Windows admin interview questions (includes Vista)
A good packet sniffer would be "ethereal"
24. What tool would I use to try to grab security related packets from the wire?
interview questionsA good packet sniffer would be "ethereal"
A good packet sniffer would be "ethereal"
22. How can you forcibly remove AD from a server, and what do you do later?
interview questionsWindows admin interview questions (includes Vista)
Demote the server using dcpromo /forceremoval, then remove the metadata from Active directory using ndtsutil. There is no way to get user passwords from AD that I am aware of, but you should still be able to change them.
Another way out too
Restart the DC is DSRM mode
a. Locate the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions
b. In the right-pane, double-click ProductType.
c. Type ServerNT in the Value data box, and then click OK.
Restart the server in normal mode
its a member server now but AD entries are still there. Promote teh server to a fake domain say ABC.com and then remove gracefully using DCpromo. Else after restart you can also use ntdsutil to do metadata as told in teh earlier post
23. Can I get user passwords from the AD database?
interview questionsWindows admin interview questions (includes Vista)
The passwords in AD are not stored encrypted by default, so they cannot be decrypted. They are hashed. The only way to recover the data from a hash is with some sort of a hacking algorithm that attempts to crack the hash (such tools exist).
Subscribe to:
Posts (Atom)
