25. Name some OU design considerations.

25. Name some OU design considerations.

January 10, 2011
Windows admin interview questions (includes Vista)



OU design requires balancing requirements for delegating administrative rights - independent of Group Policy needs - and the need to scope the application of Group Policy. The following OU design recommendations address delegation and scope issues:
Applying Group Policy An OU is the lowest-level Active Directory container to which you can assign Group Policy settings.
Delegating administrative authority
usually don't go more than 3 OU levels
24. What tool would I use to try to grab security related packets from the wire?

24. What tool would I use to try to grab security related packets from the wire?

January 10, 2011
Windows admin interview questions (includes Vista)


you must use sniffer-detecting tools to help stop the snoops. ...
A good packet sniffer would be "ethereal"

22. How can you forcibly remove AD from a server, and what do you do later?

22. How can you forcibly remove AD from a server, and what do you do later?

January 10, 2011
Windows admin interview questions (includes Vista)

Demote the server using dcpromo /forceremoval, then remove the metadata from Active directory using ndtsutil. There is no way to get user passwords from AD that I am aware of, but you should still be able to change them.
Another way out too
Restart the DC is DSRM mode
a. Locate the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions
b. In the right-pane, double-click ProductType.
c. Type ServerNT in the Value data box, and then click OK.
Restart the server in normal mode
its a member server now but AD entries are still there. Promote teh server to a fake domain say ABC.com and then remove gracefully using DCpromo. Else after restart you can also use ntdsutil to do metadata as told in teh earlier post
23.  Can I get user passwords from the AD database?

23. Can I get user passwords from the AD database?

January 10, 2011
Windows admin interview questions (includes Vista)



The passwords in AD are not stored encrypted by default, so they cannot be decrypted. They are hashed. The only way to recover the data from a hash is with some sort of a hacking algorithm that attempts to crack the hash (such tools exist).
20. What are the requirements for installing AD on a new server?

20. What are the requirements for installing AD on a new server?

January 10, 2011
Windows admin interview questions (includes Vista)



An NTFS partition with enough free space (250MB minimum)
· An Administrator's username and password
· The correct operating system version
· A NIC
· Properly configured TCP/IP (IP address, subnet mask and - optional - default gateway)
· A network connection (to a hub or to another computer via a crossover cable)
· An operational DNS server (which can be installed on the DC itself)
· A Domain name that you want to use
· The Windows 2000 or Windows Server 2003 CD media (or at least the i386 folder)

From the Petri IT Knowledge base. For more info, follow this link:
21. What can you do to promote a server to DC if you’re in a remote location with slow WAN link?

21. What can you do to promote a server to DC if you’re in a remote location with slow WAN link?

January 10, 2011
Windows admin interview questions (includes Vista)


First available in Windows 2003, you will create a copy of the system state from an existing DC and copy it to the new remote server. Run "Dcpromo /adv". You will be prompted for the location of the system state files
18. What is the KCC?

18. What is the KCC?

January 10, 2011
Windows admin interview questions (includes Vista)



With in a Site, a Windows server 2003 service known as the KCC automatically generates a topology for replication among the domain controllers in the domain using a ring structure.Th Kcc is a built in process that runs on all domain controllers.
The KCC analyzes the replication topology within a site every 15 minute to ensure that it still works. If you add or remove a domain controller from the network or a site, the KCC reconfigures the topology to relect the change.

KCC is Knowledge Consistency Checker, which creates the connection object that links the DCs into common replication topology and dictates the replication routes between one DC to another in Active Directory forest.

19. What is the ISTG? Who has that role by default?

19. What is the ISTG? Who has that role by default?

January 10, 2011
Windows admin interview questions (includes Vista)



Intersite Topology Generator (ISTG), which is responsible for the connections among the sites. By default Windows 2003 Forest level functionality has this role. 
By Default the first Server has this role. If that server can no longer preform this role then the next server with the highest GUID then takes over the role of ISTG.

Windows 2000 Domain controllers each create Active Directory Replication connection objects representing inbound replication from intra-site replication partners. For inter-site replication, one domain controller per site has the responsibility of evaluating the inter-site replication topology and creating Active Directory Replication Connection objects for appropriate bridgehead servers within its site. The domain controller in each site that owns this role is referred to as the Inter-Site Topology Generator (ISTG).
17. What’s the difference between a site link’s schedule and interval?

17. What’s the difference between a site link’s schedule and interval?

January 10, 2011
Windows admin interview questions (includes Vista)

Any time two networks are separated by links that are heavily used during parts of the day and are idle during other parts of the day, put those networks into separate sites. You can use the ability to schedule replication between sites to prevent replication traffic from competing with other traffic during high usage hours.
In simple words you can define it as the time when you allow the replication to happen.
Interval is also a part of schedule but it takes cares of the replication polling frequency. In other words in a said schedule of say 9:00 AM to 1 PM replication polling shuld occur in every 15 minutes.
Schedule here is 9:00 AM to 1 PM
Interval is every 15 minutes.