introduced a number of new security features, as well as convenience
features such as the ability to rename a domain controller and even an entire domain. Windows Server
2003 also introduced numerous changes to the default settings that can be affected by Group Policy - you
can see a detailed list of each available setting and which OS is required to support it by downloading
the Group Policy Settings Reference.
ADS stands for Automated Deployment Services, and is used to quickly roll out identically-configured
servers in large-scale enterprise environments. You can get more information from the ADS homepage.
>I want to setup a DNS server and Active Directory domain. What do I do first? If I install the DNS
service first and name the zone 'name.org' can I name the AD domain 'name.org' too?
Not only can you have a DNS zone and an Active Directory domain with the same name, it's actually the
preferred way to go if at all possible. You can install and configure DNS before installing Active Directory,
or you can allow the Active Directory Installation Wizard (dcpromo) itself install DNS on your server in the
background.
>How do I determine if user accounts have local administrative access?
You can use the net localgroup administrators command on each workstation (probably in a login script so
that it records its information to a central file for later review). This command will enumerate the members
of the Administrators group on each machine you run it on. Alternately, you can use the Restricted Groups
feature of Group Policy to restrict the membership of Administrators to only those users you want to
belong.
>What is the ISTG? Who has that role by default?
The Domain controllers each create Active Directory Replication connection objects representing inbound
replication from intra-site replication partners. For inter-site replication, one domain controller per site has
the responsibility of evaluating the inter-site replication topology and creating Active Directory Replication
Connection objects for appropriate bridgehead servers within its site. The domain controller in each site
that owns this role is referred to as the Inter-Site Topology Generator (ISTG).
Simply the Intersite Topology Generator (ISTG) is the domain controller in each site that is responsible for
generating the intersite topology.
>What is difference between Server 2003 vs 2008?
1. Virtualization. (Windows Server 2008 introduces Hyper-V (V for Virtualization) but only on 64bit
versions. More and more companies are seeing this as a way of reducing hardware costs by running
several 'virtual' servers on one physical machine.)
2. Server Core (provides the minimum installation required to carry out a specific server role, such as for a
DHCP, DNS or print server)
3. Better security.
4. Role-based installation.
5. Read Only Domain Controllers (RODC).
6. Enhanced terminal services.

1/3

7. Network Access Protection - Microsoft's system for ensuring that clients connecting to Server 2008 are
patched, running a firewall and in compliance with corporate security policies.
8. PowerShell - Microsoft's command line shell and scripting language has proved popular with some
server administrators.
9. IIS 7 .
10. Bitlocker - System drive encryption can be a sensible security measure for servers located in remote
branch offices. >br> The main difference between 2003 and 2008 is Virtualization, management. 2008 has
more in-build components and updated third party drivers.
11. Windows Aero.
>What are the requirements for installing AD on a new server?
1 The Domain structure.
2 The Domain Name .
3 storage location of the database and log file.
4 Location of the shared system volume folder.
5 DNS config Methode.
6 DNS configuration.
>What are the default Active Directory Built in groups ?
Groups in the Builtin container
- Account Operators
- Administrators
- Backup Operators
- Guests
- Incoming Forest Trust Builders
- Network Configuration Operators
- Performance Monitor Users
- Performance Log Users
- Pre-Windows 2000 Compatible Access
- Print Operators
- Remote Desktop Users
- Replicator
- Server Operators
- Users
Groups in the Users container
- Cert Publishers
- DnsAdmins (If installed with DNS)
- DnsUpdateProxy (If installed with DNS)
- Domain Admins
- Domain Computers
- Domain Controllers
- Domain Guests
- Domain Users
- Enterprise Admins (only appears in the forest root domain)
- Group Policy Creator Owners
- IIS_WPG (installed with IIS)
- RAS and IAS Servers
- Schema Admins (only appears in the forest root domain)
>What is LDP?
LDP : Label Distribution Protocol (LDP) is often used to establish MPLS LSPs when traffic engineering is
not required. It establishes LSPs that follow the existing IP routing, and is particularly well suited for
establishing a full mesh of LSPs between all of the routers on the network.
Windows Server 2008 Articles

Windows Server 2012 Articles

Virtualization Articles

2/3

Designed by TechieBird

3/3