Friday, January 15, 2016

IT Question and Answer

 Information Technology Question Answer
How to join win7 computer in domain.
Click on Start > then right click on Computer and click on Properties
The basic system information page will open, under Computer name, domain, and workgroup settings, click on Change Settings
On the System Properties page, click on Change.
Under Member of, select the radio button beside Domain: , type the name of the domain you want your Windows 7 to join and then click OK
A pop up box requesting to enter credentials of an account with rights to join the domain (with rights to create computer accounts), example of such user is one that is member of the Domain Admin Active Directory group. Once the username and password are typed, click on OK
A confirmation pop up box will welcome you to the domain. Clicking on OK, will result in having another message informing that a reboot for the machine is required to apply the changes. Click on OK

 What is IP config and ipconfig/all.
Ipconfig - ipconfig displays the IP address, subnet mask, and default gateway for all adapters
Ipconfig/all - Displays the full TCP/IP configuration for all adapters. Without this parameter
Ipconfig/ renew - Renews DHCP configuration for all adapters. This parameter is available only on computers with adapters that are configured to obtain an IP address automatically.
Ipconfig/ /release - Sends a DHCPRELEASE message to the DHCP server to release the current DHCP configuration and discard the IP address configuration for either all adapters.
Ipconfig /flushdns - Flushes and resets the contents of the DNS client resolver cache. During DNS troubleshooting, you can use this procedure to discard negative cache entries from the cache, as well as any other entries that have been added dynamically.
Ipconfig/ /displaydns - Displays the contents of the DNS client resolver cache, which includes both entries preloaded from the local Hosts file and any recently obtained resource records for name queries resolved by the computer. The DNS Client service uses this information to resolve frequently queried names quickly, before querying its configured DNS servers.
Ipconfig /registerdns - Initiates manual dynamic registration for the DNS names and IP addresses that are configured at a computer. You can use this parameter to troubleshoot a failed DNS name registration or resolve a dynamic update problem between a client and the DNS server without rebooting the client computer. The DNS settings in the advanced properties of the TCP/IP protocol determine which names are registered in DNS.
Ipconfig /showclassid Adapter- Displays the DHCP class ID for a specified adapter. This parameter is available only on computers with adapters that are configured to obtain an IP address automatically.

How many OSI layer with correct series.
The Open Systems Interconnect (OSI) model has seven layers.
Data Link                                                                                        
Physical Layer- The physical layer, the lowest layer of the OSI model, is concerned with the transmission and reception of the unstructured raw bit stream over a physical medium. It describes the electrical/optical, mechanical, and functional interfaces to the physical medium, and carries the signals for all of the higher layers. It provides: Data encoding: modifies the simple digital signal pattern (1s and 0s) used by the PC to better accommodate the characteristics of the physical medium.
Data Link Layer - The data link layer provides error-free transfer of data frames from one node to another over the physical layer. Link establishment and termination: establishes and terminates the logical link between two nodes. Frame sequencing: transmits/receives frames sequentially. Frame traffic control: tells the transmitting node to "back-off" when no frame buffers are available.  Frame sequencing: transmits/receives frames sequentially. Frame error checking: checks received frames for integrity. Media access management: determines when the node "has the right" to use the physical medium.
Network Layer - The network layer controls the operation of the subnet, deciding which physical path the data should take based on network conditions, priority of service, and other factors. It provides: Routing: routes frames among networks. Subnet traffic control: routers (network layer intermediate systems) can instruct a sending station to "throttle back" its frame transmission when the router's buffer fills up. Frame fragmentation: if it determines that a downstream router's maximum transmission unit (MTU) size is less than the frame size, a router can fragment a frame for transmission and re-assembly at the destination station. Logical-physical address mapping: translates logical addresses, or names, into physical addresses.
Transport Layer - The transport layer ensures that messages are delivered error-free, in sequence, and with no losses or duplications. It relieves the higher layer protocols from any concern with the transfer of data between them and their peers. Message segmentation: accepts a message from the (session) layer above it, splits the message into smaller units (if not already small enough), and passes the smaller units down to the network layer. The transport layer at the destination station reassembles the message. Message acknowledgment: provides reliable end-to-end message delivery with acknowledgments.
Session Layer - This layer establishes, manages and terminates connections between applications. The session layer sets up, coordinates, and terminates conversations, exchanges, and dialogues between the applications at each end. It deals with session and connection coordination.
Presentation Layer - This layer provides independence from differences in data representation (e.g., encryption) by translating from application to network format, and vice versa. The presentation layer works to transform data into the form that the application layer can accept. This layer formats and encrypts data to be sent across a network, providing freedom from compatibility problems. It is sometimes called the syntax layer.
Application Layer - OSI Model, Layer 7, supports application and end-user processes. Communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified. Everything at this layer is application-specific. This layer provides application services for file transfers, e-mail, and other network software services. Telnet and FTP are applications that exist entirely in the application level. Tiered application architectures are part of this layer.

Router comes under which OSI layer.
Router Comes under the Network Layer

What is DORA process in DHCP?
This process of assigning the IP addresses by the DHCP server also known as DORA (Discover, Offer, Request, and Acknowledgement).
Your computer sends a "Discovery” request asking for it's IP information from any listening DHCP servers
Any listening DHCP servers will "Offer” their configuration information to your workstation.
You workstation chooses the best lease then "Requests” that lease from the corresponding DHCP server.
The DHCP server you requested the IP configuration information from then Acknowledges" your request and leases you the IP configuration information.

What is DHCP Relay Agent?
The DHCP Relay Agent makes it possible for DHCP broadcast messages to be sent over routers that do not support forwarding of these types of messages. The DHCP Relay Agent is therefore the routing protocol that enables DHCP clients to obtain IP addresses from a DHCP server on a remote subnet, or which is not located on the local subnet. If you have no configured DHCP Relay Agent, your clients would only be able to obtain IP addresses from the DHCP server which is on the same subnet. To enable clients to obtain IP addresses from a DHCP server on a remote subnet, you have to configure the DHCP Relay Agent on the subnet that contains the remote clients, so that it can relay DHCP broadcast messages to your DHCP server

Configuring the DHCP Relay Agent

The process for configuring the DHCP Relay Agent is outlined below:
  • Enable Routing and Remote Access Server (RRAS).
  • Install the DHCP Relay Agent routing protocol.
  • Configure DHCP Relay Agent properties.
  • Configure/enable the DHCP Relay Agent on the router interface to forward DHCP broadcast messages.
  • View statistical information on the operation of the DHCP Relay Agent.
How to enable Routing and Remote Access Server (RRAS):
  1. Click Start, All Programs, and Administrative Tools and then click Routing and Remote Access to open the Routing And Remote Access console.
  2. Right-click the node of your server, and then choose Configure and Enable Routing and Remote Access from the shortcut menu.
  3. The Routing and Remote Access Server Setup Wizard launches.
  4. Click next on the initial page of the wizard.
  5. On the Configuration page, select the Custom Configuration option. Click Next.
  6. On the Custom Configuration page, enable the LAN Routing checkbox. Click Next.
  7. Verify your configuration settings on the Summary page.
  8. Click Finish.
  9. Click yes when prompted to start the RRAS service.
How to install the DHCP Relay Agent routing protocol:
  1. Open the Routing and Remote Access console.
  2. Expand the IP Routing node in the console tree.
  3. Right-click the General node and then select New Routing Protocol from the shortcut menu.
  4. The New Routing Protocol dialog box opens.
  5. Select DHCP Relay Agent.
  6. Click OK.
How to configure DHCP Relay Agent properties:
  1. Click Start, All Programs, and Administrative Tools and then click Routing and Remote Access to open the Routing and Remote Access console.
  2. Expand the IP Routing node in the console tree.
  3. Right-click the DHCP Relay Agent node, and then select Properties from the shortcut menu.
  4. On the General tab, enter the IP address of the DHCP server in the Server Address text box, and click Add.
  5. Repeat the above step for each DHCP server that you have to add.
  6. Click OK.
How to enable the DHCP Relay Agent on a router interface:
  1. Click Start, All Programs, and Administrative Tools and then click Routing and Remote Access to open the Routing and Remote Access console.
  2. Expand the IP Routing node in the console tree.
  3. Right-click the DHCP Relay Agent node and then select New Interface from the shortcut menu.
  4. Select the interface that is on the same subnet as the DHCP clients.
  5. Click OK.
  6. In the DHCP Relay Properties dialog box, ensure that the Relay DHCP Packets checkbox is selected on the General tab.
  7. You can change the Hop-Count Threshold and Boot Threshold values.
  8. Click OK.
How to view statistical information on the operation of the DHCP Relay Agent:
  1. Click Start, All Programs, and Administrative Tools and then click Routing and Remote Access to open the Routing and Remote Access console.
  2. Select the DHCP Relay Agent node, and view the statistical information that is displayed in the details pane of the Routing And Remote Access console:
    • Received requests
    • Received replies
    • Discarded requests
    • Discarded replies
How many Active Directory partition?
The AD LDS directory store is organized into logical directory partitions. There are three different types of directory partitions: configuration, schema, and application. Each AD LDS directory store must contain a single configuration directory partition and a single schema directory partition, and it can contain zero or more application directory partitions
There are three native partitions Schema/Configuration/Domain and additionally there is also the Application partition.
Schema information contains - definitional details about objects and attributes that one CAN store in the AD. Replicates to all domain controllers. Static in nature.
Configuration information contains - configuration data about forest and trees. Replicates to all domain controllers. Static as your forest is.
Domain information contains - object information for a domain. Replicates to all domain controllers within a domain. The object portion becomes part of Global Catalog.
Application Partition contains - information about applications in Active Directory. E.g. when AD integrated DNS is used there are two application partitions for DNS zones – Forest DNS Zones and Domain DNS Zones.
How many FSMO roles?
There are five FSMO roles:
Schema master
Domain naming master
RID master
PDC emulator
Infrastructure master

Schema Master FSMO Role- The schema master FSMO role holder is the DC responsible for performing updates to the directory schema. This DC is the only one that can process updates to the directory schema. Once the Schema update is complete, it is replicated from the schema master to all other DCs in the directory. There is only one schema master per directory.

Domain Naming Master FSMO Role - The domain naming master FSMO role holder is the DC responsible for making changes to the forest-wide domain name space of the directory. This DC is the only one that can add or remove a domain from the directory. It can also add or remove cross references to domains in external directories

RID Master FSMO ROLE- The RID master FSMO role holder is the single DC responsible for processing RID Pool requests from all DCs within a given domain. It is also responsible for removing an object from its domain and putting it in another domain during an object move.

PDC Emulator FSMO Role- The PDC emulator is necessary to synchronize time in an enterprise. Windows includes the W32Time (Windows Time) time service that is required by the Kerberos authentication protocol. All Windows-based computers within an enterprise use a common time. The purpose of the time service is to ensure that the Windows Time service uses a hierarchical relationship that controls authority and does not permit loops to ensure appropriate common time usage.

Password changes performed by other DCs in the domain are replicated preferentially to the PDC emulator.
Authentication failures that occur at a given DC in a domain because of an incorrect password are forwarded to the PDC emulator before a bad password failure message is reported to the user.
Account lockout is processed on the PDC emulator.
The PDC emulator performs all of the functionality that a Microsoft Windows NT 4.0 Server-based PDC or earlier PDC performs for Windows NT 4.0-based or earlier clients.

Infrastructure FSMO Role - The Infrastructure Master (IM) role should be held by a domain controller that is not a Global Catalog server(GC). If the Infrastructure Master runs on a Global Catalog server it will stop updating object information because it does not contain any references to objects that it does not hold. This is because a Global Catalog server holds a partial replica of every object in the forest. As a result, cross-domain object references in that domain will not be updated and a warning to that effect will be logged on that DC's event log.

Tell About The service and Port Number?
FTP -20
RAP – 56
DHCP Server-67
DHCP Client -68
Trivial file transfer protocol(TFTP)-69
Hypertext transfer protocol-80
SQL Service-156
IMAP -22
VM Ware server-902
VM Ware Client-901
MS Exchange -110

What is forward lookup zone and reverse lookup zone?
A forward lookup zone is a DNS zone in which hostname to IP address relations are stored. When a computer requests the IP address of a specific hostname, the forward lookup zone is queried and the result is returned.
A reverse lookup zone does just the opposite. When a computer requests the hostname of an IP address, the reverse lookup zone is queried and the result is returned.

DCPROMO works in 2008 server ?
Yes IT works in 2008

Does DCPROMO work in 2012 server?
Yes it works in 2012

Full form of PING?
Packet Internet Groper
which protocol use in PING?
Ping operates by sending Internet Control Message Protocol (ICMP) Echo Request packets to the target host and waiting for an ICMP Echo Reply

Full Form of ICMP?
Internet Control Message Protocol

What is loop back adaptor and how to test this adaptor?
The networking capabilities of Virtual Server can be extended with Microsoft Loopback Adapter. Using Microsoft Loopback Adapter. The Microsoft Loopback adapter is a groovy little tool originally designed for testing network configurations.  Over time however, many other uses have been found for it such as networking two computers together without using a cross-over Ethernet cable, and connecting virtual machines to the internet.
The Virtual Adapter can be test Ping if the Reply is responding then your virtual adapter is working

How to check server is Global Catalog server?
Open Active Directory Sites and Services: On the Start menu, point to Administrative Tools, and then click Active Directory Sites and Services. If the User Account Control dialog box appears, provide credentials, if required, and then click Continue.
In the console tree, expand the Sites container, expand the site of the domain controller that you want to check, expand the Servers container, and then expand the Server object.
Right-click the NTDS Settings object, and then click Properties.
On the General tab, if the Global Catalog box is selected, the domain controller is designated as a global catalog server.

What is OU (organizational unit)?
An organizational unit (OU) is a container within a Microsoft Active Directory domain which can hold users, groups and computers. It is the smallest unit to which an administrator can assign Group Policy settings or account permissions. An organizational unit can have multiple OUs within it, but all attributes within the containing OU must be unique. Active Directory organizational units cannot contain objects from other domains.

What is  groups in AD?
There are two forms of common security principals in Active Directory: user accounts and computer accounts. These accounts represent a physical entity (a person or a computer). User accounts can also be used as dedicated service accounts for some applications. Security groups are used to collect user accounts, computer accounts, and other groups into manageable units. In the Windows Server operating system, there are several built-in accounts and security groups that are preconfigured with the appropriate rights and permissions to perform specific tasks. For Active Directory, there are two types of administrative responsibilities:
·         Service administrators   Responsible for maintaining and delivering Active Directory Domain Services (AD DS), including managing domain controllers and configuring the AD DS.
·         Data administrators   Responsible for maintaining the data that is stored in AD DS and on domain member servers and workstations.
Groups are used to collect user accounts, computer accounts, and other groups into manageable units. Working with groups instead of with individual users helps simplify network maintenance and administration.
There are two types of groups in Active Directory:
Distribution groups Used to create email distribution lists.
Security groups Used to assign permissions to shared resources.
  • Security: Security groups allow you to manage user and computer access to shared resources. You can also control who receives group policy settings. This simplifies administration by allowing you to set permissions once on multiple computers, then to change the membership of the group as your needs change. The change in group membership automatically takes effect everywhere. You can also use these groups as email distribution lists.
  • Distribution: Distribution groups are intended to be used solely as email distribution lists. These lists are for use with email applications such as Microsoft Exchange or Outlook. You can add and remove contacts from the list so that they will or will not receive email sent to the distribution group. You can't use distribution groups to assign permissions on any objects, and you can't use them to filter group policy settings.
 What is DNS?
Domain Name System (DNS) is one of the industry-standard suites of protocols that comprise TCP/IP. Microsoft Windows Server 2003. DNS is implemented using two software components: the DNS server and the DNS client (or resolver). Both components are run as background service applications.
Network resources are identified by numeric IP addresses, but these IP addresses are difficult for network users to remember. The DNS database contains records that map user-friendly alphanumeric names for network resources to the IP address used by those resources for communication. In this way, DNS acts as a mnemonic device, making network resources easier to remember for network users. Domain Name System (or Service or Server), an Internet service that translates domain names into IP addresses. Because domain names are alphabetic, they're easier to remember. The Internet however, is really based on IP addresses. Every time you use a domain name, therefore, a DNS service must translate the name into the corresponding IP address
What is stub zone?
A stub zone is a copy of a zone that contains only those resource records necessary to identify the authoritative Domain Name System (DNS) servers for that zone. A stub zone is used to resolve names between separate DNS namespaces. This type of resolution may be necessary when a corporate merger requires that the DNS servers for two separate DNS namespaces resolve names for clients in both namespaces.
A stub zone consists of:
The start of authority (SOA) resource record, name server (NS) resource records, and the glue A resource records for the delegated zone.
The IP address of one or more master servers that can be used to update the stub zone.

We have 10 disks of 100 GB now we configured raid how much space we have?
It will show you 500 GB usable Space
1000 users and we need o apply policy on 100 how to do it?
So should transfer these user in orginational Unit
How to transfer PDC?


Before we start make sure the user your logged in as a domin administrator that is a schema administrator
Transferring the RID Master, PDC Emulator, and Infrastructure Masters via GUI
To Transfer the Domain-Specific RID Master, PDC Emulator, and Infrastructure Master FSMO Roles:
Open the Active Directory Users and Computers snap-in from the Administrative Tools folder.
If you are NOT logged onto the target domain controller, in the snap-in, right-click the icon next to
Active Directory Users and Computers and press Connect to Domain Controller.
Select the domain controller that will be the new role holder, the target, and press OK.
Right-click the Active Directory Users and Computers icon again and press Operation Masters.
Select the appropriate tab for the role you wish to transfer and press the Change button.
Press OK to confirm the change.
Press OK all the way out.
Transferring the Domain Naming Master via GUI
To Transfer the Domain Naming Master Role:
Open the Active Directory Domains and Trusts snap-in from the Administrative Tools folder.
If you are NOT logged onto the target domain controller, in the snap-in, right-click the icon next to
Active Directory Domains and Trusts and press Connect to Domain Controller.
Select the domain controller that will be the new role holder and press OK.
Right-click the Active Directory Domains and Trusts icon again and press Operation Masters.
Press the Change button.
Press OK to confirm the change.
Press OK all the way out.
Transferring the Schema Master via GUI
To Transfer the Schema Master Role:
Register the Schmmgmt.dll library by pressing Start > RUN and typing:
regsvr32 schmmgmt.dll
Press OK. You should receive a success confirmation.
From the Run command open an MMC Console by typing MMC.
On the Console menu, press Add/Remove Snap-in.
Press Add. Select Active Directory Schema.
Press Add and press Close. Press OK.
If you are NOT logged onto the target domain controller, in the snap-in, right-click the Active Directory Schema icon in the Console Root and press Change Domain Controller.
Press Specify …. and type the name of the new role holder. Press OK.
Right-click right -click the Active Directory Schema icon again and press Operation Masters.
Press the Change button.
Press OK all the way out.

How to increase size of hard drive in vm we are getting greed out?
You would like to expand a hard disk for a virtual machine so you right-click on the virtual machine and choose edit settings
The properties of that virtual machine open, you navigate to the hard disk you would like to expand/increase drive space but notice that all the fields are grayed out:
One of the reasons why the options are grayed out is because the virtual machine has snapshots taken of it. To check, right-click on the virtual machine, select snapshot then snapshot manager.
Once the Snapshot Manager window opens, you’ll be able to see there are snapshots for this virtual machine. In the case of the screenshot below, there’s currently one snapshot named Test created.
Select the snapshot Test and choose Delete to commit the delta to the virtual machine.
Once you’ve deleted the snapshot, you will now notice that you can edit the Provisioned Size fields in the virtual machine settings:

How to take backup of ad?
You can also access Backup at the command prompt by typing Ntbackup . This tool is used to back up and restore Active Directory (as well as other services) so that you can restore data or system components in the event of some unforeseen or inadvertent failure. Specifically, the Backup tool allows you to back up and restore the following:
Entire server
Selected files
System State data
The System State data includes Active Directory and all other system components and services on which Active Directory is dependent. On a Windows 2000 domain controller, the System State data encompasses the system startup files, system registry, COM+ class registration database, File Replication service (the SYSVOL directory), Certificate Services database (if it is installed), Domain Name System (if it is installed), Cluster service (if it is installed) and Active Directory. The DNS data includes DNS zone information that is Active Directory–integrated. The Cluster service data includes any registry checkpoints and the quorum log, which contains the most recent cluster database information. Active Directory includes the following files:
Ntds.dit. The Active Directory database.
Edb.chk. The checkpoint file.
Edb*.log. The transaction logs; each 10 megabytes (MB) in size.
Res1.log and Res2.log. Reserved transaction logs.
To back up System State data using the Backup Wizard
1.      From the Start menu, click Run , and then type Ntbackup .
2.      On the Tools menu, click Backup Wizard.
3.      Click Next , click Only back up the System State data , and then click Next .
4.      Designate where you want to save the System State data, click Next, and then click Finish.
5.      When you are done setting options, click Finish.
How Many type of Backup?
Full backups
A full backup is exactly what the name implies. It is a full copy of your entire data set. Although full backups arguably provide the best protection, most organizations only use them on a periodic basis because they are time consuming, and often require a large number of tapes or disk.
Incremental backup
Because full backups are so time consuming, incremental backups were introduced as a way of decreasing the amount of time that it takes to do a backup. Incremental backups only backup the data that has changed since the previous backup.
Differential backups
A differential backup is similar to an incremental backup in that it starts with a full backup, and subsequent backups only contain data that has changed. The difference is that while an incremental backup only includes the data that has changed since the previous backup, a differential backup contains all of the data that has changed since the last full backup.
Synthetic full backup
A synthetic full backup is a variation of an incremental backup. Like any other incremental backup, the actual backup process involves taking a full backup, followed by a series of incremental backups. But synthetic backups take things one step further.

How to Check Health monitoring of ad and DNS?
You can check by cmd. Check the command dcdiag?

How to monitor DNS replication?
Open Replication Monitor by selecting Start | Run and entering replmon in the Run dialog box.
To add a server to the Replication Monitor window, right-click Monitored Servers and select Add Monitored Server from the pop-up menu.
The Add Monitored Server Wizard appears. Select either Add The Server Explicitly By Name or Search The Directory For The Server To Add. If you chose the latter option, you must specify a domain to search in the list of domains. Click Next when you are done.
Depending on the option you chose in the previous step, you will be prompted to either enter a server name or choose a server from a list. In either case, enter or choose the server to monitor, then click Finish.
To search for replication errors, click the Action menu and select Domain | Search Domain Controllers For Replication Errors.
The Search Domain Controllers For Replication Failures window appears. Click the Run Search button and enter the name of the domain to search. After a few moments, Replication Monitor should list any failures in the Search Domain Controllers For Replication Failures window. Click Close.
You can manually synchronize either the entire Active Directory or just individual pieces. To synchronize the domain DNS zones only, right click the DC=DomainDNS-Zones, DC=domain, DC=suffix item under the monitored server and select Synchronize This Directory Partition With All Servers from the pop-up menu.
Depending on how your domain is configured, you can choose the Disable Transitive Replication, Push Mode, or Cross Site Boundaries checkboxes. In this case, leave them blank and click OK.
You will be prompted to confirm the replication. Click Yes.
Click OK at the success notification.

What is Group Policy ?
Group Policy is a feature of the Microsoft Windows NT family of operating systems that controls the working environment of user accounts and computer accounts. Group Policy provides the centralized management and configuration of operating systems, applications, and users' settings in an Active Directory environment. A version of Group Policy called Local Group Policy ("LGPO" or "LocalGPO") also allows Group Policy Object management on standalone and non-domain computers. Group Policy settings are stored in a Group Policy Object (GPO). The types of Group Policy settings which can be stored in a GPO are listed below:
Computer configuration settings are located in the Computer Configuration node.
User configuration settings are located in the User Configuration node.
Group Policy Objects are processed in the following order (from top to bottom):[4]
  1. Local - Any settings in the computer's local policy. Prior to Windows Vista, there was only one local group policy stored per computer. Windows Vista and later Windows versions allow individual group policies per user accounts.[5]
  2. Site - Any Group Policies associated with the Active Directory site in which the computer resides. (An Active Directory site is a logical grouping of computers, intended to facilitate management of those computers based on their physical proximity.) If multiple policies are linked to a site, they are processed in the order set by the administrator.
  3. Domain - Any Group Policies associated with the Windows domain in which the computer resides. If multiple policies are linked to a domain, they are processed in the order set by the administrator.
  4. Organizational Unit - Group policies assigned to the Active Directory organizational unit (OU) in which the computer or user are placed. (OUs are logical units that help organizing and managing a group of users, computers or other Active Directory objects.) If multiple policies are linked to an OU, they are processed in the order set by the administrator.
Disk expansion ?
Expansion portable drive is compact and perfect for taking with you
on the go. Add more storage space to your computer instantly and take large files
with you when you travel.
Set-up is straightforward: simply connect a single USB cable and you are ready to go.
The drive is powered from the USB cable, so there is no need for an external power
supply. Also, it is automatically recognized by the Windows operating system, so
there is no software to install and nothing to configure. Saving files is easy — simply
drag and drop.
Take advantage of the fast data transfer speeds with the USB 3.0 interface by
connecting to a Super Speed USB 3.0 port. USB 3.0 is backward compatible with
USB 2.0 for additional system compatibility.

What is Page file and virtual memory?
A page file is a reserved portion of a hard disk that is used as an extension of random access memory (RAM) for data in RAM that hasn't been used recently. A page file can be read from the hard disk as one contiguous chunk of data and thus faster than re-reading data from many different original locations. Windows NT administrators or users can reset the system-provided default size value of the page file to meet their particular needs. the page file is used by Windows to hold temporary data which is swapped in and out of physical memory in order to provide a larger virtual memory set.

Type of dump?
All Windows systems are configured to attempt to capture information about the state of the operating system in the event of a system crash.  Remember that we are talking about a total system failure here, not an individual application failure. There are three different types of dump that can be captured when a system crashes:
Complete Memory Dump: This contains the entire contents of the physical memory at the time of the crash.  This type of dump will require that there is a page file at least the size of physical memory plus 1MB (for the header).  Because of the page file requirement, this is an uncommon setting especially for systems with large amounts of RAM.  Windows NT4 only supported a Complete Memory Dump.  Also, this is the default setting on Windows Server systems.
Kernel Memory Dump: A kernel dump contains only the kernel-mode read / write pages present in physical memory at the time of the crash.  Since this is a kernel-mode only dump, there are no pages belonging to user-mode processes.  However, it is unlikely that the user-mode process pages would be required since a system crash (bugcheck) is usually caused by kernel-mode code.  The list of running processes, state of the current thread and list of loaded drivers are stored in nonpaged memory that saves in a kernel memory dump.  The size of a kernel memory dump will vary based on the amount of kernel-mode memory allocated by the Operating System and the drivers that are present on the system.
Small Memory Dump: A small memory (aka Mini-dump) is a 64KB dump (128KB on 64-bit systems) that contains the stop code, parameters, list of loaded device drivers, information about the current process and thread, and the kernel stack for the thread that caused the crash.

How to Authorities restore?
The Restore Authority (RSTAUT) command restores the private authorities to user profiles. This command restores the same object authority to specified objects in the user profile that each user profile had when all the profiles were saved by the Save System (SAVSYS) or the Save Security Data (SAVSECDTA) command. It allows existing authorities, given after the save, to remain. Authority cannot be restored to the user profiles until the profiles are first restored to the system by the Restore User Profile (RSTUSRPRF) command and all the objects (for which authority is being given) are restored to the same libraries where they were saved. The objects can be restored by the Restore Library (RSTLIB) or Restore Object (RSTOBJ) command. Documents and folders can be restored using the Restore Document Library Object (RSTDLO) command. Device configuration objects can be restored using the Restore Configuration (RSTCFG) command. Integrated file system objects can be restored by the Restore Object (RST) command.
If the whole system is being restored, the following sequence must be followed. Using the RSTAUT command must be the last step in the sequence.
Restore the operating system. This is an alternative method to load the program. This restores the QSYS library and ensures that the IBM-supplied user profiles are there.
Restore all the saved user profiles to the system (*ALL is the default for the USRPRF parameter) by using the RSTUSRPRF command.
Restore all the configuration and system resource management (SRM) objects to the system by using the RSTCFG command.
Restore all the user libraries by using the RSTLIB command.
Restore all document library objects to the system by using the RSTDLO command.
Restore all objects in directories using the RST command.
Restore the object authority to user profiles by using the RSTAUT command.

Wsus and how to add client to WSUS to accept updates?
Windows Server Update Services (WSUS) are a “must have” feature in business environments. WSUS dramatically improve network bandwidth efficiency and allow a granular control of the updates.
Setting up WSUS is not difficult but involves several steps, especially if you are configuring the services for an existing Active Directory Domain.
We have three major steps to complete.
You just have to configure the server folder where the Windows updates will be stored:
The system will need some minutes to perform a configuration task after the installation. Then a WSUS tab will appear in your Server Manager.
WSUS configuration
Open the Windows Server Update Services configuration from the WSUS tab
Go to the Options tab and launch the Wizard:
Click Next:
Click Next:
Synchronize from Microsoft Update if it’s your first WSUS server:
Configure the proxy settings, if you have one:
Click Start and wait some minutes
Select only the necessary languages, it will save disk space and time:
Select the products you need to maintain up-to-date:
Default settings are fine:
Schedule the synchronization:
The WSUS configuration is finished:
Link the Computers via Group Policy
If you are installing WSUS in an existing Active Directory Domain, the better solution is to configure the client PCs to take advantage of the WSUS via Group Policy.
To do so, open the WSUS Options and click Computers:
Use Group Policy:
From the WSUS panel create a new group of Computers (we used the same name of the AD Group):
Open the Group Policy Editor and create a new Policy:
From the Group Policy Management Editor access the path Computer Configuration/Administrative Templates/Windows Components/Windows Update, then click Configure Automatic Updates
Enable Automatic Updates:
Then open the Specify intranet Microsoft update service location policy:
Specify the server address and add the 8530 port:
Then Enable client-side targeting:
Specify the Group:
Finalize and enforce the Policy. The members of the Group (Computers inside WSUS_tutorial) will receive the Windows updates from WSUS. You will be able to select which updates to dispatch from the WSUS panel, on the server.
Install Windows Server Update Services
Launch the Server Manager and click Add Roles and Features. Select the Windows Server Update Services role. Default configuration is fine:

What are the differences between static ip address and dynamic ip address?

With static IP addressing, a computer (or other device) is configured to always use the same IP address. With dynamic addressing, the IP address can change periodically and it is managed by a centralized network service

What is APIPA?

Automatic private IP addressing (APIPA) is a feature mainly found in Microsoft operating systems. APIPA enables clients to still communicate with other computers on the same network segment until an IP address can be obtained from a DHCP server, allowing the machine to fully participate on the network. The range of these IP address are the to with a default Class B subnet mask of

What are the LMHOSTS files?

The LMHOSTS file is a static method of resolving NetBIOS names to IP addresses in the same way that the HOSTS file is a static method of resolving domain names into IP addresses. An LMHOSTS file is a text file that maps NetBIOS names to IP addresses; it must be manually configured and updated.


What is DHCP scope?

A scope is a range, or pool, of IP addresses that can be leased to DHCP clients on a given subnet.


What is FQDN?

An FQDN contains (fully qualified domain name) both the hostname and a domain name. It uniquely identifies a host within a DNS hierarchy


What is the DNS forwarder?

DNS servers often must communicate with DNS servers outside of the local network. A forwarder is an entry that is used when a DNS server receives DNS queries that it cannot resolve locally. It then forwards those requests to external DNS servers for resolution.

What is meshing?

Meshing generically describes how devices are connected together. It is also the part of topology. There are two types of meshed topologies: partial and full.
In a partially meshed environment , every device is not connected to every other device. In a fully meshed environment, every device is connected to every other device. Wireless is the good example of meshing. Wan ( internet is also a good example of meshing where a computer have connectivity with all internet network.)

Describe Various Network Type

Local Area Networks Local area networks (LANs) are used to connect networking devices that are in a very close geographic area, such as a floor of a building, a building itself, or a campus environment.
Wide Area Networks Wide area networks (WANs) are used to connect LANs together. Typically, WANs are used when the LANs that must be connected are separated by a large distance.
Metropolitan Area Networks A metropolitan area network (MAN) is a hybrid between a LAN and a WAN.
Content Networks Content networks (CNs) were developed to ease users’ access to Internet resources. Companies deploy basically two types of CNs:
1.Caching downloaded Internet information
2.Distributing Internet traffic loads across multiple servers
Storage Area Networks Storage area networks (SANs) provide a high-speed infrastructure to move data between storage devices and file servers.

What is logical link control?

One of two sub layers of the data link layer of OSI reference model, as defined by the IEEE 802 standard. This sub layer is responsible for maintaining the link between computers when they are sending data across the physical network connection.

What is the difference between TFTP and FTP application layer protocols?

The Trivial File Transfer Protocol (TFTP) allows a local host to obtain files from a remote host but does not provide reliability or security. It uses the fundamental packet delivery services offered by UDP.
The File Transfer Protocol (FTP) is the standard mechanism provided by TCP / IP for copying a file from one host to another. It uses the services offered by TCP and so is reliable and secure. It establishes two connections (virtual circuits) between the hosts, one for data transfer and another for control information.

What is difference between ARP and RARP?

The address resolution protocol (ARP) is used to associate the 32 bit IP address with the 48 bit physical address, used by a host or a router to find the physical address of another host on its network by sending a ARP query packet that includes the IP address of the receiver.
The reverse address resolution protocol (RARP) allows a host to discover its Internet address when it knows only its physical address.


What is ICMP?

ICMP is Internet Control Message Protocol, a network layer protocol of the TCP/IP suite used by hosts and gateways to send notification of datagram problems back to the sender. It uses the echo test / reply to test whether a destination is reachable and responding. It also handles both control and error messages.

What is Bandwidth?

Every line has an upper limit and a lower limit on the frequency of signals it can carry. This limited range is called the bandwidth

What is MAC address?

The address for a device as it is identified at the Media Access Control (MAC) layer in the network architecture. MAC address is usually stored in ROM on the network adapter card and is unique.

What is RAID?

A method for providing fault tolerance by using multiple hard disk drives.

What is Beaconing?

The process that allows a network to self-repair networks problems. The stations on the network notify the other stations on the ring when they are not receiving the transmissions. Beaconing is used in Token ring and FDDI networks.

What is a DNS resource record?

Resource record is an entry in a name server's database. There are several types of resource records used, including name-to-address resolution information. Resource records are maintained as ASCII files.

What is MAC address?
It is the 48 bit hardware address of LAN card. MAC address is usually stored in ROM on the network adapter card and it is unique.

How will you test LAN card?
Ping If getting reply its fine

What are the difference between DOMAIN and WORKGROUP?
(i)Every PC is responsible for its security own.
(ii)No centralize administration
(iii)Main aim to save hardware recourse
(iv)Best suite in school, training institute, cyber café
Domain: -
(i)Server is responsible for data safety.
(ii)Centralize administration
(iii)Main aim is to secure data
(iv)Best suite in company environments

What are the differences between FAT and NTFS ?
Doesn't provide local security
Provide local security
Doesn't provide disk quota
Provide disk quota
Doesn't provide file compression
Provide file compression
Doesn't provide other security feature
Provide other security feature

What is the difference between an unspecified passive open and a fully specified passive open?

An unspecified passive open has the server waiting for a connection request from a client.
A fully specified passive open has the server waiting for a connection from a specific client.

What is a Management Information Base (MIB)?

A Management Information Base is part of every SNMP-managed device. Each SNMP agent has the MIB database that contains information about the device's status, its performance, connections, and configuration. The MIB is queried by SNMP.


What is anonymous FTP and why would you use it?

Anonymous FTP enables users to connect to a host without using a valid login and password. Usually, anonymous FTP uses a login called anonymous or guest, with the password usually requesting the user's ID for tracking purposes only. Anonymous FTP is used to enable a large number of users to access files on the host without having to go to the trouble of setting up logins for them all. Anonymous FTP systems usually have strict controls over the areas an anonymous user can access.

What are two main types of access control lists (ACLs)?
There are Standard and Extended ACLs (Access Control lists).

Differentiate between POP3 and IMAP Mail server?
POP3 is before using mail server in which all mail should be downloaded first if signed in with different PC. Whereas IMAP eliminates this problem and there is no need to download all the emails in IMAP. Hence identification of new mails is easy in IMAP then POP3.

List out the 7 OSI layers?
Seven OSI layers are:
Physical Layer
Data link Layer
Network Layer
Transport Layer
Session Layer
Presentation Layer
Application Layer

Give some components name that is used in Physical Layer?
All physical components of network are work at Physical layer such like Hub, Router, Switch, Communication Cables, etc.

What is multicasting?
Multicasting gives the facility to send single message different recipients such like email, teleconferencing. In this some standards are used and network infrastructure

What is the use of IGMP Protocol?
Internet Group Management Protocol:- It allow internet host to participate in multicasting. The IGMP messages are used to learn which hosts is part of which multicast groups. The mechanism also allows a host to inform its local router that it wants to receive messages

What are Ping and tracert?
Ping Particularly used to check the system is in network or not. It also gives packets lost information. Trace route traces the path the packet takes from the computer where the command is given until the destination.

What is NAT?
Network address translation translates an IP address used in a network to another IP address knows within another network. A NAT table is maintained for global to local and local to Global ip mapping.

What is IP spoofing and how can it be prevented?
IP spoofing is a mechanism used by attacker to gain unauthorized access to a system here the intruder sends message to a computer with IP address indicating that the message is coming from a trusted host.

What is an application gateway?
An application gateway is a program that runs on firewall between to network. An application gateway is used to establishing connection between client program and destination services. The client negotiates with the gateway to communication with the services of destination. Here gateway can be called a proxy other between proxy and destination service.
Difference between DDR, DDR2,DDR3?
DRAM Type || Transfer Rate(MT/s) || Voltage
DDR􀀀            || 200􀂱400􀀀                 || 2.5/2.6
DDR2            || 667                            || 1.8
DDR3            || 800􀂱1333                 || 1.5

What is an Operating System?
OS, is a software program that enables the computer Hardware to communicate and operate with the computer software. Mode are in operating system is GUI

What is Last Known Good Configuration?
The "Last Known Good" configuration is one of the available startup options in Windows NT 4.0, Windows 2000, Windows XP and Windows Server 2003. It starts the computer by using the registry information and drivers that Windows saved at the last shutdown. The Last Known Good Configuration startup option allows you to recover from a problem by reversing driver and registry changes made since you last started Windows XP/2000/2003

what is MSconfig?
System Configuration Utility is a system. Configuration utility Bundled with all Microsoft Windows. This tool modifies which programs run at startup, edits certain configuration files, and simplifies controls over Windows services.

What is the Blue Screen of Death and what could be it's causes?
The 'blue screen of death' is very simply a critical system error which prevents the
system from turning on to restrain further damage. Blue screens on NT-based Windows systems can be caused by poorly written device drivers or Malfunctioning hardware. , incompatible DLLs or bugs in the kernel of the operating system could also cause blue screens. Blue screens can also be caused by physical faults. such as faulty memory, power supply issues, overheating of components, or hardware running beyond its specification limits. however this can be only done in safe mode and even then it is hard to find. However, it is not physically strained then the following has always been proven successful; rebooting from the Microsoft Windows CD. After booting to the CD, it may be possible to correct the problem by performing a repair install or by using the Recovery Console (with CHKDSK

What is Cold Boot and Warm Boot?
Cold boot is the process of starting a computer from shutdown or a powerless state and setting it to normal working condition. A cold boot refers to the general process of starting the hardware components of a computer, laptop or server to the point that its operating system and all startup applications and services are launched.
Warm Boot-Refers to restarting a computer that is already turned on via the operating system.
Restarting it returns the computer to its initial state. A warm boot is sometimes necessary when a program encounters an error from which it cannot recover. On PCs, you can perform a warm
Boot by pressing the Control, Alt, and Delete keys simultaneously. On Macs, you can perform a warm boot by pressing the Restart button.
What is Disk Cleanup?
Disk Cleanup (cleanmgr.exe) is a computer maintenance utility included in Microsoft  Windows designed to free up disk space on a computer's hard drive. The utility first Searches and analyzes the hard drive for files that are no longer of any use, and then removes the Unnecessary files. There are a number of different file categories that Disk Cleanup targets when Performing the initial disk analysis.
· Compression of old files
· Temporary Internet files
· Temporary Windows file
· Downloaded Program files
· Recycle Bin
· Removal of unused applications or optional Windows components
· Setup Log files
· Offline files

What is Disk Defragmentation?
Disk Defragmenter is a utility in Microsoft Windows designed to increase access Speed by rearranging files stored on a disk to occupy contiguous storage locations, a technique Called defragmentation. Defragmenting a disk minimizes head travel, which reduces the time it Takes to read files from and write files to the disk.

What is the difference between SATA and PATA Hard-Disk?
PATA is slow, with max transfer speed of 133 MBps while SATA is currently at 400 or 500 MBps. SATA means-serial advanced technology attachment PATA-parallel advanced  technology attachment. sata will have 7 pin interface, pata will use IDE interface of 40 pins and ultra IDE will have 80 pins. the main diff is data transferred speed. SATA-600 MBps,1 bit is transferred at one time..PATA-100 MBps,16 bits are transferred at one time.

What is LDAP?
Lightweight Directory - Directories are kind of like a database but not really. A directory is a
Specialized database that is optimized for lookups

what are the new features in Active Directory (AD) of Windows server 2012?
dcpromo (Domain Controller Promoter) with improved wizard: It allows you to view all the steps and review the detailed results during the installation process
Enhanced Administrative Center: Compared to the earlier version of active directory, the administrative center is well designed in Windows 2012. The exchange management console is well designed
Recycle bin goes GUI: In windows server 12, there are now many ways to enable the active directory recycle bin through the GUI in the Active Directory Administrative Center, which was not possible with the earlier version
Fine grained password policies (FGPP): In windows server 12 implementing FGPP is much easier compared to an earlier  It allows you to create different password policies in the same domain
Windows Power Shell History Viewer: You can view the Windows Power Shell commands that relates to the actions you execute in the Active Directory Administrative Center UI

Explain what is SYSVOL?
The SysVOL folder keeps the server’s copy of the domain’s public files.  The contents such as users, group policy, etc. of the sysvol folders are replicated to all domain controllers in the domain

What is the difference between domain admin groups and enterprise admins group in AD?
Enterprise Admin Group 
Members of this group have complete control of all domains in the forest By default, this group belongs to the administrators group on all domain controllers in the forest As such this group has full control of the forest, add users with caution
Domain Admin Group
Members of this group have complete control of the domain By default, this group is a member of the administrators group on all domain controllers, workstations and member servers at the time they are linked to the domain

What system state data contains?
  • Contains startup files
  • Registry
  • Com + Registration Database
  • Memory page file
  • System files
  • AD information
  • SYSVOL Folder
  • Cluster service information
What is Kerberos?
Kerberos is an authentication protocol for network.  It is built to offer strong authentication for server/client applications by using secret-key cryptography.

where does the AD database is held? What other folders are related to AD?
  • AD database is saved in %systemroot%/ntds. In the same folder, you can also see other files; these are the main files controlling the AD structures they are dit
  • log
  • res 1.log
  • log
  • chk

What is PDC emulator and how would one know whether PDC emulator is working or not?
There is one PDC emulator per domain, and when there is a failed authentication attempt, it is forwarded to PDC emulator.  It acts as a “tie-breaker” and it controls the time sync across the domain.
These are the parameters through which we can know whether PDC emulator is working or not.
  • Time is not syncing
  • User’s accounts are not locked out
  • Windows NT BDCs are not getting updates
  • If pre-windows 2000 computers are unable to change their passwords

Mention what are lingering objects?
Lingering objects can exists if a domain controller does not replicate for an interval of time that is longer than the tombstone lifetime (TSL).

What is TOMBSTONE lifetime?
Tombstone lifetime in an Active Directory determines how long a deleted object is retained in Active Directory.  The deleted objects in Active Directory is stored in a special object referred as TOMBSTONE.  Usually, windows will use a 60- day tombstone lifetime if time is not set in the forest configuration.

What is Active Directory Schema?
Schema is an active directory component describes all the attributes and objects that the directory service uses to store data

What is a child DC?
CDC or child DC is a sub domain controller under root domain controller which share name space

What is RID Master?
RID master stands for Relative Identifier for assigning unique IDs to the object created in AD

What are the components of AD?
Components of AD includes
  • Logical Structure: Trees, Forest, Domains and OU
  • Physical Structures: Domain controller and Sites

What is Infrastructure Master?
Infrastructure Master is accountable for updating information about the user and group and global catalogue.

How to take backup of AD ?
taking backup of active directory you have to do this :
when the backup screen is flash then take the backup of SYSTEM STATE it will take the backup of all the necessary information about the syatem including AD backup , DNS ETC.

What is Garbage collection ?
Garbage collection is the process of the online defragmentation of active directory. It happens every 12 Hours
What is NETDOM?
NETDOM is a command-line tool that allows management of Windows domains and trust relationships. It is used for batch management of trusts, joining computers to domains, verifying trusts, and secure channels

What do you understand by the term "Memory Leak"?
A memory leak is when you used some memory and lost the pointer to the allocation so you can no longer de-allocate that memory. There are two types of memory leaks, the gradual memory leak (where memory continuously grows at approximately the same rate) and the sudden memory jump.
Non-authoritative restore of Active Directory
Non-authoritative restore is restore the domain controller to its state at the time of backup, and allows normal replication to overwrite restored domain controller with any changes that have occurred after the backup. After system state restore, domain controller queries its replication partners and get the changes after backup date, to ensure that the domain controller has an accurate and updated copy of the Active Directory database.
Non-authoritative restore is the default method for restoring Active Directory, just a restore of system state is non-authoritative restore and mostly we use this for Active Directory data loss or corruption.

Which FSMO role is the most important? And why?
Interesting question which role is most important out of 5 FSMO roles or if one role fails that will impact the end-user immediately Most armature administrators pick the Schema master role, not sure why maybe they though Schema is very critical to run the Active Directory
Correct answer is PDC, now the next question why? Will explain role by role what happens when a FSMO role holder fails to find the answer
Schema Master – Schema Master needed to update the Schema, we don’t update the schema daily right, when will update the Schema? While the time of operating system migration, installing new Exchange version and any other application which requires extending the schema
So if are Schema Master Server is not available, we can’t able to update the schema and no way this will going to affect the Active Directory operation and the end-user Schema Master needs to be online and ready to make a schema change, we can plan and have more time to bring back the Schema Master Server
Domain Naming Master – Domain Naming Master required to creating a new Domain and creating an application partition, Like Schema Master we don’t cerate Domain and application partition frequently So if are Domain Naming Master Server is not available, we can’t able to create a new Domain and application partition, it may not affect the user, user event didn’t aware Domain Naming Master Server is down
Infrastructure Master – Infrastructure Master updates the cross domain updates, what really updates between Domains? Whenever user login to Domain the TGT has been created with the list of access user got through group membership (user group membership details) it also contain the user membership details from trusted domain, Infrastructure Master keep this information up-to-date, it update reference information every 2 days by comparing its data with the Global Catalog (that’s why we don’t keep Infrastructure Master and GC in same server)
In a single Domain and single Forest environment there is no impact if the Infrastructure Master server is down In a Multi Domain and Forest environment, there will be impact and we have enough time to fix the issue before it affect the end-user
RID Master –Every DC is initially issued 500 RID’s from RID Master Server.  RID’s are used to create a new object on Active Directory, all new objects are created with Security ID (SID) and RID is the last part of a SID. The RID uniquely identifies a security principal relative to the local or domain security authority that issued the SID When it gets down to 250 (50%) it requests a second pool of RID’s from the RID master.  If RID Master Server is not available the RID pools unable to be issued to DC’s and DC’s are only able to create a new object depends on the available RID’s, every DC has anywhere between 250 and 750 RIDs available, so no immediate impact
PDC – PDC required for Time sync, user login, password changes and Trust, now you know why the PDC is important FSMO role holder to get back online, PDC role will impact the end-user immediately and we need to recover ASAP The PDC emulator Primary Domain Controller for backwards compatibility and it’s responsible for time synchronizing within a domain, also the password master. Any password change is replicated to the PDC emulator ASAP. If a logon request fails due to a bad password the logon request is passed to the PDC emulator to check the password before rejecting the login request.

Tel me about Active Directory Database and list the Active Directory Database files?
Res1.log and Res2.log
All AD changes didn’t write directly to NTDS.DIT database file, first write to EDB.Log and from log file to database, EDB.Che used to track the database update from log file, to know what changes are copied to database file.
NTDS.DIT: NTDS.DIT is the AD database and store all AD objects, Default location is the %system root%\nrds\nrds.dit, Active Directory database engine is the extensible storage engine which us based on the Jet database
EDB.Log: EDB.Log is the transaction log file when EDB.Log is full, it is renamed to EDB Num.log where num is the increasing number starting from 1, like EDB1.Log
EDB.Che: EDB.Che is the checkpoint file used to trace the data not yet written to database file this indicate the starting point from which data is to be recovered from the log file in case if failure
Res1.log and Res2.log:  Res is reserved transaction log file which provide the transaction log file enough time to shutdown if the disk didn’t have enough space
What are all the Active Directory Partitions?

Application partition


No comments:

Post a Comment