* About active Directory--Active Directory (AD) is a Microsoft product that consists of several services

that run on Windows Server to manage permissions and access to networked resources. Active
Directory stores data as objects. An object is a single element, such as a user, group, application or
device, such as a printer.

Roles of Exchange server--The major change in Exchange Server 2016 is server role. In Exchange
2013, there were three roles, Mailbox server role, Client Access server role and Edge Transport
server role. Exchange 2016 have just two server roles, Mailbox server role and Edge Transport
server role.

Exchange Roles--There are two types of roles, administrative roles and end-user roles: Administrative
roles: These roles contain permissions that can be assigned to administrators or specialist users using
role groups that manage a part of the Exchange organization, such as recipients, servers, or
databases.

DNS Port number--53

Diff. TCP & UDP--TCP is a connection-oriented protocol and UDP is a connectionless protocol. TCP
establishes a connection between a sender and receiver before data can be sent. UDP does not
establish a connection before sending data.

Ports for DHCP--68

Safe Mode & Safe mode with networking:Safe Mode with Networking starts Windows with the same set
of drivers and services as Safe Mode but also includes those necessary for the networking services to
function. Choose Safe Mode with Networking for the same reasons you'd chose Safe Mode but when
you do expect to need access to your network or the internet.

GPO--A Group Policy Object (GPO) is a virtual collection of policy settings. ... Group Policy settings
are contained in a GPO. A GPO can represent policy settings in the file system and in the Active
Directory. GPO settings are evaluated by clients using the hierarchical nature of Active Directory.

* DNS Records-A Records. A Records are the most basic type of DNS record and are used to point a
domain or subdomain to an IP address. Assigning a value to an A record is as simple as providing
your DNS management panel with an IP address to where the domain or subdomain should point and
a TTL.

* DNS Zones--A DNS zone is a portion of the DNS namespace that is managed by a specific
organization or administrator. A DNS zone is an administrative space which allows for more granular
control of DNS components, such as authoritative nameservers.
* DNS Queries--A DNS query (also known as a DNS request) is a demand for information sent from a user's computer
(DNS client) to a DNS server. ... An attempt to reach a domain, is actually a DNS client querying the DNS servers to get
the IP address.

* Work of SOA record--A start of authority (SOA) record is information stored in a domain name system
(DNS) zone about that zone and about other DNS records. A DNS zone is the part of a domain for
which an individual DNS server is responsible.

* How to troubleshoot, if a user is unable to login to a particular computer connected in the network?
* How to provide access to new users in domain environment to 7 out of 10 computers?--

* Group Catalog-- A Global Catalog server is a domain controller that stores copies of all Active
Directory objects in the forest. It stores a complete copy of all objects in the directory of your domain
and a partial copy of all objects of all other forest domains.

* Domain Controller--A domain controller is the server running Active Directory; Domain controllers are typically
referred to as DC. Domain controller is a server based on MS windows Server 200X which is responsible for allowing host
access to domain resources. A Domain controller authenticates the users and the computers to join the domain

1. What is the FSMO role? (Or what are Single Master Operations / Flexible Single Master Operations /
Operations Master Role / SMO / OMR?)

2. What are the forest specific FSMO roles and domain specific roles?--Active
Directory has five
FSMO roles, two of which are enterprise-level (i.e., one per forest) and three of which are
domain-level (i.e., one per domain). The enterprise-level FSMO roles are called the
Schema Master and the Domain Naming Master. The domain-level FSMO roles are called
the Primary Domain Controller Emulator, the Relative Identifier Master, and the
Infrastructure Master.

3. Which FSMO role is contacted by default when you create a new Group Policy using GPMC console?
PDC emulator
4. Rid Master--The RID Master - (Relative ID) This FSMO role owner is the single DC responsible
for processing RID Pool requests from all DCs within a given domain. It is also responsible for moving
an object from one domain to another during an interdomain object move.

5. Ports of AD:LDAP: port 389 UDP.

● DNS: port 53 TCP, UDP.
6. Mention Which Is The Default Protocol Used In Directory Services?--LDAP

7. LDAP--The Lightweight Directory Access Protocol is an open, vendor-neutral, industry standard application
protocol for accessing and maintaining distributed directory information services over an Internet Protocol network.
8. Minimum Requirement For Installing Ad?--1 GB minimum of hard disk space for installing the
software. 256 MB of free disk space is required for job result directory. 256 MB of free disk space is
required for log directory. All Windows-compatible processors are supported.

9. Forest & Tree Definition--A tree is a collection of one or more domains and domain trees in a
contiguous namespace, and is linked in a transitive trust hierarchy. At the top of the structure is the
forest. A forest is a collection of trees that share a common global catalog, directory schema, logical
structure, and directory configuration.

10. Mention What Is The Difference Between Domain Admin Groups And Enterprise Admins Group In Ad?--
Enterprise Admins group is a group that appears only in the forest root domain and members of
this group have full administrative control on all domains that are in your forest. Domain Admins
group is group that is present in each domain. Members of this group have a full administrative
control on the domain

11. Port Numbers used in AD --port 445

12. Protocol for AD Authentication--LDAP (Lightweight Directory Access Protocol) is an open and
cross platform protocol used for directory services authentication. LDAP provides the communication
language that applications use to communicate with other directory services servers.

13. What do you understand by Garbage Collection? Explain.--Garbage collection is a process that is
designed to free space within AD database. This process runs on every DC with a default lifetime
interval of 12 hrs(can be changed by modifying garbagecollperiod attribute in NTDS) When the object is
deleted ,it is not removed actually.

14. Difference b/w OU & Groups :OUs contain user objects, groups have a list of user objects. You
put a user in a group to control that user's access to resources. You put a user in an OU to control
who has administrative authority over that user.

15. Scopes of Groups in AD--There are three group scopes: universal, global, and domain local.
Each group scope defines the possible members a group can have and where the group's
permissions can be applied within the domain.

16. AD Database Location--The Active Directory database is made up of a single file named ntds.
dit. By default, it is stored in the %SYSTEMROOT%\NTDS folder.
17. NTDS Folder --%systemroot%\ntds folder.
18. Domain Controller:On Microsoft Servers, a domain controller is a server computer that responds to security
authentication requests within a Windows domain. A domain is a concept introduced in Windows NT whereby a user
may be granted access to a number of computer resources with the use of a single username and password
combination.

19. Windows Server :Microsoft Windows Server OS (operating system) is a series of enterprise-
class server operating systems designed to share services with multiple users and provide extensive
administrative control of data storage, applications and corporate networks.
20. Different Version Of Windows Server?--2008,R2,2012,,R2,2016,2019

21. What is DNS ? --The Domain Name System is a hierarchical and decentralized naming system for
computers, services, or other resources connected to the Internet or a private network. It associates various
information with domain names assigned to each of the participating entities. Port Number for DNS is 53

22. What is DHCP--The Dynamic Host Configuration Protocol is a network management protocol used on
Internet Protocol networks whereby a DHCP server dynamically assigns an IP address and other network
configuration parameters to each device on a network so they can communicate with other IP networks.
--Port number of DHCP--68,
--Scope of DHCP--A DHCP scope is a valid range of IP addresses that are available for assignment or
lease to client computers on a particular subnet. In a DHCP server, a scope is configured to determine
the address pool of IPs that the server can provide to DHCP clients. Scopes determine which IP
addresses are provided to the clients.

23. What is a Forward Lookup?--Forward DNS lookup is using an Internet domain name to find an IP address.

24. What is Reverse Lookup?--Reverse DNS lookup is using an Internet IP address to find a domain name. ...
An Internet facility that lets you do either forward or reverse DNS lookup yourself is called nslookup.

25. What are the diff. DNS Roles?--3 types of DNS queries—recursive, iterative, and non-recursive. 3
types of DNS servers—DNS Resolver, DNS Root Server and Authoritative Name Server. 10 types of
common DNS records—including A, AAAA, CNAME, MX and NS.

26. What is a Zone?--A DNS zone is any distinct, contiguous portion of the domain name space in the Domain
Name System for which administrative responsibility has been delegated to a single manager.

27. What is the main purpose of SRV records ?--SRV (Service) records are custom DNS records.
They are used to establish connections between a service and a hostname. When an application
needs to find the location of a specific service, it will search for a related SRV record.

28. Primary And Stud zones--Primary Zone:- DNS server hosts is a primary zone and it
stores the master copy of zone data in a local file or in AD DS.
--Stub Zone:- This DNS server must have network access to the remote DNS server to copy the
authoritative name server information about the zone.
29. What is Caching Only Server?--A caching-only server saves data in a cache file until the data
expires. Expiration occurs based on a ``time-to-live'' field attached to data received from another
server. A caching-only server answers data from its cache if it has the information, or requests it
from authoritative servers if it does not.

30. TCP / IP- Difference --The difference is that TCP is responsible for the data delivery of a packet
and IP is responsible for the logical addressing. In other words, IP obtains the address and TCP
guarantees delivery of data to that address.

31. Layers of TCP --The TCP/IP model consists of five layers: the application layer, transport layer, network
layer, data link layer and physical layer.

32. Differences b/w private IP and Public IP --A public IP address is an IP address that can be
accessed over the Internet. ... Private IP address, on the other hand, is used to assign computers
within your private space without letting them directly expose to the Internet.

33. Services for windows updates

34. What is an Exchange Server?--Microsoft Exchange Server is a mail server and calendaring server
developed by Microsoft. It runs exclusively on Windows Server operating systems.
35. CAS --CAS is a server for authenticating users and providing single sign on across disparate
clients. CAS can use Active Directory as a source for authentications.

36. Auto Discovery process --Exchange Autodiscover is a web service that helps Microsoft Exchange
administrators configure user profile settings for clients running Outlook 2007, Outlook 2010, or Outlook
2013 and mobile phones running Windows Mobile 6.1 or later.

37. Mailbox deleted recovery scenario--

1. Log in to the Exchange server and open "Exchange Management Console."
2. Expand "Recipient Configuration" and click "Disconnected Mailbox." This shows all the mailboxes marked for
deletion.
3. Right-click the disconnected mailbox account, click "Reconnect" and then select the user associated with the
mailbox. Click "Apply," then "OK" to close.

38. Why time sync. Is imp in domain environment--This is because time synchronization issues lead to
Kerberos authentication failures once the maximum tolerance for computer clock synchronization (By
default is five (5) minutes) is exceeded

39. Use of Edge Role--Edge transport server is an Exchange Server 2010 role that helps route
Internet email as well as protect the Exchange organization from viruses and spam. ... Message
protection and security are handled by various agents that run on the edge transport server and act on
email messages as they are processed.
40. Loopback address--A loopback address is a type of IP address that is used to test the
communication or transportation medium on a local network card and/or for testing network
applications. Data packets sent on a loopback address are re-routed back to the originating node
without any alteration or modification.

41. DORA :sequence of messages which is exchanged between the DHCP Server and Client. DORA
stands for mentioned messages :Discover,Offer,Request,Acknowledgment.

[07/11/2019, 6:41 pm] Shwetha Contrix HR Dehli: .3 domain..with 2 child domain

Major role of fsmo- pdc emulator--is necessary to synchronize time in a Microsoft Active Directory.
Windows includes the W32Time (Windows Time service) that is required by the Kerberos
authentication protocol.

• Exchange 2007/2010/2013: Roles – function of each role, Mail flow – outbound –

architecture , Exchange 2016
https://www.youtube.com/watch?v=7X4vDoWHcyU - Server Roles
https://www.youtube.com/watch?v=ab-X4VQnb5Q - Mailflow
• Outlook troubleshooting.
https://docs.microsoft.com/en-us/exchange/troubleshoot/outlook-crashes/crash-issues
https://www.windowscentral.com/how-troubleshoot-and-fix-common-problems-outlook
• What is Active Directory and how to install AD?
https://www.youtube.com/watch?v=4fVi0_iFEJ4
• What is domain, forest, tree, OU and Global Catalog?
https://www.youtube.com/watch?v=v0G2u_XUrwk
https://www.youtube.com/watch?v=Whh3kPS0FdA
• FSMO Roles
https://www.youtube.com/watch?v=pKmo73YC0PQ
• Partitions of Active Directory
https://www.youtube.com/watch?v=3uhLU0KafX0
• Physical and logical components of AD
https://www.youtube.com/watch?v=cCvZV0mIl34
• What is DHCP & DORA Process?
https://www.youtube.com/watch?v=saF9qQZAOUM
• What is Public IP, Private IP, Classes of IP, Loopback Address?
https://www.youtube.com/watch?v=AslJxRKgyeo
• What is NsLookup & APIPA?--nslookup , is the name of a program that lets an Internet server
administrator or any computer user enter a host name (for example, "Computer Glossary, Computer
Terms") and find out the corresponding IP address. ... Apipa, is short for Automatic Private IP
Addressing.
• What is DNS and what is Iterative and Recursive query?--Recursive and Iterative DNS Queries. ...
Recursion in DNS (Domain Name System) is the process of a DNS Server, querying other DNS
Server on behalf of original DNS Client. Iteration is the process of a DNS Client, making repeated DNS
(Domain Name System) Queries to different DNS Servers for name resolution.
https://www.youtube.com/watch?v=pkvaTUl5F-Y

* Authenticators in AD environment----------------
FW/DW roles--