Windows Active Directory (AD) Interview Questions & Answers

Article Index

9) What is Site ?

One or more well-connected (highly reliable and fast) Transmission Control Protocol/Internet Protocol (TCP/IP) subnets. A site allows administrators to con-figure Active Directory access and replication topology quickly and easily to take advantage of the physical network. When users log on, Active Directory clients locate Active Directory servers in the same site as the user. See also subnet; well-connected.

10) What is Organizational unit (OU) ?

A container object in Active Directory used to separate computers, users, and other resources into logical units. An organizational unit is the smallest entity to which Group Policy can be linked. It is also the smallest scope to which administration authority can be delegated.

11) What is Schema ?

A description of the object classes and attributes stored in Active Directory. For each object class, the schema defines what attributes an object class must have, what additional attributes it may have, and what object class can be its parent. An Active Directory schema can be updated dynamically. For example, an application can extend the schema with new attributes and classes and use the extensions immediately. Schema updates are accomplished by creating or modifying the schema objects stored in Active Directory. Like every object in Active Directory, a schema object has an access control list (ACL) so that only authorized users can alter the schema.

12) What is LDAP ?

LDAP is a communication protocol designed for use on TCP/IP networks. LDAP defines how a directory client can access a directory server and how the client can perform directory operations and share directory data. Active Directory Lightweight Directory Service (AD LDS) provides directory services for directory-enabled applications. AD LDS does not require or rely on Active Directory domains or forests. AD LDS was previously known as Active Directory Application Mode (ADAM).

13) What is Single-master replication ?

A type of replication where one domain controller is the master domain controller and operations are not permitted to occur at different places in a network at the same time. In Active Directory, one or more domain controllers can be assigned to perform single-master replication. Operations master roles are special roles assigned to one or more domain controllers in a domain to perform single-master replication. See also operations master role.

14) What is multi master replication ?

A replication model in which any domain controller accepts and replicates directory changes to any other domain controller. This differs from other replication models in which one computer stores the single modifiable copy of the directory and other computers store backup copies. See also domain controller; replication.

15) What is FSMO role ?

Flexible Single-Master Operation role. Mechanism used by Active Directory to prevent update conflicts in multi master deployments. Some objects are updated in a single-master mode even if the deployment is multi master, which is very similar to the old concept of a Primary Domain Controller (PDC) in Windows NT domains. There are five FSMO Roles in an Active Directory deployment, but only the PDC-emulator role affects Identity Synchronization for Windows. Because password updates are replicated immediately only to the Active Directory domain controls with the PDC emulator role, Identity Synchronization for Windows use this domain controller for synchronization.

16) What is Operations Master ?

A domain controller that has been assigned one or more special roles in an Active Directory domain. The domain controllers assigned these roles perform operations that are single master (not permitted to occur at different places on the network at the same time). Examples of these operations include resource identifier allocation, schema modification, primary domain controller (PDC) election, and certain infrastructure changes. The domain controller that controls the particular operation owns the operations master role for that operation. The ownership of these operations master roles can be transferred to other domain controllers. Also known as flexible single-master operations (FSMO).