Active Directory L2 and L3 Interview Question and Answer

Article Index

22) What is NTDS.DIT and EDB.CHK? And why it’s used in active directory?

The NTDS.DIT is THE Active Directory database. This is used to store ALL active directory-specific information. The EDB.CHK file is the checkpoint file used when backing up the Active Directory database (this is very essential specially for efficient recovery of the database

 

23) What’s the difference between LDIFDE and CSVDE? Usage considerations?

CSVDE - Comma Separated Value Data Exchange, CSVDE is a command that can be used to import and export object within AD

LDIFDE - LDAP Data Interchange Format (LDIF) Data Exchange, LDIFDE can be used to edit and delete existing AD objects (not just users), while CSVDE can only import and export objects

24) How SYSVOL replicated and what is default location?

The SYSVOL shared folder stores the server copy of domain public files, like logon scripts and Group Policy object files under windows installation directory. The contents of the SYSVOL folder are replicated to all domain controllers in the domain. It’s must be located on an NTFS Volume.

Windows 2000 Server and Windows Server 2003 use File Replication Service (FRS) to

replicate SYSVOL, whereas Windows Server 2008 uses the newer DFS Replication service when in domains that use the Windows Server 2008 domain functional level, and FRS for domains that run older domain functional levels.

25) What are the Group Policy Processing Order ?

Group Policy is processed in the following order.

Local - The local Group Policy stored within Windows Server locally is processed first.

Site - Any GPOs that have been linked to the Active Directory Site are applied next.

Domain - Any GPOs that have been linked to the Active Directory Domain are applied next.

Organizational unit (OU) - Any GPOs that have been linked to the Active Directory Organizational Unit (OU) are applied next.

26) What is the step to change the forest functional level ?

To changing or upgrading the forest functional level, do it in below order.

  1. Check the application/software in your network environment, which support the upgraded functional level or not?

  2. Extend your schema (Run the command adprep /forestprep).

  3. Check all DC which is supported to the upgraded functional level or not?

  4. Raise your domain function level accordingly.

  5. Raise your forest functional level.

27) Few important commands

nltest /dclist:contoso.com – To check all DC in domain

nltest /PARENTDOMAIN – To known the parent domain of this machine