Lesson 9 - Chapter 3: Active Directory

Question 1

What is a Windows domain controller?

Answer 1

a type of server

Question 2

What is Active Directory? What is it on?

Answer 2

a centralized networking database on a Windows domain controller (a type of server) that manages and maintains information about everything on the network

(user accounts, passwords, access to resources on a network)

Question 3

Can a PC be part of a workgroup and a Active Directory domain?

Answer 3

No, it has to be one or the other

Question 4

Active Directory is an integral part of what?

Answer 4

Windows server, it provides directory services to a Windows Server domain

Question 5

What is single-sign on? (SSO)

Answer 5

valid domain accounts sign in once and have access to all domain resources

Question 6

What type of businesses use a domain?

Answer 6

those with more than a dozen or so hosts

Question 7

What is a domain?

Answer 7

a server running Windows Server controls access to network resources

Question 8

How do you create a domain?

Answer 8

An admin creates a domain on the Windows Server system and makes it the domain controller (DC)

Question 9

What is a domain controller? What is it used for?

Answer 9

a domain (server) that is created/assigned by an admin and used to create domain accounts for users in Active Directory

Question 10

When a system joins a domain when it’s already part of a workgroup, what happens?

Answer 10

It automatically is removed from its workgroup

Question 11

How do you log into a domain?

Answer 11

You enter your username when logging into a computer on a domain

Question 12

Where are user accounts stored? What does it also function as?

Answer 12

User accounts are stored on the domain controller, which functions as the authentication server

Question 13

What functions as the authentication server?

Answer 13

domain controller

Question 14

What’s the text you input to log into a domain? (username)

Answer 14

(domain)backslash(domain username)

example:
totalhome\Vanessa

Question 15

What’s one way to see the Active Directory?

Answer 15

log on directly to the domain controller and run the Active Directory Users and Computers utility

Question 16

What is the Active Directory Users and Computers utility?

Answer 16

it’s a tool that provides basic Active Directory functions

Question 17

What are organizational units? How do they appear?

Answer 17

they’re the domain’s organization. They show up as “folders” (not folders) under the domain name tree

Question 18

In the Active Directory Users and Computers utility, what is the “Built-in” organizational unit?

Answer 18

stores all the built-in domain groups such as Domain Administrators and Users

Question 19

In the Active Directory Users and Computers utility, what is the “Computers” organizational unit?

Answer 19

lists every system (from servers to workstations)

Question 20

In the Active Directory Users and Computers utility, what does the “Domain Controllers” OU contain?

Answer 20

lists all the domain controllers

Question 21

In the Active Directory Users and Computers utility, what is the “Users” OU?

Answer 21

stores all the non-built in users for the domain

Question 22

What is the domain’s organization called?

Answer 22

organizational units (look like folders in the tree hierarchy)

Question 23

What’s the domain equivalent of individual systems having an Administrator account?

Answer 23

domain administrators

Question 24

What can domain administrators do in regards to joining?

Answer 24

join a computer to a domain

Question 25

Can you promote a local user or group to a domain user or group? What would someone need to use to do this?

Answer 25

No, a domain admin must create a fresh new domain account on the domain controller using Active Directory Users and Computers

Question 26

What happens if you create a new domain user account for a user but that user has a local PC that should be included in the domain?

Answer 26

you must join the PC to the domain or they won’t be able to log into the domain from their own PC

Question 27

What’s a shortcut to get to the System Properties dialog box?

Answer 27

Start > Search for “Advanced System Settings”

Question 27

Where do you go to create a new domain user account?

Answer 27

Active Directory Users and Computers

Question 28

Where do you go to add a PC to a domain? (3 steps)

Answer 28

System Properties > Computer Name > Network ID

Question 29

What happens if you remove a PC from a domain?

Answer 29

it prevents that PC from connecting to the domain in the future (they would still have their domain account and can sign in from another PC)

Question 30

Where do you go to remove a PC from a domain? (6 steps)

Answer 30

1. Domain controller
2. Active Directory Users and Computers
3. Right-click the computer
4. Properties
5. Member of Tab
6. Select it > Remove

Question 31

Where do domain administrators go to clean up account issues (reset passwords, unlock accounts, enable/disable)?

Answer 31

Active Directory Users and Computers

Question 32

What are 2 common methods for setting up user accounts?

(Understand the difference for A+ exam)

Answer 32

1. Login scripts
2. Home folders

Question 33

What’s a login script?

Answer 33

runs every time the user logs in to an Active Directory domain

(sooo many uses)

Question 34

Active Directory lets you pick where you want to store user’s what?

Answer 34

home folders

Question 35

What are home folders?

Answer 35

Pictures, Downloads, Documents, etc

Question 36

What is required to use Active Directory’s feature to choose where to store user’s home folders?

Answer 36

requires the use of roaming profiles instead of local profiles

Question 37

What happens every time you log onto a new pc with your (domain) user account?

Answer 37

Windows creates a new home folder for your domain account on that local machine

(so you have an empty home folder on that PC without a roaming profile)

Question 38

What do roaming profiles allow you to do? Who sets them up?

Answer 38

Roaming profiles allows you to access your (populated) home folders no matter the PC you use to log into the domain (centralizes data)

Administrators set up roaming profiles on a remote server

Question 39

What is folder redirection?

Answer 39

Administrators specify the location of the user’s home folders to a remote server rather than the local machine

Question 40

What are 2 ways folder redirection can be performed?

Answer 40

1. group policy
2. manually

Question 41

What is an organizational unit?

Answer 41

an Active Directory container

Question 42

What does an organizational unit help you organize? How does it organize?

f
l
p

Answer 42

users and computers by function, location, and permission

(Users, Admins, Workstations, Servers, San Francisco, Dublin, Chicago, etc)

Question 43

Can each OU have its own group policies? Yes or no?

Answer 43

Yes, and a domain can manage multiple OUs

Question 44

An OU can be used to collect the members of a department or division. Can an OU also have its own administrator?

Answer 44

yes

Question 45

What are the 2 types of security accounts that Active Directory provides?

Answer 45

user accounts and computer accounts

(representing a person or computer on the system)

Question 46

What are the benefits of using security groups?

Answer 46

gives an admin the ability to assign user rights to an entire security group and configure access permissions to a system resource

Question 47

What’s the difference between using the AD Group Policy utility on the server versus Local Group Policy Editor?

Answer 47

On the Local Editor, the settings only apply to the local machine (for that group) and when done on the server it pushes the policy out through login scripts