Best and Most asked Windows Active Directory Interview Questions Answers
Q. What is Active Directory?
Answer – Active Directory is database which stores network user data, computer information, printers as well as the other network objects. AD allows to make policies to manage all the network objects.
Q.What is AD Domain?
Answer – AD domains a logical group of network objects i.e users, PCs or devices and share the same AD database. AD domain provide authorization and authentication for all network objects and the server which respond for these request is called Domain Controller (DC).
Q.Name default protocol used in directory services?
Answer – LDAP ( Lightweight Directory Access Protocol).
What is Tree?
Answer – Tree is a hierarchical arrangement of windows Domain that share a contiguous name space.
Q.What is Forest?
Answer – Forest is collection of multiple domain tree. At its highest level, a forest is a single instance of Active Directory. Therefore, a forest is synonymous with Active Directory, meaning that the set of all directory partitions in a particular Active Directory instance (which includes all domain, configuration, schema and optional application information) makes up a forest.
Q.What is Active Directory Schema?
Answer – Schema is component of AD and it stores in the Directory. Schema defines all the objects and attributes that the directory service uses to store data. Schema also defines the rules that govern the structure of objects and structure with the content of the directory itself.
Q.What is KCC?
Answer – KCC is knowledge consistency checker. The KCC is Microsoft windows built-in process and component that runs on all domain controllers and generates replication topology for the AD forest. The KCC creates separate replication topologies depending on whether replication is occurring within a site (intrasite) or between sites (intersite). You can disable KCC’s automatic generation of intra-site/inter-site topology management.
Q.Explain TOMBSTONE lifetime (TSL)?
Answer – When we remove any object in AD, removed object is stored in special object called TOMBSTONE. How long AD will retain removed object in TOMBSTONE is called TCL or TOMBSTONE lifetime. The basic purpose of tombstone is to keep all domain controllers in sync. The default value of the tombstone lifetime is 180 days for forests set to the windows Server 2003, windows Server 2008, windows Server 2008 R2, windows Server 2012 and windows 2012 R2 function level but anyone can change it by using ADSIEdit or by suing the set-ADObject window powershell cmdlet..
Q.what are the basic components of AD?
Answer – The AD components helps a Administrators in executing various tasks i.e. authorizing the users, certifying the users, network management, etc. Basic categoy of Components are – 1) Logical Structure: Trees, Forest, Domains and OU 2) Physical Structures: Domain controller and Sites.
Q.what is Kerberos?
Answer – Kerberos is an network authentication protocol.
Q.What is OU?
Answer -OS is smallest unit and container to which an administrator can assign group policy or account permission. This can hold users, groups and computers.
Q.What is Group Policy?
Answer – AD Group Policy allows to implement or push configuration on users, computers and objects. GP settings contained in GPOs which are linked to AD containers i.e sites, domains or OU.
Q.What is SYSVOL folder?
Answer -SYSVOl refers to System volume folder. Sysvol is group of files and folders that stores on the each domain controller in the domain network. keeps the server
Answer -FSMO refers to Flexible Single Master Operation Roles. Active Directory has five special roles which are important for the smooth running of AD as a multi-master system.
a) Forest Wide Roles:
b) Domain Wide Roles:
Relative ID (RID) Master
Answer – In the network, a Domain Controller which keeps copy of all AD objects called Global Catalog.
Q.Important Commands to Manage Active Directory-
Answer – Click here to read all important AD commands.