Lesson 14: Creating and Managing Active Directory Users and Computers

Question 1

Two types of users on 2012

Answer 1

Local Users

Domain Users

Question 2

Local Users

Answer 2

Can only access resources on a local computer and are stored on the local SAM database on the computer where they reside.

Question 3

SAM

Answer 3

Security Account Manager – database present on servers that stores user accounts and security descriptors for users on the local computer

Question 4

Domain Users

Answer 4

Users that can access network resources. Account info is stored in the AD DS database and replicated to all domain controllers.

Question 5

Two built-in user account on computers running Windows Server 2012

Answer 5

Administrator

Guest

Question 6

4 security guidelines for the administrator account

Answer 6

Rename the account
use a strong password
limit knowledge of who has the password
do not use the account for non-admin tasks

Question 7

By default, the guest account is ____

Answer 7

Disabled and has no password

Question 8

What are two restrictions you should consider for the guest account

Answer 8

Rename the account.

set a strong password

Question 9

You cannot ____ the admin or guest account

Answer 9

delete

Question 10

ADAC

Answer 10

Active Directory Administrative Cener

Question 11

Two interfaces to create a user

Answer 11

ADAC

Active Director Users and Computers console

Question 12

4 tools used to create multiple users and groups

Answer 12

Dsadd.exe
Windows PowerShell
Comma-separated value directory exchange (CSVDE.exe)
LDIFDE.exe

Question 13

LDIFDE.exe

Answer 13

LDAP Data Interchange Format Directory Exchange

Question 14

User Template

Answer 14

A standard user object containing boilerplate attribute settings that you can apply to new users that you create.

Question 15

Which exe file can you use to create objects like users, groups, and OUs?

Answer 15

Dsadd.exe

LDIFDE.exe

Question 16

Header Record

Answer 16

The first line of the a CSV text file that provides attribute names.

Question 17

Difference between Dsadd.ee and lfifde.exe?

Answer 17

LFIFDE.exe allows you to modify objects that are already created.

Question 18

What do computer objects share with user objects?

Answer 18

They have properties, like name, location, and who can manage them.
They inherit group policy settings from container objects like domains, sites, and organizational units
They can be members of groups and inherit permissions from group objects

Question 19

Before a client PC sends login credentials to the DC, what happens?

Answer 19

The client PC and the DC each verify that the other is a member of the domain by checking that their computer object is in the DC

Question 20

2 steps to adding a computer to AD DS

Answer 20

Create a computer account in Active Directory
Join the PC to the domain

Note that joining a PC to the domain will allow the computer to create its own object

Question 21

DN

Answer 21

Distinguished Name. Unique name for an object

Question 22

What EXE can be used to create computer objects?

Answer 22

Dsadd.exe

Question 23

How do you change more than one object at a time?

Answer 23

Select multiple objects (shift, control) and right-click, properties.

Question 24

What EXE can be used to join a computer to a domain?

Answer 24

netdom.exe

Question 25

How can you joing a PC to a domain while the PC is offline?

Answer 25

djoin.exe
Run this once on a PC connected to the domain. Use the outputed text file when running it again, on a PC not connected. Once connected, the offline PC will use the file to join the domain.