VMware and Windows Interview Questions: Part 4

  1. Can I deploy non-MSI software with GPO?
    • Yes, you can. Apart from MSI packages, GPO also supports deployment of ZAP files
  2. How frequently is the client policy refreshed ?
    • By default, group policy is updated in the background every 90 minutes.You can specify an update rate from 0 to 44,640 minutes (31 days). If you select 0 minutes, the computer tries to update Group Policy every 7 seconds. However, because updates might interfere with users' work and increase network traffic, very short update intervals are not appropriate for most installations.
    • The refresh interval can be configured manually using group policy - GPO --> Computer Configuration --> Administrative Templates --> System --> Group Policy --> Set Group Policy refresh interval for Computers
  3. How does the Group Policy ‘No Override’ and ‘Block Inheritance’ work ?
    • No Override - This prevents child containers from overriding policies set at higher levels
    • Block Inheritance - Stops containers inheriting policies from parent containers
  4. Why can’t you restore a DC that was backed up 4 months ago?
    • The reason is 'Tombstoning' . If a domain controller was restored from a backup that was older than the tombstone lifetime, then the domain controller might contain deleted objects, and because the tombstones are deleted from the replica, the deletion event does not replicate into the restored domain controller. This is why Backup does not allow you to restore data from a backup that is older than the tombstone lifetime.
    • More details about tombstoning - http://www.systemadminguide.in/2013/11/active-directory-tombstone.html
  5. I want to look at the RID allocation table for a DC. What do I do?
    • Dcdiag.exe /TEST:RidManager /v | find /i "Available RID Pool for the Domain"
  6. Can you connect Active Directory to other 3rd-party Directory Services? Name a few options.
    • Microsoft Identity Integration Server (MIIS)
    • Forefront Identity Manager (FIM)
  7. Can you explain Netlogon services ?
    • The Netlogon services help the client servers to connect to the Domain
  8. What is urgent replication in AD ?
    • Normally, a change in a DC (say DC1) is notified to its replication partner(say DC2) after 15 seconds. Once the change is notified, DC2 makes the change in its database. DC2 then notifies its replication partner after another 15 seconds. If it's a multi-site setup, the 15 seconds delay would cost a big delay for the final recipient DC. Suppose if the change was an 'Account Lock Out', this big delay will be a pain. Here comes Urgent notification. Urgent notification bypasses the change notification delay and processes the change immediately across all DCs.
  9. How to migrate AD location to another ? (from C:\AD to D:\AD)
    • First, stop the Active Directory Domain Services
    • Open Command Prompt with Admin privilege
    • Run ntdsutil tool
    • In the ntdsutil prompt, type Activate instance ntds
    • Then type files
    • In the next prompt (file maintenance), type move db to D:\AD
    • Once the database is moved, move the logs using the command move logs to D:\AD
    • Once completed, start the Active Directory Domain Services
  10. What is the schema version of Windows 2008 R2 ?
    • Windows 2003 R2 - 31
    • Windows 2008       - 44
    • Windows 2008 R2 - 47
    • Windows 2012       - 56
    • Windows 2012 R2 - 69

Comments

Post a Comment

Popular posts from this blog

VMware and Windows Interview Questions: Part 2

VMware and Windows Interview Questions: Part 3

Active Directory FSMO Roles