Monday, February 28, 2011

Technical Interview Questions - Windows Server 2008/R2 Active Directory

* What is Active Directory?
* What is LDAP?
* Where is the AD database held? What other folders are related to AD?
* Talk about all the AD-related roles in Windows Server 2008/R2.
* What are the new Domain and Forest Functional Levels in Windows Server 2008/R2?
* What is the SYSVOL folder?
* What are the AD naming contexts (partitions)s and replication issues for each NC?
* What are application partitions?
* What applications or services use AD application partitions? Name a couple.
* How do you create a new application partition?
* What are the requirements for installing AD on a new server?
* What can you do to promote a server to DC if you're in a remote location with slow WAN link?
* ...
* How do you view replication properties for AD partitions and DCs?
* What is the Global Catalog?
* How do you view all the GCs in the forest?
* Why not make all DCs in a large forest as GCs?
* Talk about GCs and Universal Groups.
* Describe the time synchronization mechanism in AD.
* What is ADSIEDIT? What is NETDOM? What is REPADMIN?
* What is DCDIAG? When would you use it?
* ...
* What are sites? What are they used for?
* What's the difference between a site link's schedule and interval?
* What is the KCC?
* What is the ISTG? Who has that role by default?
* Talk about sites and GCs.
* Talk about sites and Exchange Server 2007/2010.
* ...
* What is GPO?
* Describe the way GPO is applied throughout the domain.
* What can you do to prevent inheritance from above?
* How can you override blocking of inheritance?
* Name some of the major changes in GPO in Windows Server 2008.
* What are ADM files? What replaced them in Windows Server 2008?
* What's the GPO repository? How do you use it?
* What are GPO Preferences?
* Which client OSs can use GPO Preferences?
* What are GPO Templates?
* What are WMI Filters?
* What is the concept behind GPO Filtering?
* How can you determine what GPO was and was not applied for a user? Name a few ways to do that.
* A user claims he did not receive a GPO, yet his user and computer accounts are in the right OU, and everyone else there gets the GPO. What will you look for?
* You want to standardize the desktop environments (wallpaper, My Documents, Start menu, printers etc.) on the computers in one department. How would you do that?
* ...
* What are the major changes in AD in Windows Server 2008?
* What are the major changes in AD in Windows Server 2008 R2?
* What is the AD Recycle Bin? How do you use it?
* What is tombstone lifetime attribute?
* What are AD Snapshots? How do you use them?
* What is Offline Domain Join? How do you use it?
* What are Fine-Grained Passwords? How do you use them?
* Talk about Restartable Active Directory Domain Services in Windows Server 2008/R2. What is this feature good for?
* What are the changes in auditing in Windows Server 2008/R2?
* ...
* How can you forcibly remove AD from a server, and what do you do later?
* Can I get user passwords from the AD database?
* What tool would I use to try to grab security related packets from the wire?
* Talk about PowerShell and AD.
* ...
* How do you backup AD?
* How do you restore AD?
* Talk about Windows Backup and AD backups.
* How do you change the DS Restore admin password?
* Why can't you restore a DC that was backed up 7 months ago?
* What's NTDSUTIL? When do you use it?
* ...
* What are RODCs?
* What are the major benefits of using RODCs?
* How do you install an RODC?
* Talk about RODCs and passwords.
* What is Read Only DNS?
* What happens when a remote site with an RODC loses connectivity to the main site?
* ...
* Talk about Server Core and AD.
* How do you promote a Server Core to DC?
* ...
* What are the FSMO roles? Who has them by default? What happens when each one fails?
* How can you tell who holds each FSMO role? Name a 2-3 of methods.
* What FSMO placement considerations do you know of?
* You want to look at the RID allocation table for a DC. What do you need to do?
* What's the difference between transferring a FSMO role and seizing one? Which one should you NOT seize? Why?

No comments:

Post a Comment