Windows Server 2003 Interview Preparation Guide

Download PDF

Start Of Authority(SOA) Records indicate that NameServer is authoritative server for the domain.

Exclusion Range is used to reserve a bank of ip addresses so computer that require only static ip address such as DNS servers, legacy printers can use reserved assigned addresses .These are not assigned by DHCP server.

A virtual server can have one home directory and any number of other publishing directories. These other publishing directories are referred to as virtual directories.

AD- uses LDAP Udp 389 and
UDP 135,
DNS- 53,
DHCP-67,68,
HTTP-80,
HTTPS-,SMTP-25,
POP3-110 &
FTP-20,21.

The FTP server is to accept incoming FTP requests. Copy or move the files that you want to make available to the FTP publishing folder for access. The default folder is drive:InetpubFtproot, where drive is the drive on which IIS is installed
In the client-server model, a file server is a computer responsible for the central storage and management of data files so that other computers on the same network can access the files. A file server allows users to share information over a network without having to physically transfer files by floppy diskette or some other external storage device.

The group policy setting ‘Automatically publish new printers in AD’ when disabled, prevents the Add Printer Wizard from automatically publishing shared printers. In addition, Group policy setting ‘Allow printers to be published’ should be enabled(default) for printers to be published on that computers.

The different types of backup methodologies are:

► Normal Backup:-This is default backup in which all files are backed up even if it was backed up before.
► Incremental Backup:-In this type of backup only the files that haven’t been backed up are taken care of or backed up.
► Differential Backup:-This backup is similar to incremental backup because it does not take backup of those files backed up by normal
backup but different from incremental because it will take backup of differentially backed up files at next time of differential backup.
► Copy Backup:-This type of backup is which is used during system state backup and asr backup. It is used in special conditions only.
► Daily Backup:-This type of backup takes backup of only those files that are created on that particular day.
► System Backup:-This type of backup takes backup of files namely, Boot file, COM+Class Registry, Registry. But in server it takes
backup of ads.
► ASR Backup:-This type of backup takes backup of entire boot partition including OS and user data. This should be the last
troubleshooting method to recover an os from disaster.

Disk Quota is a feature or service of NTFS which helps to restrict or manage the disk usage from the normal user. It can be implemented per user user per volume basis.By default it is disabled. Administrative privilege is required to perform the task. In 2003server we can control only drive but in 2008server we can establish quota in folder level.

Navigate domain user properties->give path in profile tab in the format \servernamesharename.

Start->Run->DCPROMO

The Group Policy Object Editor and the Software Restriction Policies extension of Group Policy Object Editor are used to restrict running certain applications on a machine. For Windows XP computers that are not participating in a domain, you can use the Local Security Settings snap-in to access Software Restriction Policies.

The sysvol folder stores the server’s copy of the domain’s public files. The contents such as group policy, users etc of the sysvol folder are replicated to all domain controllers in the domain. The sysvol folder must be located on an NTFS volume

If your DNS server fails, you can’t resolve host names. You can’t resolve domain controller IP Address.

In run use the command ->dcpromo /forceremoval

Microsoft Windows 2000 uses the Setpwd utility to reset the DS Restore Mode password. In Microsoft Windows Server 2003, that functionality has been integrated into the NTDSUTIL tool. Note that you cannot use the procedure if the target server is running in DSRM.

You can backup Active Directory by using the NTBACKUP tool that comes built-in with Windows Server 2003. Backing up the Active Directory is done on one or more of your Active Directory domain Controllers, and is performed by backing up the System State on those servers. The System State contains the local Registry, COM+ Class Registration Database, the System Boot Files, certificates from Certificate Server (if it’s installed), Cluster database (if it’s installed), NTDS.DIT, and the SYSVOL folder. the tombstone is 60 days (Windows 2000/2003 DCs), or 180 days (Windows Server 2003 SP1 DCs).

You can use one of the three methods to restore Active Directory from backup media: Primary Restore, Normal Restore (i.e. Non Authoritative), and Authoritative Restore.

Primary Restore: This method rebuilds the first domain controller in a domain when there is no other way to rebuild the domain. Perform a primary restore only when all the domain controllers in the domain are lost, and you want to rebuild the domain from the backup. Members of the Administrators group can perform the primary restore on local computer. On a domain controller, only members of the Domain Admins group can perform this restore.

Normal Restore: This method reinstates the Active Directory data to the state before the backup, and then updates the data through the normal replication process. Perform a normal restore for a single domain controller to a previously known good state.

Authoritative Restore: You perform this method in tandem with a normal restore. An authoritative restore marks specific data as current and prevents the replication from overwriting that data. The authoritative data is then replicated through the domain. Perform an authoritative restore for individual object in a domain that has multiple domain controllers. When you perform an authoritative restore, you lose all changes to the restore object that occurred after the backup. You need to use the NTDSUTIL command line utility to perform an authoritative restore. You need to use it in order to mark Active Directory objects as authoritative, so that they receive a higher version recently changed data on other domain controllers does not overwrite System State data during replication.

1. We can give easy name resolution to your clients.
2. By creating AD- integrated zone you can also trace hacker and spammer by creating reverse zone.
3. AD integrated zoned all for incremental zone transfers which on transfer changes and not the entire zone. This reduces zone transfer traffic.
4. AD Integrated zones support both secure and dynamic updates.
5. AD integrated zones are stored as part of the active directory and support domain-wide or forest-wide replication through application partitions in AD.

Reservation using mac address in DHCP.

Requests are on UDP port 68, Server replies on UDP 67.

Using hidden shares on your network is useful if you do not want a shared folder or drive on the network to be easily accessible. Hidden shares can add another layer of protection for shared files against unauthorized people connecting to your network. Using hidden shares helps eliminate the chance for people to guess your password (or be logged into an authorized Windows account) and then receive access to the shared resource.

Windows automatically shares hard drives by default for administrative purposes. They are hidden shares named with the drive letter followed by a dollar sign (e.g., C$) and commented as Default Share. Thus, certain networking and administrator functions and applications can work properly. Not that preventing Windows from creating these hidden or administrative shares by default each time your computer boots up takes a registry change.

The default refresh interval for policies is 90 minutes. The default refresh interval for domain controllers is 5 minutes. Group policy object’s group policy refresh intervals may be changed in the group policy object.

Group policies are used by administrators to configure and control user environment settings. Group Policy Objects (GPOs) are used to configure group policies which are applied to sites, domains, and organizational units (OUs). Group policy may be blocked or set so it cannot be overridden. The default is for subobjects to inherit the policy of their parents. There is a maximum of 1000 applicable group policies.

Windows 2003 Active Directory data store, the actual database file, is %SystemRoot%ntdsNTDS.DIT. The ntds.dit file is the heart of Active Directory including user accounts. Active Directory’s database engine is the Extensible Storage Engine ( ESE ) which is based on the Jet database used by Exchange 5.5 and WINS. The ESE has the capability to grow to 16 terabytes which would be large enough for 10 million objects.Only the Jet database can manipulate information within the AD datastore.

A Windows-based computer that is configured to use DHCP can automatically assign itself an Internet Protocol (IP) address if a DHCP server is not available or does not exist. The Internet Assigned Numbers Authority (IANA) has reserved 169.254.0.0-169.254.255.255 for Automatic Private IP Addressing(APIPA).

The Backup directory in the %SystemRoot%System32DHCP folder contains backup information for the DHCP configuration and the DHCP database. By default, the DHCP database is backed up every 60 minutes automatically. To manually back up the DHCP database at any time, follow these steps:

1. In the DHCP console, right-click the server you want to back up, and then click Backup.

2. In the Browse For Folder dialog box, select the folder that will contain the backup DHCP database, and then click OK.