System Admin Interview Questions & Answers
Active
Directory
What is LMHOSTS file?
It’s a file
stored on a host machine that is used to resolve NetBIOS to specific IP
addresses.
What’s the difference between forward
lookup and reverse lookup in DNS?
Forward
lookup is name-to-address, the reverse lookup is address-to-name
What is global catalog server?
Global
Catalog Server maintains full information about its own domain and partial
information about other domains. It is a forest wide role.
A global catalog
server is a domain controller it is a master searchable database that contains
information about every object in every domain in a forest. The global catalog
contains a complete replica of all objects in Active Directory for its host
domain, and contains a partial replica of all objects in Active Directory for
every other domain in the forest.
It have two
important functions:
i)Provides
group membership information during logon and authentication
ii)Helps
users locate resources in Active Directory
Which is the command used to install active
directory?
dcpromo
What is DNS & DHCP?
It’s mainly
used to resolve from host name(FQDNFully Qualified Domain Name) to IP address
and IP address to host name.DNS mainly used in Internet.
DHCP use for
provide IP address dnamically to client machine. If that client not able to
find DHCP server then client machine will go for APIPA(We have range for APIPA
which is 169.254.0.1-169.254.255.254).
What is LDAP?
Lightweight
Directory Access Protocol
Lightweight
Directory - Directories are kind of like a database but not really. A directory
is a specialized database that is optimized for lookups.
What is Host Mapping?
Mapping
hostname to an AD user restricting user to a single system
What is the difference between Security
Group and Distribution Group?
Groups are
used to collect user accounts, computer accounts, and other group accounts into
manageable units. Working with groups instead of with individual users helps
simplify network maintenance and administration.
There are
two types of groups in Active Directory: distribution groups and security
groups.
You can use
distribution groups to create e-mail distribution lists and security groups to
assign permissions to shared resources.
Distributions
groups
Distribution
groups can be used only with e-mail applications (such as Exchange) to send
e-mail to collections of users. Distribution groups are not security-enabled,
which means that they cannot be listed in discretionary access control lists
(DACLs). If you need a group for controlling access to shared resources, create
a security group.
Security
groups
Assign user
rights to security groups in Active Directory
Assign
permissions to security groups on resources
Where is the AD database held?
The AD data
base is store in c:\windows\ntds\NTDS.DIT.
What is LSDOU ?
It’s the group policy inheritance model, where
the policies are applied to Local machines, Sites, Domains and Organizational
Units.
Can I deploy non-MSI software with GPO?
Using .zap
packages
Mention 2 new Features from Server 2008
R2
Windows
Server 2008 R2 new features
Powershell
Cmdlets:-
They replace
the current Active Directory command line tools. There are about 85 Active
Directory-related PowerShell cmdlets.
Active
Directory Administrative Center:-
The Active
Directory Administrative Center is a new task-oriented user interface for the
Active Directory Services. You can perform similar tasks as with the Active
Directory Users and Computers console (ADUC). It is based on the new PowerShell
cmdlets and displays the PowerShell commands that correspond to the tasks
performed with the GUI.
Recycle
Bin:-
Accidently
deleted Active Directory objects can be restored from the Recycle Bin.
(Requires R2 functional level)
Offline
Domain Join:-
Admins can
automate the joining of a Windows 7 machine to a domain during deployment with
an XML file. The target computer can be offline during the deployment process.
The tool that is used to join the domain is djoin.exe.
Managed Service
Accounts:-
Authentication
Assurance provides an authentication mechanism that allows administrators to
map specific certificates to security groups using certificate policies. Users
logged on with a smart card, USB token, or some other type of certificate logon
method can be distinguished in this way. This feature can be used to grant
external users access to corporate resources using Active Directory Federated
Services. (Requires R2 functional level).
With Windows
Server 2008, Microsoft introduced the most important changes regarding
administration. The role model and the new Server Manager were the main
changes. Also in Windows Server 2008, R2 componentization is a bit more
fine-grained and Server Manager supports remote administration. Other highlights
are the new power management features, the PowerShell support for Server Core,
and DHCP Failover.
What is FSMO? Mention the 5 FSMO Roles
Flexible
Single Master Operations (FSMO in AD)
Schema
Master
Domain
naming master
Infrastructure
Master
Relative ID
(RID) Master
PDC Emulator
Windows NTFS Permissions
What are the 4 Standard Permissions?
Modify
Read &
Execute
Read
Write
Inherited vs. Explicit Permissions
Inherited:
Permissions that roll down from the Parent folder
Explicit:
Permissions that are manually changed by a user
What is File Permissions Precedence
Hierarchy?
Explicit
Deny
Explicit
Allow
Inherited
Deny
Inherited
Allow
Exchange Server
What are the different versions of Exchange
Server you know about?
Exchange
server 5.5
Exchange
Server 2000
Exchange
Server 2003
Exchange
Server 2007
Exchange
Server 2010
What are the Basic Incoming and Outgoing
port for a Mail client
Incoming 110
Outgoing 25
What is ForestPrep?
Forest prep
updates the schema and configuration partition in Active directory. Extend the
schema to includeExchange server 2003 specific classes and attributesTo run the
Forest Prep, Administrator should have Schema and Enterprise Admin permission
over theDomain
What is DomainPrep?
Domain Prep
prepares the Domain partion in Active Directory. Forest prep should be run only
once in forestwhere Domain Prep should be run in following Servers.
1.The Forest
root Domain
2.All domain
that will contain Exchange Server 2003
3.All Domain
that will contain Exchange Mailbox enable objects
What is Active Directory Connector (ADC)?
ADC it¶s a
Microsoft Exchange Server 2003 Service that allows for the replication of
information from Active directory and a Microsoft Exchange 2003. But is not
available in Exchange 2010
WHat is Exchange Native Mode?
Native mode
means when all the exchange servers in an infrastructure are running the same
version of exchange. Mixed Mode means an infrastructure which contains
different verions of exchange running .
What is a Mail Contact?
Mail enabled
contacts have the following characteristics:
E-mail
address created
Displayed in
address lists
Can receive
e-mail at an external e-mail account
What is MAPI?
Messaging
Application Programming Interface, a system built into Microsoft Windows that
enables different e-mail applications to work together to distribute mail. As
long as both applications are MAPI-enabled, they can share mail messages with
each other.
What is POP?
POP is a
very simple protocol that only allows downloading of messages from your Inbox
to your local computer.
Difference between MAPI/POP/IMAP?
MAPI
connections give you full functionality to all of the services MS Exchange
offers:
Direct live
connection to the Mail Server
Shared
Inbox, Calendar, Contacts, Tasks, Notes and Free/Busy information for
scheduling
Public
Folders
Out Of
Office Assistant
Server Side
Rules and Alerts
Access to
Outlook Web Access via any Web Browser
Optional Server
Side SPAM Management
IMAP
Connections allow a more limited functionality:
Direct Live
Connection to the Mail Server
POP
Connections offer the least functionality:
Send and
Receive Email
All
connection types allow you to keep messages on the server and to view your
mailbox using Outlook Web Access.
What is Global Address List (GAL)?
Global
Address List is the Primary Address list that contains all Exchange objects in
the entire organizationand mail-enabled objects in the Microsoft Exchange
server organization
What is Recipient Update Service?
Recipient update service updates the email
address and distribution list membership and replicates this information on a
schedule to other Microsoft Exchange Servers in the Domain
What all ports are required by front-end
server to communicate with back-end servers?
443 for
HTTPS
993 for
SSL-enabled IMAP
995 for
SSL-enabled POP
25 for SMTP
New Features in Exchange 2010
Legal Hold
Multi-Mailbox
Search
Exchange
Control Panel
Exchange
Management COnsole & Exchange Management Shell
Database
Availability Groups
Voice Mail ,Transcription
Retention
Policies
Comments
Post a Comment