Top 100+ Windows Administration Interview Questions And Answers
Question 1. What Is Active Directory?
Answer :
Active Directory (AD) is a listing carrier developed by way of Microsoft and used to save gadgets like User, Computer, printer, Network statistics, It facilitate to manipulate your community effectively with multiple Domain Controllers in distinctive vicinity with AD database, able to control/trade AD from any Domain Controllers and this will be replicated to all other DC’s, centralized Administration with more than one geographical region and authenticates users and computer systems in a Windows area.
Question 2. What Is Tree?
Answer :
Tree is a hierarchical association of windows Domain that share a contiguous call space.
Active Directory Interview Questions
Question three. What Is Domain?
Answer :
Active Directory Domain Services is Microsoft’s Directory Server. It affords authentication and authorization mechanisms in addition to a framework within which different associated services can be deployed.
Question four. What Is Active Directory Domain Controller (dc)?
Answer :
Domain Controller is the server which holds the AD database, All AD changes get replicated to different DC and vise vase.
Question 5. What Is Forest?
Answer :
Forest consists of more than one Domains timber. The Domain trees in a forest do no longer shape a contiguous call area however share a common schema and international catalog (GC)
Red Hat Linux System Administration Interview Questions
Question 6. What Is Schema?
Answer :
Active listing schema is the set of definitions that define the forms of object and the form of information about the ones items that can be stored in Active Directory
Active directory schema is Collection of object class and there attributes
Object Class = User
Attributes = first call, remaining call, e mail, and others
Question 7. Can We Restore A Schema Partition?
Answer :
http://www.Windowstricks.In/2014/01/can-i-restore-schema-partition.Html
IBM Lotus Domino Interview Questions
Question 8. Tel Me About The Fsmo Roles?
Answer :
Schema Master
Domain Naming Master
Infrastructure Master
RID Master
PDC
Schema Master and Domain Naming Master are forest wide function and best to be had one on each Forest, Other roles are Domain extensive and one for each Domain.
AD replication is multi master replication and alternate can be carried out in any Domain Controller and could get replicated to others Domain Controllers, except above document roles, this can be flexible unmarried master operations (FSMO), these changes most effective be carried out on committed Domain Controller so it’s unmarried master replication.
Question nine. How To Check Which Server Holds Which Role?
Answer :
Netdom query FSMO.
ActiveX Interview Questions
Question 10. Tel Me About Active Directory Database And List The Active Directory Database Files?
Answer :
NTDS.DIT
EDB.Log
EDB.Che
Res1.Log and Res2.Log
All AD adjustments didn’t write immediately to NTDS.DIT database document, first write to EDB.Log and from log document to database, EDB.Che used to track the database replace from log file, to realize what adjustments are copied to database document.
NTDS.DIT: NTDS.DIT is the AD database and save all AD gadgets, Default location is the %system root%nrdsnrds.Dit, Active Directory database engine is the extensible garage engine which us primarily based at the Jet database
EDB.Log: EDB.Log is the transaction log document when EDB.Log is full, it's far renamed to EDB Num.Log where num is the growing quantity starting from 1, like EDB1.Log
EDB.Che: EDB.Che is the checkpoint file used to trace the statistics no longer yet written to database report this imply the start line from which statistics is to be recovered from the log document in case if failure
Res1.Log and Res2.Log: Res is reserved transaction log record which provide the transaction log file enough time to shutdown if the disk didn’t have sufficient space.
Question 11. What Is Active Directory Partitions?
Answer :
Active Directory partition is how and in which the AD records logically stored.
Red Hat cluster Interview Questions
Question 12. What Are All The Active Directory Partitions?
Answer :
Schema
Configuration
Domain
Application partition
Active Directory Interview Questions
Question thirteen. What Is Use Active Directory Partitions? And How To Find The Active Directory Partitions And There Location?
Answer :
Schema Partition – It shop details about items and attributes. Replicates to all area controllers in the Forest
DN vicinity is CN=Schema,CN=Configuration,DC=Domainname, DC=com
Configuration Partition – It save information about the AD configuration information like, Site, website-hyperlink, subnet and different replication topology statistics. Replicates to all domain controllers in the Forest
DN Location is CN=Configuration,DC=Domainname,DC=com
Domain Partitions – object statistics for a website like consumer, laptop, institution, printer and different Domain precise facts. Replicates to all domain controllers within a website
DN Location is DC=Domainname,DC=com
Application Partition – facts about packages in Active Directory. Like AD integrated DNS is used there are two utility partitions for DNS zones – ForestDNSZones and DomainDNSZones, see extra
Question 14. How To Configure Active Directory Partitions?
Answer :
You can handiest configure the Application partition manually to use with AD included programs.
Question 15. How To Take Active Directory Backup?
Answer :
System nation backup will backup the Active Directory, NTbackup may be used to backup active listing.
Microsoft Exchange Server 2013 Interview Questions
Question sixteen. Active Directory Restores Types?
Answer :
Authoritative repair
Non-authoritative restore
Question 17. Non-authoritative Restore Of Active Directory?
Answer :
Non-authoritative repair is repair the domain controller to its kingdom at the time of backup, and lets in ordinary replication to overwrite restored area controller with any modifications which have befell after the backup.
After device country repair, area controller queries its replication partners and get the adjustments after backup date, to make certain that the area controller has an accurate and updated replica of the Active Directory database.
Non-authoritative repair is the default technique for restoring Active Directory, just a restore of gadget country is non-authoritative restore and mostly we use this for Active Directory data loss or corruption.
Wintel Administrator Interview Questions
Question 18. How Perform A Non-authoritative Restore?
Answer :
Just begin the area controller in Directory Services Restore Mode and carry out machine kingdom restore from backup
Red Hat Linux System Administration Interview Questions
Question 19. Authoritative Restore Of Active Directory?
Answer :
An authoritative restore is subsequent step of the non-authoritative restore procedure. We have do non-authoritative restore before you could perform an authoritative repair. The most important distinction is that an authoritative restore has the potential to increment the model variety of the attributes of all items or an man or woman item in a whole listing, this may make it authoritative repair an item in the listing. This can be used to repair a unmarried deleted person/institution and event an entire OU.
In a non-authoritative restore, after a website controller is again on-line, it will contact its replication partners to determine any adjustments because the time of the last backup. However the version range of the object attributes that you need to be authoritative might be better than the prevailing version numbers of the characteristic, the item at the restored domain controller will seem like more current and therefore, restored item may be replicated to other area controllers in the Domain.
Question 20. What Are Active Directory Partitions Can Be Restored?
Answer :
You can authoritatively restore best items from configuration and domain partition. Authoritative restores of schema-naming contexts are not supported.
Windows Server Administration Interview Questions
Question 21. How Many Domain Controllers Need To Back Up? Or Which Domain Controllers To Back Up?
Answer :
Minimum requirement is to lower back up two domain controllers in each domain, one must be an operations grasp position holder DC, no want to backup RID Master (relative ID) because RID grasp need to not be restored.
Question 22. Can We Restore Backup Of Domain Controller To Other/exclusive Domain Controller?
Answer :
Backup of 1 area controller can’t be restoring to other domain controller, need to be restored to equal domain controller.
Question 23. What Are Group Policies?
Answer :
Group policies specify how programs, community assets, and the running machine paintings for customers and computers in an organisation. They are collections of consumer and pc configuration settings that are applied on the customers and computers (no longer on companies). For higher administration of group policies inside the Windows surroundings, the group coverage gadgets (GPOs) are used.
Windows Troubleshooting Interview Questions
Question 24. What Is Gpo?
Answer :
Group coverage object (GPO) is a set of institution policy settings. It can be created using a Windows application referred to as the Group Policy snap-in. GPO influences the user and pc money owed located in websites, domain names, and organizational devices (OUs). The Windows 2000/2003 running structures support two forms of GPOs, nearby and non-neighborhood (Active Directory-based totally) GPOs.
IBM Lotus Domino Interview Questions
Question 25. What Is Local Gpos/coverage?
Answer :
Local GPOs are used to control regulations on a neighborhood server running Windows 2000/2003 Server. On each Windows 2000/2003 server, a neighborhood GPO is stored. The local GPO affects best the laptop on which it's miles stored.
By default, best Security Settings nodes are configured. The rest of the settings are both disabled or now not enabled. The neighborhood GPO is saved inside the %systemrootp.CSYSTEM32GROUPPOLICY folder.
Question 26. What Is Non-nearby Policy?
Answer :
Non-nearby GPOs are used to control rules on an Active Directory-primarily based network. A Windows 2000/2003 server needs to be configured as a site controller at the community to apply a non-local GPO. The non-nearby GPOs must be related to a site, area, or organizational unit (OU) to use institution rules to the person or pc gadgets.
The non-neighborhood GPOs are stored in %systemrootp.CSYSVOLPOLICIESADM, in which is the GPO’s globally unique identifier. Two non-neighborhood GPOs are created by means of default when the Active Directory is installed:
1. Default Domain Policy: This GPO is related to the domain and it affects all users and computers in the domain.
2. Default Domain Controllers Policy: This GPO is related to the Domain Controllers OU and it affects all area controllers located in this OU. Multiple GPOs.
Linux Virtualization Interview Questions
Question 27. Gpo Apply Order When Multiple Group Policy Objects Are Assigned, The Group Policies Are Applied In The Following Order:?
Answer :
The neighborhood group policy object is applied first
Then, the institution coverage objects connected to web sites are implemented
If multiple GPOs exist for a domain, they're applied inside the order detailed through an administrator
GPOs linked to the domain names are applied within the targeted order
Finally, GPOs related to OUs are carried out
The OU organization coverage gadgets are set from the biggest to the smallest organizational unit, i.E., first the discern OU and then the child OU.
By default, a policy carried out later overwrites a policy that become carried out in advance. Hence, the settings in a child OU can override the settings within the parent OU
Group policy settings are cumulative if they're well suited with each different. In case they conflict with every different, the GPO processed later takes precedence.
ActiveX Interview Questions
Question 28. What Is No Override? Block Policy Inheritance?
Answer :
The following are the exceptions with reference to the above-cited settings:
No Override:
Any GPO can be set to No Override. If the No Override configuration is about to a GPO, no policy configured inside the GPO may be overridden. If more than one GPO has been set to No Override, then the one that is the very best in the Active Directory hierarchy takes precedence
Block Policy Inheritance:
The Block Policy Inheritance choice can be carried out to the web site, area, or OU. It deflects all institution policy settings that attain the website online, area, or OU from the item better inside the hierarchy. However, the GPOs configured with the No Override option are constantly implemented.
Question 29. Is Group Policy From Parent Domain Can Be Inherited To Child Domain?
Answer :
Group Policy Inheritance:
The institution guidelines are inherited from parent to baby within a site. They aren't inherited from parent area to infant domain.
Windows Clustering Interview Questions
Question 30. Following Are The Rules Regarding Group Policy Inheritance:
Answer :
A coverage placing is configured (Enabled or Disabled) for a figure OU, and the identical coverage putting isn't always configured for its child OUs. The child OUs inherit the discern’s coverage
A policy putting is configured (Enabled or Disabled) for a determine OU, and the same coverage putting is configured for its toddler OUs. The child OUs settings override the settings inherited from the parent’s OU
If any coverage isn't configured, no inheritance takes region
Compatible policy settings configured on the discern and toddler OUs are gathered.
Incompatible policy settings from the parent OU aren't inherited.
Question 31. What Is Security Filtering? Filtering Scope Of Gpos?
Answer :
Although GPOs are linked to the site, domain, or OUs, and they cannot be linked to the security groups at once, making use of permissions to the GPO can filter out its scope. The regulations in a non-local GPO observe best to users who have the Read and Apply Group Policy permissions set to Allow By specifying appropriate permissions to the safety organizations, the directors can filter out a GPO’s scope for the computers and users.
Question 32. What Is Netlogon Folder?
Answer :
Netlogon folder incorporate logon/logoff/startup/shutdown scripts that's within the Sysvol folder.
Application Virtualization Interview Questions
Question 33. Any Sysvol Issues Which You Have Faced In Your Environment?
Answer :
USN magazine wrap Error on sysvol
Morphed folder on Sysvol
FRS replication troubles
Sysvol percentage now not sharing on.
Red Hat cluster Interview Questions
Question 34. Tel Me About Non-authoritative Restore Of Sysvol Or D2 Restore?
Answer :
D2 is the default technique for restoring SYSVOL and takes place robotically whilst you do a non-authoritative repair of the Active Directory
When you non-authoritatively repair the SYSVOL, the local replica of SYSVOL at the restored domain controller is as compared with that of its replication partners. After the domain controller restarts, it replicates the any vital adjustments, bringing it up-to-date with the alternative domain controllers within the domain.
Question 35. Tel Me About Authoritative Restore Of Sysvol Or D4 Restore?
Answer :
IN D4 repair a duplicate of SYSVOL this is restored from backup is authoritative for the domain. After the vital configurations had been made, Active Directory marks the neighborhood SYSVOL as authoritative and it's miles replicated to the opposite domain controllers in the area.
Question 36. How To D2 And D4 Restore?
Answer :
Enable BurFlags registry to D2 or D4
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNtFrsParametersBackup/RestoreProcess at Startup
BurFlags
D2, for nonauthoritative mode repair
D4, for an authoritative mode restore
Microsoft Exchange Server 2013 Interview Questions
Question 37. What Is Dns Scavenging?
Answer :
DNS Scavenging is to cleanup and removal of stale DNS data, like housekeeping hobby to delete unwanted or unused DNS entries in DNS server/area, it best cleanup the dynamic DNS record not the record created manually.
Question 38. What Is Dynamic Dns Record?
Answer :
The document created dynamically by using client/server on DNS sector, automatically brought to zones while computers start at the network.
Question 39. How To Force The Dns Dynamic Update?
Answer :
Simple manner is restart the gadget which cause the DNS Dynamic Update, we are able to user the below command to force DNS Dynamic Update
Ipconfig /registerdns
You also can restart the netlogon provider on service.Msc
Question forty. If Dns Dynamic Updates Not Working What Are The Checks Needs To Do?
Answer :
Check the number one DNS configuration at the machine, Primary DNS server ought to be available from customer with the intention to register DNS file.
Register this connections addresses in DNS ought to be decided on on network card homes (increase options where you configure the IP Address).
Also Check the DHCP configuration if the managed thru DHCP.
Wintel Administrator Interview Questions
Question 41. What Are Prerequisites To Do The Dns Scavenging?
Answer :
Scavenging need to be enabled on DNS server and on the area you need to scavenging.
DNS records must be dynamically added to zones or you can manually modified the timestamp configuration.
Question 42. What Is Scavenging Period?
Answer :
Default fee for Scavenging is seven days (the minimal allowed price for this is one hour)
scavenging time on DNS region is the server to determine when a area turns into available for scavenging
So 7 + 7, each 14 days
Windows Server Administration Interview Questions
Question 43. When The Record Refreshes Happen? (dynamic Updates Of Record)?
Answer :
Every DNS record time stamp been up to date While the time of pc restart
A periodic refresh is sent via the pc each 24 hours.
Network services make refresh attempts, like DHCP servers, which renew customer address, cluster servers, which sign up and update statistics for a cluster, and the Net Logon provider, that could check in and replace aid facts which can be utilized by AD area controllers So that the file now not taken as a stale DNS report.
Question forty four. What Is Scavenging Servers? Is Dns Scavenging Configured In All Domain Controllers?
Answer :
Not all DNS servers are Scavenging servers, you may configure/promote DNS server to Scavenging servers.
Zone parameter on superior settings that enables you to specify a constrained list of IP addresses for DNS servers which can be enabled to perform scavenging.
