Professional Documents
Culture Documents
Active Directory Interview Questions
Active Directory Interview Questions
Active Directory Interview Questions
INTERVIEW QUESTIONS
PART 1
Active Directory
Oz Casey Dedeal
About Author:
I am a Senior Principle Systems Engineer working for ETC Solutions. I work for large enterprise projects
and clients located around Washington DC area and have over 15 years working experience. I write and
post articles about Exchange Server and Active Directory and participate forums when time permits.
I started writing articles about Microsoft Exchange Server, Active Directory and other related technologies
early 2007 and today continue as my personal journey. I have over 1Million actual visits and encouraging
feedback from people all over the world that have read my articles.
In my professional IT journey, I have taught over 6 years Information technology classes around mostly
Washington DC area, including all major Microsoft MCSE classes, Exchange Server, Active Directory, and
Networking classes. I am still long time student of Information technologies myself.
I love blogging and sharing my knowledge with others. I have helped hundreds IT professionals and
influence them to move ahead in the IT field. Some of my students went way further (-: and I am so proud
of each one of them. It feels great knowing I made a difference.
MCITP (EMA), MCITP (EA), MCITP (SA), MCSE 2003, M+, S+, MCDST, Inet+, Net+, A, Unix+ Security+,
Server +, Project +, ITILV3
http://smtp25.blogspot.com (Blog)
http://telnet25.wordpress.com (Blog)
https://twitter.com/message_talk
MVP Profile ( Microsoft Exchange Server, North America)
1|Page
Visit my Blog
Getting to Know Your Basics
This basic guidelines, questions and answers will provide you information which should assist with your
interview. You should study and get much better, deeper knowledge when it comes to Active Directory.
Pointers:
1. Dress up decent on your interview, look clean this always helps , promotes positive energy.
2. Dont go to interview tired, you need to be fresh.
3. Make multiple copy of your resume and take it with you, when you sit down in the interview
room, hand over your resume to people who dont have them.
4. Your answers need to be brief and professional if you are calming to be Senior Engineer. When
you are asked to provide more comprehensive information, provide technical details.
5. It is perfectly okay to say I do not know I will look it up and get back to you. Do not BS Most
likely the person who is asking you the question do know the correct answer.
6. If you are asked to rate your skill set, scale from 1 to 10, 1 being weak, and 10 is strong rate
yourself always in humble way. Most experience and smart administrators and Engineers will rate
themselves solid 7, instead of 10.
7. At the end of the interview, when you are asked, Do you have any questions to us you must
show some interest and ask questions if you want the job.
2|Page
Visit my Blog
Active Directory Questions and Answers.
1. What is an IP Address?
It is 32 Bits binary number (or any brief answer you can come up with)
If you are spending to explain 5 minutes what an IP address is, that is not good at all.
2. What is Subnet Mask?
IT is also 32 Bits Binary number
3. What does subnet mask do?
It divides IP address into two distinct part, Network and Host portion.
4. Provide full subnet mask for /27
255.255.255.224
/27 means 27 bits turned on,
8 bits = 255
24 bits = 255.255.255
3 bits 128 + 64 + 32 = 224
Therefore, full SB mask for /27 is 255.255.255.224
If you did not get this STOP. You need to go back and learn basic subnetting.
You cannot screw up with such easy question on the interview, so take your time to study.
(Special Thanks to My body Zack Payton for making me understand many years ago)
5. Now it is rare in the AD Interview but incase, you could be asked /27 how many network and how
many hosts in each network?
Going back to basic, /27 255.255.255.0
3 bits for network
5 bits for Hots
2X2X2 = 8 Networks
2x2x2x2x2 = 30 Hosts in each Networks (32 -2 = 30) we need one IP for each Network and
another one for Broadcast.
6. What is an Active Directory?
It is a database (Active Directory is a special-purpose database)
7. What is an object
An object is an instance of storage of a class, user is an object, computer account is also an object
etc.
8. What is an attribute?
Property of an Object called an attribute, think of user object, and think of all available attributes
associating with user object, name, last name, logon name etc.
9. What is the name of Active Directory Database, when you install Domain Controller, by default
directory database gets created?
Active Directory database is. DIT database, it is NTDS.dit
3|Page
Visit my Blog
10. NTDS.DIT Database is partitioned database, what are the partitions on it?
1. Domain
2. Configuration
3. Schema
4. Application (if created)
11. What tool can interact with (. DIT) database (the most common)
adsiedit.msc
12. In Which directory partition DNS information is kept?
Domain Partition
13. In Which partition Exchange Server information is kept (tricky question)
All of the partitions.
1. Domain
2. Configuration
3. Schema
14. What is DNS
Domain Name System, Service
15. What port DNS runs on
53
16. Is it TCP or UDP
4|Page
Visit my Blog
23. Size of Total empty UDP datagram
Total size of empty UDP datagram - 24 + 20 + 8 = 52 bytes
24. Considering single Forest with 12 domains, how many FSMO role in total exist?
Total FSMO roles in this scenario = 38
5|Page
Visit my Blog
35. What is a SRV record?
Service record, which provides information about service and port information
36. How many reverse lookup zone, is available with default DNS installation?
None, DNS does not relay on reverse DNS zone to work properly. It is optional to crate reverse
DNS zone, and many administrators will recommend creating one for various reasons (security
etc.)
37. How many forward lookup zone, is available with default DNS Installation?
Single forward lookup zone gets created with default installation of DNS services on a Domain
Controller.
38. What is an OU
Organization Unit
39. What are three primary functions of Organizational Units?
Organize Data, Deploy GPO, Delegate permissions (We use AD Groups to assign permissions to
not get confused and be precise with your answer)
40. In which order OUs are being applied in Active Directory
Local
Site
Domain
Organization Unit
41. If you have one OU and you have mixed server in it (Windows 2008 and Windows 2012 servers)
How do, I apply GPO to only Windows 2012 Servers. Assuming I cannot create any new OU.
Use WMI filtering and only target specific Windows Server version
42. If you have lost one of the domain controllers how do you clean up Active Directory database for
the lost DC?
Meta Data Cleanup with Ntdsutil.exe is a command-line tool
43. What is KCC and what does it do?
Knowledge Consistence Checker, it builds replication connections in between domain controllers
44. What is LSAS
Lsass.exe (Local Security Authority Subsystem Service) is the process which, on an Active Directory
domain controller, is responsible for providing Active Directory database lookups, authentication,
and replication
6|Page
Visit my Blog
45. What kind of replication Active Directory uses? is it pull or push?
Active Directory uses pull replication. In pull replication, a destination replica requests information
from a source replica. The request specifies the information that the destination needs, based on
its knowledge of changes already received from the source and from all other domain controllers
in the domain. When the destination receives information from the source, it applies that
information, bringing itself more up-to-date. The destination's next request to the source
excludes the information that has already been received and applied.
The alternative is push replication. In push replication, a source sends information to a destination
unsolicited, in an attempt to bring the destination more up-to-date. Push replication is
problematical because it is difficult for the source to know what information the destination
needs. Perhaps the destination has received the same information from another source. If a
source sends information to a destination, there is no guarantee that the destination is going to
apply it; if the source assumes otherwise, the system is unreliable.
7|Page
Visit my Blog