Wintel/AD Interview Questions & Answers part-3
Q. What is FSMO roles?
Flexible Single Master
Operation Roles (FSMO) Active Directory has five special roles which are vital for the smooth running of AD as a multimaster system. Some functions of AD require there is an authoritative master to
which all Domain Controllers can refer to.
FSMO roles are divided into two parts.
Forest Wide- Schema Master and Domain
Naming Master
Domain wide- PDC Emulator, RID Master and
Infrastructure Master.
2Q. What is DN (Distinguished Name)?
All access to Active Directory is carried out
through LDAP, and every
object in Active Directory has an LDAP distinguished name. An algorithm
automatically provides an LDAP
distinguished name for each DNS domain name.
Or,
Each object in the directory has a
distinguished name (DN) that is globally unique and identifies not only the
object itself, but also where the object resides in the overall object
hierarchy. We can think of the distinguished name as the relative distinguished
name of an object concatenated with the relative distinguished names of all
parent containers that make up the path to the object.
An example of a typical distinguished name
would be:
CN=wjglenn,CN=Users,DC=contoso,DC=com.
This distinguished name would indicate that the
user object wjglenn is in the Users container, which in turn is located in the
contoso.com domain. If the wjglenn object is moved to another container, its DN
will change to reflect its new position in the hierarchy. Distinguished names
are guaranteed to be unique in the forest, similar to the way that a fully
qualified domain name uniquely identifies an object’s placement in a DNS
hierarchy. We cannot have two objects with the same distinguished name.
3Q. What is BSOD & how to troubleshoot?
When the system
encounters a hardware problem, data inconsistency, or similar error, it may
display a blue screen containing information that can be used to determine the
cause of the error. This information includes the STOP code and whether a crash
dump file was created. It may also include a list of loaded drivers and a stack
trace.
We can use Windbg tool
to rectify this problem.
There are three types
of BSOD:
(A) Full/complete memory dump-It capture system plus operating
system logs.
(B) Kernel memory dump- It capture kernel memory dumps.
(C) Small/Mini memory dump- It capture current used memory dumps.
There are 3 registry values for each memory
dump which should be correct otherwise no memory dump logs will be collected.
Go to Registy and check HKLM/System/CurrentControlSet/control/CrashControl
Crashdumpenabled
Value should be:
Full memory dump-3
Kernel memory dump- 2
Mini memory dump- 1
4Q. What is requirements to configure Clustering?
(a)
Make sure that all servers that you want to add as cluster nodes
are running the same version of Windows Server.
(b)
Review the hardware requirements to make sure that your
configuration is supported.
(c)
If
you want to add clustered storage during cluster creation, make sure that all
servers can access the storage. (You can also add clustered storage after you
create the cluster.)
(d)
Make sure that all servers that you want to add as cluster nodes
are joined to the same Active Directory domain.
(e)
(Optional) Create an organizational unit (OU) and move the
computer accounts for the servers that you want to add as cluster nodes into
the OU. As a best practice, we recommend that you place failover clusters in
their own OU in AD DS. This can help you better control which Group Policy
settings or security template settings affect the cluster nodes. By isolating
clusters in their own OU, it also helps prevent against accidental deletion of
cluster computer objects.
(f)
Make sure that the account you want to use to create the cluster
is a domain user who has administrator rights on all servers that you want to
add as cluster nodes.
5Q. What is Quorum disk?
A cluster quorum disk is the storage medium
on which the configuration database is
stored for a cluster
computing network. The cluster configuration database, also
called the quorum, tells the cluster which physical server(s) should be active
at any given time. The quorum disk comprises a shared block device that allows
concurrent read/write access by all nodes in a cluster.
Quorum configuration choices
You
can choose from among four possible quorum configurations:
- Node Majority (recommended for clusters with an odd number of nodes)Can sustain failures of half the nodes (rounding up) minus one. For example, a seven node cluster can sustain three node failures.
- Node and Disk Majority (recommended for clusters with an even number of nodes)Can sustain failures of half the nodes (rounding up) if the disk witness remains online. For example, a six node cluster in which the disk witness is online could sustain three node failures.Can sustain failures of half the nodes (rounding up) minus one if the disk witness goes offline or fails. For example, a six node cluster with a failed disk witness could sustain two (3-1=2) node failures.
- Node and File Share Majority (for clusters with special configurations)Works in a similar way to Node and Disk Majority, but instead of a disk witness, this cluster uses a file share witness.Note that if you use Node and File Share Majority, at least one of the available cluster nodes must contain a current copy of the cluster configuration before you can start the cluster. Otherwise, you must force the starting of the cluster through a particular node. For more information, see "Additional considerations" in Start or Stop the Cluster Service on a Cluster Node.
- No Majority: Disk Only (not recommended)Can sustain failures of all nodes except one (if the disk is online). However, this configuration is not recommended because the disk might be a single point of failure.
6Q. What is Replication and How Inter site replication
works?
Except
for very small networks, directory data must reside in more than one place on the
network to be equally useful to all users. Through replication, the
Active Directory® directory service maintains replicas of directory data
on multiple domain controllers, ensuring directory availability and performance
for all users. Active Directory uses a multimaster replication model, allowing
you to make directory changes at any domain controller, not just at a
designated primary domain controller. Active Directory relies on the concept of
sites to help keep replication efficient, and on the Knowledge Consistency
Checker (KCC) to automatically determine the best replication topology for the
network.
Intersite Replication- Active Directory
Domain Services (AD DS) handles replication between sites, or intersite
replication, differently than replication within sites because bandwidth
between sites is usually limited. The Active Directory Knowledge
Consistency Checker (KCC) builds the intersite replication topology using a
least-cost spanning tree design. Intersite replication is optimized for bandwidth
efficiency. Directory updates between sites occur automatically based on a
configurable schedule. Directory updates that are replicated between sites are
compressed to preserve bandwidth.
IP, SMTP protocol used for Intersite
replication.
7Q. How will you schedule Replication between two Sites, if
you have 5000 Employees in each site and slower WAN links?
We can schedule replication during
non-business hours or the specific time when network/bandwidth utilization is
very less.
8Q. What is KDC?
The Kerberos Key Distribution Center (KDC)
is a network service that supplies session tickets and temporary session keys
to users and computers within an Active
Directory domain. The KDC runs on each domain controller as part
of Active Directory Domain Services (ADDS).
Or,
The
Key Distribution Center (KDC) is implemented as a domain service. It uses the
Active Directory as its account database and the Global Catalog for directing
referrals to KDCs in other domains.
9Q. What is KCC?
The KCC (Knowledge Consistency Checker) is
a built-in process that runs on all domain controllers. It is a dynamic-link
library that modifies data in the local directory in response to system wide
changes, which are made known to the KCC by changes to the data within Active
Directory. The KCC generates and maintains the replication topology for
replication within sites and between sites..
The KCC has two major
functions:
- Configures
replication connections (connection objects) between domain controllers.
Each connection object defines incoming replication from a replication
partner. Within a site, each KCC generates its own connections. For
replication between sites, a single KCC per site generates all connections
between sites.
- Converts
the connection objects that represent inbound replication to the local
domain controller into the replication agreements that are actually used
by the replication engine.
By default, the KCC reviews
and makes modifications to the Active Directory replication topology every
15 minutes to ensure propagation of data, either directly or transitively,
by creating and deleting connection objects as needed. The KCC recognizes
changes that occur in the environment and ensures that domain controllers are
not orphaned in the replication topology.
Q. How
to check Replication topology?
To check the replication topology
- Open Active
Directory Sites and Services.
- In the console tree, click the domain controller you want to use to check replication topology.Where?
- Active
Directory Sites and Services/Sites/site
that contains the domain controller whose replication topology you want
to check/Servers/server
you want to use to check replication topology
- In the
details pane, right-click NTDS Settings,
point to All Tasks, and
then click Check Replication Topology.
The repadmin /showrepl command helps you understand
the replication topology and replication failures.
1Q. What
is SPN?
A service principal name
(SPN) is the name by which a client uniquely identifies an instance of a
service. If you install multiple instances of a service on computers throughout
a forest, each instance must have its own SPN.
1Q. What
is USN?
An
update sequence number (USN) is a 64-bit number in Active Directory that
increments time as changes occur. Local counters on every domain controller
assign USNs
Q. An
administrator changed something in group policy and you have to find out, what
was changes and who made it, How will you approach for this?
We can monitor each and every changes made
in Group policy by using Advanced Group policy Management tool.
We can check event viewer for event ID 1704
source SceCli if group policy has been applied or not.
1Q. What
is difference between a user account and Service account?
User account is used to access files and
folders perform day to day task as per end user requirements however service
account is used to start/run specific service and while creating service
account User password never expired and user cannot change password should be
checked, so that service can run without any interruption.
1Q.How
many types of Backup available in Windows Server?
Copy backup
A copy backup copies all the
files you select, but does not mark each file as having been backed up (in
other words, the archive attribute is not cleared). Copying is useful if you
want to back up files between normal and incremental backups because copying
does not affect these other backup operations.
Daily backup
A daily backup copies all
the files that you select that have been modified on the day the daily backup
is performed. The backed-up files are not marked as having been backed up (in
other words, the archive attribute is not cleared).
Differential backup
A differential backup copies
files that have been created or changed since the last normal or incremental
backup. It does not mark files as having been backed up (in other words, the
archive attribute is not cleared). If you are performing a combination of
normal and differential backups, restoring files and folders requires that you
have the last normal as well as the last differential backup.
Incremental backup
An incremental backup backs
up only those files that have been created or changed since the last normal or
incremental backup. It marks files as having been backed up (in other words,
the archive attribute is cleared). If you use a combination of normal and
incremental backups, you will need to have the last normal backup set as well
as all incremental backup sets to restore your data.
Normal backup
A normal backup copies all
the files you select and marks each file as having been backed up (in other
words, the archive attribute is cleared). With normal backups, you only need
the most recent copy of the backup file or tape to restore all of the files.
You usually perform a normal backup the first time you create a backup set.
Backing up your data using a
combination of normal backups and incremental backups requires the least amount
of storage space and is the quickest backup method. However, recovering files
can be time-consuming and difficult because the backup set might be stored on
several disks or tapes.
Backing up your data using a
combination of normal backups and differential backups is more time-consuming,
especially if your data changes frequently, but it is easier to restore the
data because the backup set is usually stored on only a few disks or tapes.
For Windows 2008 Server and
above:
We need to install windows
backup server role from server manager.
- Or, we can
use Wbadmin command-line tool
No comments:
Post a Comment