25. Name some OU design considerations.
interview questionsWindows admin interview questions (includes Vista)
OU design requires balancing requirements for delegating administrative rights - independent of Group Policy needs - and the need to scope the application of Group Policy. The following OU design recommendations address delegation and scope issues:
Applying Group Policy An OU is the lowest-level Active Directory container to which you can assign Group Policy settings.
Delegating administrative authority
usually don't go more than 3 OU levels
24. What tool would I use to try to grab security related packets from the wire?
interview questionsWindows admin interview questions (includes Vista)
A good packet sniffer would be "ethereal"
22. How can you forcibly remove AD from a server, and what do you do later?
interview questionsWindows admin interview questions (includes Vista)
Demote the server using dcpromo /forceremoval, then remove the metadata from Active directory using ndtsutil. There is no way to get user passwords from AD that I am aware of, but you should still be able to change them.
Another way out too
Restart the DC is DSRM mode
a. Locate the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions
b. In the right-pane, double-click ProductType.
c. Type ServerNT in the Value data box, and then click OK.
Restart the server in normal mode
its a member server now but AD entries are still there. Promote teh server to a fake domain say ABC.com and then remove gracefully using DCpromo. Else after restart you can also use ntdsutil to do metadata as told in teh earlier post
23. Can I get user passwords from the AD database?
interview questionsWindows admin interview questions (includes Vista)
The passwords in AD are not stored encrypted by default, so they cannot be decrypted. They are hashed. The only way to recover the data from a hash is with some sort of a hacking algorithm that attempts to crack the hash (such tools exist).
20. What are the requirements for installing AD on a new server?
interview questionsWindows admin interview questions (includes Vista)
An NTFS partition with enough free space (250MB minimum)
· An Administrator's username and password
· The correct operating system version
· A NIC
· Properly configured TCP/IP (IP address, subnet mask and - optional - default gateway)
· A network connection (to a hub or to another computer via a crossover cable)
· An operational DNS server (which can be installed on the DC itself)
· A Domain name that you want to use
· The Windows 2000 or Windows Server 2003 CD media (or at least the i386 folder)
From the Petri IT Knowledge base. For more info, follow this link:
21. What can you do to promote a server to DC if you’re in a remote location with slow WAN link?
interview questionsWindows admin interview questions (includes Vista)
First available in Windows 2003, you will create a copy of the system state from an existing DC and copy it to the new remote server. Run "Dcpromo /adv". You will be prompted for the location of the system state files
First available in Windows 2003, you will create a copy of the system state from an existing DC and copy it to the new remote server. Run "Dcpromo /adv". You will be prompted for the location of the system state files
Subscribe to:
Posts (Atom)
