0
Active Directory
Active Directory is a set of networking services made by Microsoft. Questions about using and configuring Active Directory belong here.
849 Questions
Naming or addressing conventions in active directory are based on the?
LDAP (Lightweight Directory Access Protocol)
sounds like you read a question on your homework that had pictures below it
User
http://www.grossnationalhappiness.com/gnhIndex/resultGNHIndex.aspx
The Lightweight Directory Access Protocol, or LDAP is an application protocol for querying and modifying directory services running over TCP/IP.[1]
A directory is a set of objects with attributes organized in a logical and hierarchical manner. The most common example is the telephone directory, which consists of a series of names (either of persons or organizations) organized alphabetically, with each name having an address and phone number attached.
An LDAP directory tree often reflects various political, geographic, and/or organizational boundaries, depending on the model chosen. LDAP deployments today tend to use Domain name system (DNS) names for structuring the topmost levels of the hierarchy. Deeper inside the directory might appear entries representing people, organizational units, printers, documents, groups of people or anything else that represents a given tree entry (or multiple entries).
Its current version is LDAPv3, which is specified in a series of Internet Engineering Task Force (IETF) Standard Track Requests for comments (RFCs) as detailed in RFC 4510.
LDAP means Light-Weight Directory Access Protocol. It determines how an object in an Active directory should be named. LDAP (Lightweight Directory Access Protocol) is a proposed open standard for accessing global or local directory services over a network and/or the Internet. A directory, in this sense, is very much like a phone book. LDAP can handle other information, but at present it is typically used to associate names with phone numbers and email addresses. LDAP directories are designed to support a high volume of queries, but the data stored in the directory does not change very often. It works on port no. 389. LDAP is sometimes known as X.500 Lite. X.500 is an international standard for directories and full-featured, but it is also complex, requiring a lot of computing resources and the full OSI stack. LDAP, in contrast, can run easily on a PC and over TCP/IP. LDAP can access X.500 directories but does not support every capability of X.500
What is REPLMON?A: Replmon is the first tool you should use when troubleshooting Active Directory replication issues. As it is a graphical tool, replication issues are easy to see and somewhat easier to diagnose than using its command line counterparts. The purpose of this document is to guide you in how to use it, list some common replication errors and show some examples of when replication issues can stop other network installation actions.for more go to http://www.techtutorials.net/articles/replmon_howto_a.html
What is ADSIEDIT?A: ADSIEdit is a Microsoft Management Console (MMC) snap-in that acts as a low-level editor for Active Directory. It is a Graphical User Interface (GUI) tool. Network administrators can use it for common administrative tasks such as adding, deleting, and moving objects with a directory service. The attributes for each object can be edited or deleted by using this tool. ADSIEdit uses the ADSI application programming interfaces (APIs) to access Active Directory. The following are the required files for using this tool:
· ADSIEDIT.DLL
· ADSIEDIT.MSC
Regarding system requirements, a connection to an Active Directory environment and Microsoft Management Console (MMC) is necessary
What is NETDOM?A: NETDOM is a command-line tool that allows management of Windows domains and trust relationships. It is used for batch management of trusts, joining computers to domains, verifying trusts, and secure channelsA:
Enables administrators to manage Active Directory domains and trust relationships from the command prompt.
Netdom is a command-line tool that is built into Windows Server 2008. It is available if you have the Active Directory Domain Services (AD DS) server role installed. To use netdom, you must run the netdom command from an elevated command prompt. To open an elevated command prompt, click Start, right-click Command Prompt, and then click Run as administrator.
You can use netdom to:
Join a computer that runs Windows XP Professional or Windows Vista to a Windows Server 2008 or Windows Server 2003 or Windows 2000 or Windows NT 4.0 domain.
Provide an option to specify the organizational unit (OU) for the computer account.
Generate a random computer password for an initial Join operation.
Manage computer accounts for domain member workstations and member servers. Management operations include:
Add, Remove, Query.
An option to specify the OU for the computer account.
An option to move an existing computer account for a member workstation from one domain to another while maintaining the security descriptor on the computer account.
Establish one-way or two-way trust relationships between domains, including the following kinds of trust relationships:
From a Windows 2000 or Windows Server 2003 or Windows Server 2008 domain to a Windows NT 4.0 domain.
From a Windows 2000 or Windows Server 2003 or Windows Server 2008 domain to a Windows 2000 or Windows Server 2003 or Windows Server 2008 domain in another enterprise.
Between two Windows 2000 or Windows Server 2003 or Windows Server 2008 domains in an enterprise (a shortcut trust).
The Windows Server 2008 or Windows Server 2003 or Windows 2000 Server half of an interoperable Kerberos protocol realm.
Verify or reset the secure channel for the following configurations:
Member workstations and servers.
Backup domain controllers (BDCs) in a Windows NT 4.0 domain.
Specific Windows Server 2008 or Windows Server 2003 or Windows 2000 replicas.
Manage trust relationships between domains, including the following operations:
Enumerate trust relationships (direct and indirect).
View and change some attributes on a trust.
Syntax
Netdom uses the following general syntaxes:
NetDom
NetDom help http://technet.microsoft.com/en-us/library/cc772217.aspx
A Bridge head server is a domain controller that is used for intersite replication. This is the point of contact for a domain controller in another site. This passed replication traffic to a domain controller on another site. replication data is compressed and sent over IP or SMTP.
To designate a preferred bridgehead server
Open Active Directory Sites and Services -- In the console tree, right-click the domain controller that you want to make a preferred bridgehead server, and then click Properties -- On the General tab, click the intersite transport or transports for which this computer will be a preferred bridgehead server, and then click Add.
What technique is used to configure one security group as a member of another security group?
Group nesting ( i think not too sure tho )
You are installing an application that requires the Active Directory schema to be extended The?
Using the Active Directory Schema snap-in, add an attribute to the user account
property for Employer ID Code.
What is the difference between workgroup and domain?
A workgroup is 10 PCs or less, used for home or small business, each computer works independent, there is no centralized control of resources. A Domain is more than 10 computers, Microsoft recommends that you use a domain controller running a network operating system such a Windows Server 2003 to control network resources.
or
a domain provides centralized control
Can you get files back after you delete them?
its possible if you havent erased or formatted your drive
YES with undelete software. This can be down loaded from MajorGeeks.com or you can purchase software to do this. Find the actual file in the directory, right click on it and select "delete". A confirmation question may appear, click on yes, and it's gone. Actually, it isn't really gone, rather it goes into the "recycle folder" and sits there until it is blasted away by you later on.
What is a dns forwarder used for?
A forwarder is a Domain Name System (DNS) server on a network used to forward DNS queries for external DNS names to DNS servers outside of that network. You can also forward queries according to specific domain names using conditional forwarders.
A DNS server on a network is designated as a forwarder by having the other DNS servers in the network forward the queries they cannot resolve locally to that DNS server. By using a forwarder, you can manage name resolution for names outside of your network, such as names on the Internet, and improve the efficiency of name resolution for the computers in your network. For more information about forwarders and conditional forwarders
A is a group of one or more domain trees is called?
A is forest which consists of domain trees.The trree is defined in the following format
Trees are collections of one or more domains that allow global resource sharing. A tree may consist of a single domain or multiple domains in a contiguous namespace. Adding a domain to a tree becomes a child of the tree root domain. Domain will be called as parent domain to which child domain is attached. A child domain can also have its multiple child domains. Child domain uses the name followed by parent domain name and gets a unique Domain Name System (DNS).
For example, if tech.com is the root domain, you can create one or more Child domains to tech.com such as north.tech.com and or south.tech.com. These "children" may also have child domains created under them, such as sales.north.tech.com.
The domains in a tree have two-way, Kerberos transitive trust relationships. A Kerberos transitive trust simply means that if Domain A trusts Domain B and Domain B trusts Domain C, then Domain A trusts Domain C. Therefore, a domain joining a tree immediately has trust relationships established with every domain in the tree.
What is the difference between intersite and intrasite active directory replication?
Intrasite Replication
Intersite Replication
Push/Pull replication
Sending domain controller notifies destination DC about the changes and destination pull those changes from the sending domain
No notification. The schedule determines when to replicate.
Replication interval
Changes are replicated after a change has been made. (default time 15 seconds)
Changes are replicated after predefined schedule.
Type of Replication
Uncompressed replication.
Compressed replication
Replication Partners
Replication traffic is sent to the multiple replication partners.
Bridgehead server is responsible for replication with rest of the replication partners.
Replication Protocols
KCC (Knowledge Consistency Checker) creates replication topology.
IP/SMTP protocols are used for replication.
- Monitoring
- Amazon
- Performance Review
- Security
- Performance
- Latest News
- Performance Appraisal
- Partner
- Monitor
- Monitore
- Monitoring
- Amazon
What are advantages and disadvantages of perfection?
anOh pOh advantages and disadvantages of being perfectiionist?
Which is the command used to remove active directory from a domain controller?
follow this link.
http://support.microsoft.com/kb/216498
you can type dcpromo and follows instcution on screen to remove AD
What is ldp what is replmon what is adsiedit what is netdom what?
The Lightweight Directory Access Protocol, or LDAP is an application protocol for querying and modifying directory services running over TCP/IP.[1] A directory is a set of objects with attributes organized in a logical and hierarchical manner. The most common example is the telephone directory, which consists of a series of names (either of persons or organizations) organized alphabetically, with each name having an address and phone number attached. An LDAP directory tree often reflects various political, geographic, and/or organizational boundaries, depending on the model chosen. LDAP deployments today tend to use Domain name system (DNS) names for structuring the topmost levels of the hierarchy. Deeper inside the directory might appear entries representing people, organizational units, printers, documents, groups of people or anything else that represents a given tree entry (or multiple entries). Its current version is LDAPv3, which is specified in a series of Internet Engineering Task Force (IETF) Standard Track Requests for comments (RFCs) as detailed in RFC 4510. LDAP means Light-Weight Directory Access Protocol. It determines how an object in an Active directory should be named. LDAP (Lightweight Directory Access Protocol) is a proposed open standard for accessing global or local directory services over a network and/or the Internet. A directory, in this sense, is very much like a phone book. LDAP can handle other information, but at present it is typically used to associate names with phone numbers and email addresses. LDAP directories are designed to support a high volume of queries, but the data stored in the directory does not change very often. It works on port no. 389. LDAP is sometimes known as X.500 Lite. X.500 is an international standard for directories and full-featured, but it is also complex, requiring a lot of computing resources and the full OSI stack. LDAP, in contrast, can run easily on a PC and over TCP/IP. LDAP can access X.500 directories but does not support every capability of X.500
What is REPLMON?
A: Replmon is the first tool you should use when troubleshooting Active Directory replication issues. As it is a graphical tool, replication issues are easy to see and somewhat easier to diagnose than using its command line counterparts. The purpose of this document is to guide you in how to use it, list some common replication errors and show some examples of when replication issues can stop other network installation actions. for more go to http://www.techtutorials.net/articles/replmon_howto_a.html
What is ADSIEDIT?
A: ADSIEdit is a Microsoft Management Console (MMC) snap-in that acts as a low-level editor for Active Directory. It is a Graphical User Interface (GUI) tool. Network administrators can use it for common administrative tasks such as adding, deleting, and moving objects with a directory service. The attributes for each object can be edited or deleted by using this tool. ADSIEdit uses the ADSI application programming interfaces (APIs) to access Active Directory. The following are the required files for using this tool:
· ADSIEDIT.DLL ·
ADSIEDIT.MSC
Regarding system requirements, a connection to an Active Directory environment and Microsoft Management Console (MMC) is necessary
What is NETDOM?
A: NETDOM is a command-line tool that allows management of Windows domains and trust relationships. It is used for batch management of trusts, joining computers to domains, verifying trusts, and secure channels
A: Enables administrators to manage Active Directory domains and trust relationships from the command prompt. Netdom is a command-line tool that is built into Windows Server 2008. It is available if you have the Active Directory Domain Services (AD DS) server role installed. To use netdom, you must run the netdom command from an elevated command prompt. To open an elevated command prompt, click Start, right-click Command Prompt, and then click Run as administrator. You can use netdom to: Join a computer that runs Windows XP Professional or Windows Vista to a Windows Server 2008 or Windows Server 2003 or Windows 2000 or Windows NT 4.0 domain. Provide an option to specify the organizational unit (OU) for the computer account. Generate a random computer password for an initial Join operation. Manage computer accounts for domain member workstations and member servers. Management operations include: Add, Remove, Query. An option to specify the OU for the computer account. An option to move an existing computer account for a member workstation from one domain to another while maintaining the security descriptor on the computer account. Establish one-way or two-way trust relationships between domains, including the following kinds of trust relationships: From a Windows 2000 or Windows Server 2003 or Windows Server 2008 domain to a Windows NT 4.0 domain. From a Windows 2000 or Windows Server 2003 or Windows Server 2008 domain to a Windows 2000 or Windows Server 2003 or Windows Server 2008 domain in another enterprise. Between two Windows 2000 or Windows Server 2003 or Windows Server 2008 domains in an enterprise (a shortcut trust). The Windows Server 2008 or Windows Server 2003 or Windows 2000 Server half of an interoperable Kerberos protocol realm. Verify or reset the secure channel for the following configurations: Member workstations and servers. Backup domain controllers (BDCs) in a Windows NT 4.0 domain. Specific Windows Server 2008 or Windows Server 2003 or Windows 2000 replicas. Manage trust relationships between domains, including the following operations: Enumerate trust relationships (direct and indirect). View and change some attributes on a trust.
Syntax
Netdom uses the following general
syntaxes: NetDom
NetDom help
Explain the different between peer to peer and client server configuration?
In Peer to peer the machines work as a workgroup machines and can access each other and they process themselves but in client server model all the requests of clients are sent to server it processes the request and send the result to client
Step to implement to active directory integrated dns?
Active directory must be installed .
Go to start->run->administrative tools->dns
select forward lookup zones right click select ZONE and click on next->then select active directory integrated complete the process
