Basic

Question 1

What is AD DS?

Answer 1

This is a server that is running the Active Directory Domain Services Role

Question 2

What is AD

Answer 2

his is just an abbreviation for Active Directory

Question 3

What is ADWS?

Answer 3

This service was introduced in Windows Server 2008 R2. It is automatically installed with ADDS or ADLDS role and is configured to run automatically. This service provides remote management of any local directory services.

Question 4

Explain a domain

Answer 4

The domain is a logical structure of containers and objects within Active Directory. A domain contains the following components:
* A hierarchical structure for users, groups, computers and other objects
* Security services that provide authentication and authorization to resources in the domain and other domains
* Policies that are applied to users and computers
A DNS name to identify the domain. When you log into a computer that is part of a domain you are logging into the DNS domain name. My DNS domain is ad.activedirectorypro.com, this is how my domain is identified.

Question 5

What is a domain tree

Answer 5

When you add a child domain to a parent domain you create what is called a domain tree. A domain tree is just a series of domains connected together in a hierarchical fashion all using the same DNS namespace. If activedirectorypro.com was to add a domain called training, or videos it would be named training.activedirectorypro.com and videos.activedirectorypro.com. These domains are part of the same domain tree and a trust is automatically created between the parent and child domains.

Question 6

What functional levels determine?

Answer 6

Functional levels determine what capabilities are available in the domain. Higher functional levels allow you to use the latest and greatest technologies in your Active Directory domain. When possible use the highest functional levels for your domain controllers.

Question 7

What is a Forest?

Answer 7

A forest is a collection of domain trees. The domain tree shares a common schema and configuration container. The domain tree is connected together through a transitive trust. When you first install Active Directory and create a domain you are also creating a forest.

Question 8

What is the meaning of FQDN?

Answer 8

Fully Qualified Domain name is the hostname + the domain, for example, my domain is ad.activedirectorypro.com, a computer in the domain with hostname PC1 so the FQDN would be pc1.ad.activedirectorypro.com

Question 9

What is FSMO Roles?

Answer 9

Flexible Single Master Operator (FSMO) Roles
A domain controller has multiple functions that are referred to as the FSMO roles. These roles are all installed on the first domain controller in a new forest, you can move roles across multiple DCs to help with performance and failover.

Question 10

How many FSMO roles the AD have?

Answer 10

5
Schema Master
Domain Naming Master
PDC Emulator
RID Master
Infrastructure Master

Question 11

Define the FSMO Role SCHEMA MASTER

Answer 11

The schema master is a forest wide role that handles all the changes to the Active Directory schema.

Question 12

Define the FSMO Role Domain Naming Master

Answer 12

This is a forest wide role that is the master of domain names. It handles the namespace and adding removing domain names.

Question 13

Define the FSMO Role PDC Emulator

Answer 13

This role handles password changes, user lockouts, group policy and is the time server for the clients.

Question 14

Define the FSMO Role RID Master

Answer 14

This role is responsible for processing RID pool requests from all DCs within the domain. When objects such as users and computers are created they get assigned a unique SID and a relative ID (RID). The RID master role ensures objects do not get assigned the same SID and RIDs.

Question 15

Define the FSMO Role Infrastructure Master

Answer 15

This is a domain wide role used to reference objects in other domains. If users from Domain A are members of a security group in Domain B, the infrastructure master role is used to reference the accounts in the correct domain.

Question 16

What is LDAP?

Answer 16

Lightweight Directory Access Protocol
LDAP is an open platform protocol used for accessing directory services. LDAP provides the communication mechanism for applications and other systems to use interact with directory servers. In simple terms, LDAP is a way of connecting and communicating with Active Directory.

Question 17

What is a Global Catalog (GC)?

Answer 17

The global catalog server contains a full replica of all objects and is used to perform forest wide searches. By default the first domain controller in a domain is designated as the GC server, it is recommended to have at least one GC server for each site to improve performance.

Question 18

What is the name of the AD database?

Answer 18

Ntds.dit - (“.dit” : directory information tree).
Normally it’s called “.dit” only

Question 19

What is a RODC?

Answer 19

Read-Only Domain Controller
RODC servers hold a read-only copy of the Active Directory database and do not allow changes to AD. Its primary purpose is for branch offices and locations with poor physical security.

Question 20

What is the AD Schema?

Answer 20

The Active Directory schema defines every object class that can be created and used in an Active Directory forest. It also defines every attribute that can exist in an object. In other words, it is a blueprint of how data can be stored in Active Directory. For example, a user account is an instance of the user class, it uses attributes to store and provide information about that object. A computer account is another instance of a class that also is defined by its attributes.
There are many classes and attributes unless your programming or troubleshooting some advanced issue it is not necessary to know everything about the schema.

Question 21

Why Sysvol is important?

Answer 21

The sysvol is a very important folder that is shared out on each domain controller. The default location is %SYSTEMROOT%\SYSVOL\sysvol and is made up of the following:
* Group Policy Objects
* Folders
* Scripts
* Junction Points

Question 22

Default shares in a DC

Answer 22

Sysvol
Netlogn

Question 23

What is a tombstone?

Answer 23

Tombstone is a deleted object from AD that has not been removed from the database, the object technically remains in the database for a period of time. During this period of time the object can be restored.