Tel me about Active Directory Database and list the Active Directory Database files?

NTDS.DIT

EDB.Log

EDB.Che

Res1.log and Res2.log

All AD changes didn’t write directly to NTDS.DIT database file, first write to EDB.Log and
from log file to database, EDB.Che used to track the database update from log file, to know what
changes are copied to database file.

NTDS.DIT: NTDS.DIT is the AD database and store all AD objects,

What is Active Directory Partitions?

Active Directory partition is how and where the AD information logically stored.

What is use Active Directory Partitions? And

How to find the Active Directory Partitions and there location?

Schema Partition – It store details about objects and attributes. Replicates to all domain
controllers in the Forest

DN location is CN=Schema,CN=Configuration,DC=Domainname, DC=com

Configuration Partition – It store details about the AD configuration information like, Site,
site-link, subnet and other replication topology information. Replicates to all domain controllers
in the Forest

DN Location is CN=Configuration,DC=Domainname,DC=com

Domain Partitions – object information for a domain like user, computer, group, printer and
other Domain specific information. Replicates to all domain controllers within a domain

DN Location is DC=Domainname,DC=com

Application Partition – information about applications in Active Directory. Like AD integrated

DNS is used there are two application partitions for DNS zones – ForestDNSZones and
DomainDNSZones, see more
What is the SYSVOL folder and why it’s used?

The Sysvol folder on a Windows domain controller is used to stores domain’s Group Policy
settings, default profiles and logon/logoff/startup/shutdown scripts, which is available in
C:\Windows\SYSVOL directory in all domain controllers within the Domain

What is NETLOGON folder?

Netlogon folder contain logon/logoff/startup/shutdown scripts which is inside the Sysvol folder

Mention what system state data contains?

System state data contains

 Contains startup files

 Registry
 Com + Registration Database
 Memory page file
 System files
 AD information
 SYSVOL Folder
 Cluster service information

Mention what is Kerberos?

Kerberos is an authentication protocol for network. It is built to offer strong authentication for
server/client applications by using secret-key cryptography.

How to check AD configured properly?

Check NTDS and SYSVOL shared folder at %systemroot%windows\.

How to transfer global catalog to another domain?

We can not transfer the global catalog; we can only remove the global catalog from one
server and enable other server as a global catalog.
How to configure global catalog server?

Go to Active directory site and services and expand till your desire server’s NTDS
settings and then right click; property and check mark the Global catalog check box.

What are the protocols used in replication?

RPC and SMTP. Predominantly RPC is used. SMTP is not used as its not
recommended for replication of Domain Partition.

What is default time for replication?

Ans: KCC (Knowledge Consistency Checker) is the algorithm and the two protocols
used are RPC over IP and SMTP over IP. They replicate in every 15 min.

What is the difference between the two types of replication i.e. intrasite and
intersite?
Intersite replication is for replication with in the site and Intra-site replication is for the
replication between the sites.

What is the DNS?

Ans: Domain Naming System.
Used to resolve the host name (FQDN) name to IP Address and Vice Versa

What is Domain Naming Service?

Ans: A domain naming service translates names to IP address and vice-verse. Since
humans can't remember numbers but names, this system was designed so that it helps
them recognize a service or computer by name but computers are able to talk to each
other using IP addresses.

What is forward look up?

Ans: When DNS server is queried for a name and it returns an IP address in reply, its
called forward lookup. For example when I type yahoo.com in the internet explorer, the
dns server returns an IP address to which a computer is able to connect.
What is reverse lookup?
Ans: When a DNS client queries a DNS server about an IP and the DNS server
responds by providing a name is known as reverse lookup in DNS.

What is DNS cache?

Ans: All the queries that a DNS client does, its results are saved by it in its temporary
storage so that next time when it has to find out about an IP or name, it would first look
into the cache. If its not there, then only it'll contact the DNS server. This temporary
storage is called DNS cache. It helps increase the speed of name resolution for
frequently queried names.

What are DNS forwarders?

Ans: When we setup DNS servers we want queries for internet names to be forwarded
to ISP DNS so that those can be resolved by the server to which they have been
forwarded and returned back to my DNS server. These servers to which the DNS
queries are forwarded to are called "DNS Forwarders".
Internet names are just one example, we could as well set up forwarders for a particular
domain name as well.

What is Primary DNS Server?

Ans: Its the Writable copy of the DNS where the DNS database is stored. All the
changes related to creation, deletion or modification of a DNS record or Zone is done on
this server.

What is secondary DNS?

Ans: Secondary DNS servers are read only replica of primary DNS servers. They are
created to distribute the load of primary DNS servers and to prevent the writable copy of
the DNS to the external world. Secondary DNS servers do the same job of carrying out
name resolution by using a read only copy of the primary DNS server database. They
get this copy of primary DNS server database using one of the DNS Zone transfer
methods. They are AXFR, IXFR and Full Zone Transfer.
What is Active Directory Integrated DNS?
Ans: Active Directory–integrated DNS enables Active Directory storage and replication
of DNS zone databases. Windows 2000 DNS server, the DNS server that is included
with Windows 2000 Server, accommodates storing zone data in Active Directory. When
you configure a computer as a DNS server, zones are usually stored as text files on
name servers — that is, all of the zones required by DNS are stored in a text file on the
server computer. These text files must be synchronized among DNS name servers by
using a system that requires a separate replication topology and schedule called a zone
transfer However, if you use Active Directory–integrated DNS when you configure a
domain controller as a DNS name server, zone data is stored as an Active Directory
object and is replicated as part of domain replication.

What is stand alone DNS Server?

Ans: A non AD integrated DNS can be termed as standalone DNS server. Its the only
DNS server in an environment.

What is SRV record?

Ans: The SRV RR identifies the host(s) that will support particular services. The MX RR
is a specialised example of service discovery while the SRV RR is a general purpose
RR to discover any service.

What is A record and PTR record?

Ans: "A" records are host records where a name is mapped to the IP address assigned
to it. A "PTR" records where IP addresses are mapped to a name.

What is a Stub Zone?

Ans: A stub zone is a copy of a zone that contains only those resource records
necessary to identify the authoritative Domain Name System (DNS) servers for that
zone. A stub zone is used to resolve names between separate DNS namespaces. This
type of resolution may be necessary when a corporate merger requires that the DNS
servers for two separate DNS namespaces resolve names for clients in both
namespaces.
A stub zone consists of:
The start of authority (SOA) resource record, name server (NS) resource records, and
the glue A resource records for the delegated zone.
What is the Start of Authority (SOA) record and is its use?
Ans: It contains information like the server name where the file was created (Primary
DNS Server name), it Maintains the serial number and increments it after every change
in the DNS Zone, stores Refresh interval and Retry interval time, maintains TTL of the
records as well. Read this article for more details.
@ IN SOA nameserver.place.dom. postmaster.place.dom. (
1 ; serial number
3600 ; refresh [1h]
600 ; retry [10m]
86400 ; expire [1d]
3600 ) ; min TTL [1h]

Explain about SRV, MX and CNAME records?

ANS: SRV records point a client to the servers which are hosting a service. For
example Active Directory Service. MX record points to the client to servers hosting mail
service. MX stands for Mail Exchanger. CNAME record is a alias record for a name that
already exists. Suppose there were two servers and both of them consolidated into one,
in that case one name becomes useless. But any application dependent on unused
name has to work, in that case we create an alias record which is the unused name
pointing to the name in use. Hence the application keeps functioning.

What is the use of relay agent?

A router drops the DHCP packet as its a broadcast packet. When we enable the relay
agent option on the router it then lets the DHCP Broadcast packets pass through.
Hence the relay agent helps in sending it over to the destined subnet.

What is the version Kerberos protocol?

Ans: We are using Kerberos V 5.0.

What is the use of DFS?

Ans: Distributed File System, It is used for the fault tolerance because it makes the
duplicate copy of every DFS root. Not only that the domain login process as well uses
DFS to find out the nearest DC to login.
Do you know about FRS?
Ans: File Replication Services.
Example: Replication of SYSVOL folder.

 What are sites? What are they used for?

Active directory sites, which consist of well-connected networks defined by IP subnets that help
define the physical structure of your AD, give you much better control over replication traffic
and authentication traffic than the control you get with Windows NT 4.0 domains.
Using Active Directory, the network and its objects are organized by constructs such as domains,
trees, forests, trust relationships, organizational units (OUs), and sites.

 What’s the difference between a site link’s schedule and interval?

Schedule enables you to list weekdays or hours when the site link is available for replication to
happen in the give interval. Interval is the re occurrence of the inter site replication in given
minutes. It ranges from 15 – 10,080 mins. The default interval is 180 mins.

 What is the KCC?

The KCC is a built-in process that runs on all domain controllers and generates replication
topology for the Active Directory forest. The KCC creates separate replication topologies
depending on whether replication is occurring within a site (intrasite) or between sites (intersite).
The KCC also dynamically adjusts the topology to accommodate new domain controllers,
domain controllers moved to and from sites, changing costs and schedules, and domain
controllers that are temporarily unavailable.