When you place a New Domain Controller what is the Important step you do
to ensure the clients authentication happen quickly?
Need to Associate all
the Subnets of clients in the Site
What are all the FSMO Roles?
Two Forest Wide Roles
Schema master
Domain naming master
Three Domain Wide Roles
RID
master
PDC
emulator
Infrastructure master
Explain WINS?
WINS Stands for Windows
internet Naming System
What is Journal Wrap Error?
Explain DNS?
Domain Name System
What is Host Record?
Host Records Consist of
netbios or service name pointed to an Internet protocol Address
What is the Record we Create for IP addresses?
PTR Record
What is the Record you create for Mail Servers?
MX Record
What Setting you enable a User to access the other Forest?
In Group Policy Cross
Forest User Policy and Roaming User Profiles
How do Monitor Replication?
repadmin /showreps
repadmin /queue
repadmin /replsummary
repadmin /showrepl * /csv Replication.csv
How do force Replication?
repadmin /syncall /APed
How do force Replication?
repadmin /syncall /APed
In Sites and services - connection object - NTDS Settings - Replicate now
What is loop back processing?
Group Policy loopback
feature to apply Group Policy Objects (GPOs) that depend only on which computer
the user logs on to.
Explain Merge and Replace Settings?
Merge Mode
In this mode, when the
user logs on, the user's list of GPOs is typically gathered by using the
GetGPOList function. The GetGPOList function is then called again by using the
computer's location in Active Directory. The list of GPOs for the computer is
then added to the end of the GPOs for the user. This causes the computer's GPOs
to have higher precedence than the user's GPOs. In this example, the list of
GPOs for the computer is added to the user's list.
Replace Mode
In this mode, the user's
list of GPOs is not gathered. Only the list of GPOs based on the computer
object is used.
In What order Group Policies are applied
Local Policy
Site
Domain
Organisational Unit
Explain DNS Zones
Primary
Secondary
Stub Zone
Active Directory
Integrated
Group Policy refresh interval
90 Mins
How you force a group policy to a user?
gpupdate /force
How do you define SPN ?
By Set SPN Command
When you seize a FSMO Role?
When a Domain Controller
holding any one or more of FSMO Role holder is went offline or failed to
connect with the domain due to hardware issues, We need to seize the FSMO Role
to a Domain Controller which running.
What is C Name Record?
Canonical Name
Record
What are all the diffrences in Records?
The A record maps a name to one or more IP addresses, when the IP are known and stable.
The CNAME record
maps a name to another name. It should only be used when there are no other
records on that name.
The ALIAS record
maps a name to another name, but in turns it can coexist with other records on
that name.
The URL record
redirects the name to the target name using the HTTP 301 status code.
What is SPN?
Service Principal Name
How to Change the DSRM Password of all the Domain Controller in the Domain with the same password???
Beginning with
hotfix KB961320 on Windows Server 2008, you now
have the option to synchronize the DSRM password on a DC with a specific domain
account. You must do every time the password is changed; it does not create an
automatic sync partnership.
1. Create a standard
domain user account and set it with a complex password. It does not need to be
a member of any special groups or the Domain Admins group.
2. Install the hotfix on
your DC and restart.
3. Logon to the DC
normally.
4. In an elevated CMD
prompt where you have logged on as a Domain Admin, run:
NTDSUTIL SET DSRM
PASSWORD SYNC FROM DOMAIN ACCOUNT <your user here> Q Q
Please check the below
link for more information
http://blogs.technet.com/b/askds/archive/2009/03/11/ds-restore-mode-password-maintenance.aspx
What tool you use to view AD Partitions?
ADSI Edit
Explain the Client Login Process?
What is Server Core Edition
The Server Core option
is a new minimal installation option that is available when you are deploying
the Standard, Enterprise, or Datacenter edition of Windows Server 20081. Server Core provides you with a minimal
installation of Windows Server 2008 that supports installing only certain
server role
Table 1-2 GUI Applications
Available in a Server Core Installation
That's a pretty short
list! Now here's a list of user interface elements that are not included in
Server Core:
- The Windows Explorer desktop shell (Explorer.exe) and
any supporting features such as Themes
- All MMC consoles
- All Control Panel utilities, with the exception of
Regional And Language Options (Intl.cpl) and Date And Time (Timedate.cpl)
- All Hypertext Markup Language (HTML) rendering engines,
including Internet Explorer and HTML Help
- Windows Mail
- Windows Media Player
- Most accessories such as Paint, Calculator and Wordpad
Where will you place RODC
Read-only domain
controllers (RODCs) are a new feature of Active Directory Domain Services
(AD DS) in Windows Server 2008. RODCs are additional domain
controllers for a domain that host complete, read-only copies of the partitions
of the Active Directory database and a read-only copy of the SYSVOL folder
contents. By selectively caching credentials, RODCs address some of the
challenges that enterprises can encounter in branch offices and perimeter
networks (also known as DMZs) that may lack the physical security that is
commonly found in datacenters and hub sites.
How you apply spn to a user or computer account?
Set Spn Command
How a Client reporting to WSUS server?
???
Which Day Microsoft release it patches?
Every Second Tuesday of
the Month, Sometime in Fourth Tuesday also.
Microsoft has an
apparent pattern of releasing a larger number of updates in even-numbered
months, and fewer in odd-numbered months.
Give us Some of the Important Security update released by Microsoft related to Active directory
Microsoft Security
Bulletin MS14-077 November 11, 2014
Vulnerability in Active
Directory Federation Services Could Allow Information Disclosure (3003381)
Microsoft Security
Bulletin MS08-003
Vulnerability in Active
Directory Could Allow Denial of Service (946538)
http://www.microsoft.com/technet/security/Bulletin/MS08-003.mspx
Microsoft Security
Bulletin MS08-035
Vulnerability in Active
Directory Could Allow Denial of Service (953235)
http://www.microsoft.com/technet/security/Bulletin/MS08-035.mspx
Microsoft Security
Bulletin MS08-035
Vulnerability in Active
Directory Could Allow Denial of Service (953235)
http://www.microsoft.com/technet/security/Bulletin/MS08-035.mspx
Microsoft Security
Bulletin MS09-018 June 09, 2009
| Updated: June 17, 2009
Vulnerabilities in
Active Directory Could Allow Remote Code Execution (971055)
http://www.microsoft.com/technet/security/bulletin/ms09-018.mspx
Microsoft Security
Bulletin MS09-066
Vulnerability in Active
Directory Could Allow Denial of Service (973309)
http://www.microsoft.com/technet/security/bulletin/ms09-066.mspx
Microsoft Security
Bulletin MS10-068
Vulnerability in Local
Security Authority Subsystem Service Could Allow Elevation of Privilege
(983539)
http://www.microsoft.com/technet/security/bulletin/ms10-068.mspx
Microsoft Security
Bulletin MS11-005 February 08,
2011
Vulnerability in Active
Directory Could Allow Denial of Service (2478953)
http://www.microsoft.com/technet/security/bulletin/ms11-005.mspx
Microsoft Security
Bulletin MS11-086
Vulnerability in Active
Directory Could Allow Elevation of Privilege (2630837)
http://www.microsoft.com/technet/security/bulletin/ms11-086.mspx
Microsoft Security
Bulletin MS11-095
Vulnerability in Active
Directory Could Allow Remote Code Execution (2640045)
http://technet.microsoft.com/en-us/security/bulletin/MS11-095
Microsoft Security
Bulletin MS13-032
Vulnerability in Active
Directory Could Lead to Denial of Service (2830914)
http://technet.microsoft.com/en-us/security/bulletin/ms13-032
Microsoft Security
Bulletin MS13-066 August, 13, 2013
Vulnerability in Active
Directory Federation Services Could Allow Information Disclosure (2873872)
Microsoft Security
Bulletin MS13-079 - Important September 10, 2013
Vulnerability in Active
Directory Could Allow Denial of Service (2853587)
Microsoft Security
Bulletin MS14-016
Vulnerability in
Security Account Manager Remote (SAMR) Protocol Could Allow Security Feature
Bypass (2934418)
http://technet.microsoft.com/en-us/security/bulletin/ms14-016
Microsoft Security
Bulletin MS14-016
Vulnerability in
Security Account Manager Remote (SAMR) Protocol Could Allow Security Feature
Bypass (2934418)
http://technet.microsoft.com/en-us/security/bulletin/ms14-016
Microsoft Security
Bulletin MS14-025 - Important May 13, 2014
Vulnerability in Group
Policy Preferences Could Allow Elevation of Privilege (2962486)
How to Connect a Storage NAS Device to a Domain Controller?
????????
Where to Enable Global Catalog server?
In Sites and Services
Select the Particular DC's NTDS
Settings, and then click Properties.
What are the files will be there in a ifm media?
What are all the contents available in System State Backup?
· Active
Directory
· The
SYSVOL tree
· The
Boot.ini file
· The
COM+ class registration database
· The
registry
Give Some Important features of 2008 or Diffrence between 2003 and
2008?
RODC
Fine Grained Password
Policies
Restarable Directory
Services
Hyper V
DFS - R Replication
Database Mounting Tool
Server Core Installation
Powershell Support
IPV6 Support
Roles
AD Recycle Bin
Offline Domain Join
Group policy (ADMX and
ADML Files, Improved Slow Link Detection Policy)
What is AMDX and ADML Files?
In Group Policy for
versions of Windows earlier than Windows Vista, if you modify
Administrative template policy settings on local computers, the Sysvol share on
a domain controller within the domain is automatically updated with the new ADM
files. In Group Policy for Windows Server 2008 and Windows Vista, if you
modify Administrative template policy settings on local computers, Sysvol will
not be automatically updated with the new ADMX or ADML files (ADML files are
XML-based ADM files that contain language-specific settings). This change in
behavior is implemented to reduce network load and disk storage requirements,
and to prevent conflicts from occurring between ADMX files and ADML files when
edits to Administrative template policy settings are made across different
locales. To ensure that any local updates are reflected in Sysvol as well, you
must manually copy the updated ADMX or ADML files from the PolicyDefinitions
folder on the local computer to the Sysvol\PolicyDefinitions folder on the
appropriate domain controller.
What is the event id for lingering Object issue?
Event or
Error status
|
Event or
error text
|
Implication
|
AD Replication status 8606
|
"Insufficient attributes were
given to create an object. This object may not exist because it
may have been deleted."
|
Lingering objects are present on
the source DC (destination DC is operating in Strict Replication Consistency
mode)
|
AD Replication status 8614
|
The directory service cannot
replicate with this server because the time since the last replication with
this server has exceeded the tombstone lifetime.
|
Lingering objects likely exist in
the environment
|
AD Replication status 8240
|
There is no such object on the
server
|
Lingering object may exist on the
source DC
|
Directory Service event ID 1988
|
Active Directory Domain Services
Replication encountered the existence of objects in the following partition
that have been deleted from the local domain controllers (DCs) Active
Directory Domain Services database.
|
Lingering objects exist on the
source DC specified in the event
(Destination DC is running with
Strict Replication Consistency)
|
Directory Service event ID 1388
|
This destination system received
an update for an object that should have been present locally but was not.
|
Lingering objects were reanimated
on the DC logging the event
Destination DC is running with
Loose Replication Consistency
|
Directory Service event ID 2042
|
It has been too long since this
server last replicated with the named source server.
|
Lingering object may exist on the
source DC
|
How to Create AD Snapshot?
open CMD.exe, Ntdsutil,
activate instance ntds, snapshot, create, list all.
What are the DNS Query Types available?
Recursive
Iterative
What are all the SRV Records exist?
domain.forest.com A 157.55.81.157
_ldap._tcp.forest.com SRV 0 0 389 domain.forest.com
_kerberos._tcp.forest.com SRV 0 0 88 domain.forest.com
_ldap._tcp.dc._msdcs.forest.com SRV 0 0 389 domain.forest.com
_kerberos._tcp.dc._msdcs.forest.com SRV 0 0 88 domain.forest.com.
What is DNS Zone Corruption?
What is the Diffrence of Seizing and Transfering?
Seize will be done when
role holder is offline, Transfer will be done only when the holder is online
and able to connect from the New FSMO role holder.
Where will be the DSRM passowrd Stored?
In SAM File under
C:\WINDOWS\system32\config
How to Check Domain and Forest Functional level?
Forest Functional Level
(FFL) and Domain Functional Level (DFL) of Active Directory from command line
or using PowerShell:
Get Domain Functional
Level using PowerShell:
Get-ADDomain | fl
Name,DomainMode
Get Forest Functional
Level using PowerShell:
Get-ADForest | fl
Name,ForestMode
Get Forest Functional
Level using dsquery:
dsquery *
"CN=Partitions,CN=Configuration,DC=lab,DC=local" -scope base -attr
msDS-Behavior-Version
Conversion table:
0 = Windows 2000
1 = Windows 2003 interim
2 = Windows 2003
3 = Windows 2008
4 = Windows 2008 R2
5 = Windows 2012
Get Domain Functional
Level using dsquery:
dsquery *
"DC=lab,DC=local" -scope base -attr msDS-Behavior-Version
ntMixedDomain
Conversion table:
0, 0 = Windows 2000
Native
0, 1 = Windows 2000
Mixed
2, 0 = Windows 2003
3, 0 = Windows 2008
4, 0 = Windows 2008 R2
5, 0 = Windows 2012
Get the Active Directory
Schema version using dsquery:
dsquery *
"CN=Schema,CN=Configuration,DC=lab,DC=local" -scope base -attr
objectVersion
13 = Windows 2000 Server
30 = Windows Server 2003
RTM, Windows Server 2003 with Service Pack 1,
Windows Server 2003 with Service Pack 2
31 = Windows Server 2003
R2
44 = Windows Server 2008
RTM
47 = Windows Server 2008
R2
56 = Windows Server 2012
RTM
Important Port numbers related to AD and Windows?
Server Port
|
Protocol
|
Service
|
AD and AD DS Usage
|
Type of traffic
|
20
|
TCP
|
FTP Data
|
||
21
|
TCP
|
FTP Control
|
||
23
|
TCP
|
Telnet
|
||
123
|
UDP
|
W32Time
|
Windows Time, Trusts
|
Windows Time
|
135
|
TCP
|
RPC Endpoint Mapper
|
Replication
|
RPC, EPM
|
464
|
TCP
|
Kerberos password change
|
Replication, User and Computer
Authentication, Trusts
|
Kerberos change/set password
|
464
|
UDP
|
Kerberos password change
|
Replication, User and Computer
Authentication, Trusts
|
Kerberos change/set password
|
389
|
TCP
|
LDAP
|
Directory, Replication,
User and Computer Authentication,
Group Policy, Trusts
|
LDAP
|
389
|
UDP
|
Directory, Replication,
User and Computer Authentication,
Group Policy, Trusts
|
LDAP
|
|
636
|
TCP
|
LDAP SSL
|
Directory, Replication,
User and Computer Authentication,
Group Policy, Trusts
|
LDAP SSL
|
3268
|
TCP
|
LDAP GC
|
Directory, Replication,
User and Computer Authentication,
Group Policy, Trusts
|
LDAP GC
|
3269
|
TCP
|
LDAP GC SSL
|
Directory, Replication,
User and Computer Authentication,
Group Policy, Trusts
|
LDAP GC SSL
|
53
|
TCP
|
DNS
|
User and Computer Authentication,
Name Resolution, Trusts
|
DNS
|
53
|
UDP
|
DNS
|
User and Computer Authentication,
Name Resolution, Trusts
|
DNS
|
88
|
TCP
|
Kerberos
|
User and Computer Authentication,
Forest Level Trusts
|
Kerberos
|
88
|
UDP
|
Kerberos
|
||
445
|
TCP
|
SMB/SMB over IP (Microsoft-DS)
|
Replication, User and Computer
Authentication, Group Policy, Trusts
|
SMB, CIFS, SMB2, DFSN, LSARPC,
NbtSS, NetLogonR, SamR, SrvSvc
|
445
|
UDP
|
SMB
|
Replication, User and Computer
Authentication, Group Policy, Trusts
|
SMB, CIFS, SMB2, DFSN, LSARPC,
NbtSS, NetLogonR, SamR, SrvSvc
|
138
|
UDP
|
DFSN, NetLogon, NetBIOS Datagram
Service, Group Policy
|
DFS, Group Policy, NetBIOS
Netlogon, Browsing
|
DFSN, NetLogon, NetBIOS Datagram
Service
|
67
|
UDP
|
DHCP, WDS
|
DHCP, MADCAP, PXE
|
DHCP, MADCAP, PXE
|
2535
|
UDP
|
MADCAP
|
DHCP, MADCAP, PXE
|
DHCP, MADCAP, PXE
|
137
|
TCP
|
NetBIOS Name Resolution
|
NetBIOS Name Resolution
|
NetBIOS Name Resolution
|
137
|
UDP
|
NetLogon, NetBIOS Name Resolution
|
NetLogon, NetBIOS Name Resolution
|
NetLogon, NetBIOS Name Resolution
|
138
|
UDP
|
NetBIOS datagram service
|
||
139
|
TCP
|
DFSN, NetBIOS Session Service,
NetLogon
|
User and Computer Authentication,
Replication
|
DFSN, NetBIOS Session Service,
NetLogon
|
119
|
TCP
|
NNTP
|
||
443
|
TCP
|
HTTPS
|
||
593
|
TCP
|
|||
25
|
TCP
|
Replication
|
SMTP
|
|
110
|
TCP
|
POP3
|
||
42
|
NetBios
|
WINS Replication
|
||
1512
|
WINS resolution
|
|||
9389
|
TCP
|
AD DS Web Services
|
SOAP
|
|
5722
|
TCP
|
File Replication
|
RPC, DFSR (SYSVOL)
|
|
143
|
TCP
|
IMAP4
|
||
1024 – 65535
|
TCP
|
NT4 BDC to Windows 2000 or newer
Domain controller PDC-E communications
|
RPC, LSA RPC, LDAP, LDAP SSL, LDAP
GC, LDAP GC SSL, DNS, Kerberos, SMB
|
|
1025 – 65535
|
UDP
|
NT4 BDC to Windows 2000 or newer
Domain controller PDC-E communications
|
RPC, LSA RPC, LDAP, LDAP SSL, LDAP
GC, LDAP GC SSL, DNS, Kerberos, SMB
|
What is Default DHCP Lease Duration and Renewal Duration?
DHCP Lease Duration
|
8
|
1st Attempt for DHCP Lease Renewal
|
4
|
2nd Attempt for DHCP Lease Renewal
|
6
|
3rd Attempt for DHCP Lease Renewal
|
6.6
|
What is KMS?
Whether ADRestore Tool Restore entire Object Attributes???
ADRESTORE will restore
only SID, ObjectGUID, LastKnownParent and SAMAccountName
Reason
When the object was
deleted, all the attribute values except SID, ObjectGUID, LastKnownParent and
SAMAccountName were stripped.
Give the Types of memory dumps you know?
Complete memory dump
Location:
%SystemRoot%\Memory.dmp
Size: ≈size of installed
RAM plus 1MB
Kernel memory dump
Location:
%SystemRoot%\Memory.dmp
Size: ≈size of physical
memory "owned" by kernel-mode components
Small Memory Dump
-
Location:
%SystemRoot%\Minidump
Size: At least 64K on
x86 and 128k on x64
Automatic memory dump
Location:
%SystemRoot%\Memory.dmp
Size: ≈size of OS kernel
How to create a Full Memory Dump for a Server?
Scenarios
Network Card of a Domain
Controller is down, how you will fix it?
How do you Troubleshoot
slowness Issue in a Site?
How do you Troubleshoot
Replication problem in a Site?
How to ensure a Healthy
is DC?
Kerberos-NTLM Feature
Comparison
NTLM
|
Kerberos
|
|
Underlying Cryptographic
Technology
|
Symmetric Cryptography
|
- Basic Kerberos: Symmetric
Cryptography
- Kerberos PKINIT (this is the
Kerberos subprotocol that supports smart card logon): Symmetric and
Asymmetric Cryptography
|
Trusted Third Party
|
DC
|
- Basic Kerberos: DC with Kerberos
Key Distribution Center (KDC) service
- Kerberos PKINIT: DC with KDC
service and Windows Enterprise Certification Authority (CA).
|
Microsoft Supported Platforms
|
Windows 95, Windows 98, Windows
ME, NT 4.0, Win2K, XP, Windows 2003/R2, Vista
|
Win2K, XP, Windows 2003/R2, Vista
|
Features
|
Slower authentication because of
pass-through authentication
|
Faster authentication because of
unique ticketing system
|
No mutual authentication
|
Optional mutual authentication
|
|
No support for delegation of
authentication
|
Support for delegation of
authentication
|
|
No native protocol support for
smart card logon
|
Native protocol support for smart
card logon
|
|
Proprietary Microsoft
authentication protocol
|
Open standard
|
Tips to Troubleshoot AD Replication error 5: Access is denied
1. Check "Access this computer from network" rights.
2. check CrashOnAuditFail=2 settings
AD Replication fails when HKLM\System\CurrentControlSet\Control\LSA\CrashOnAuditFail = has a value of "2",
A CrashOnAduitFail value of 2 is triggered when the "Audit: Shut down system immediately if
unable to log security audits" setting in Group Policy has been enabled
AND the local security event
log becomes full.
3. Excessive Time Skew
4. SMB signing mismatch
5. UDP formatted Kerberos packet fragmentation
User Action
·
From the console of the destination DC, ping the source DC by its fully
qualified computer name to
identify the largest packet supported by the network route.
c:\>Ping <source DC hostname.>.<fully qualified computer
name> -f -l 1472
6. Invalid Secure channel / Password Mismatch
Validate the secure channel with "nltest /sc:query" or "netdom verify".
On condition, reset the destination DCs password with NETDOM /RESETPWD as
described in multiple articles including
MSKB 325850
User Action
· Disable the KDC service on the DC being rebooted
· From the
console of the destination DC, run NETDOM RESETPWD to reset the
password for the destination DC
c:\>netdom resetpwd /server: server_name /userd: domain_name \administrator
/passwordd:
administrator_password
· Ensure that likely KDCs AND the source DC (if in the same domain) inbound
replicate knowledge of the destination DCs new password.
· Reboot
the destination DC to flush Kerberos tickets and retry the replication
operation.
7. Network Adapters with "IPv4 Large Send Offload" enabled:
User Action
·
Open Network Adapter card properties
·
Select Configure button
·
Select Advanced tab
·
Disable "IPv4 Large Send Offload"
·
Reboot
8. DCDIAG /TEST:CheckSecurityErrors was written to perform specific tests (including an SPN
registration check) to troubleshoot Active Directory
operations replication failing with error
access is denied and error 8453: replication access was
denied" but is NOT run as part of the
default execution of DCDIAG.
Run DCDIAG on the
destination DC
Run DCDAIG
/TEST:CheckSecurityError
Run NETDIAG
Resolve any faults
identified by DCDIAG and NETDIAG. Retry the previously failing replication
operation. If still failing, proceed to "the long way around".
DHCP Scope option vs Server Options
Scope options will
always precedence
It is possible to run Windows Server 2012 systems in a cluster with earlier versions of Windows Server.
False
The new clustering
features in Windows Server 2012 are not backward-compatible;
each node in a cluster must be removed, upgraded and then added to a new cluster.
This is one of several things to consider when adding Server 2012 to an environment with earlier versions of Windows Server.
Which of the following is not an option that administrators can choose when changing Setting Sync policies in Windows Server 2012 Group Policy?
Do not synchronize user
application settings
Do not synchronize user
passwords
Do not synchronize user
settings
Do not synchronize user
desktop themes
YOUR ANSWER - Do not synchronize user passwords
SMB 3.0 ...
enables memory-to-memory
data transfers between servers using standard network adapters.
supports
application-consistent shadow copies of data stored on SMB file shares.
offers fast access to
documents over high-latency networks.
is just a fancy name for
SMB 2.2.
All of the above
In Windows Server 2012, Hyper-V live migration and failover clustering is possible without shared storage.
True
With Hyper-V 3.0, it
will be possible to use direct-attached storage for live migration and failover
clustering -- a change from Windows Server 2008 R2. Find out about other
storage improvements in Server 2012.
Microsoft estimates that the deduplication feature in Windows Server 2012 should be able to deliver an optimization ratio of ____ for general data storage and ____ for virtual server environments.
2:1, 20:1
Windows Server 2012
includes the first-ever native deduplication feature offered in Windows.
How does the "salvage" feature in Windows Server 2012's new Resilient File System (ReFS) prevent data corruption from spreading?
Takes the volume offline
and runs CHKDSK
Removes the corrupt data
from the volume namespace while keeping the volume running
Automates deletion of
corrupt files via PowerShell
Salvage is one of
several new features that separates ReFS from NTFS, the previous file system.
Windows Server 2012 includes out-of-the-box support for RemoteFX.
True
Learn how the
combination of Remote Desktop Session Host and RemoteFX improves the VDI
experience in Windows Server 2012.
Windows Server 2012 includes out-of-the-box support for RemoteFX.
True
Learn how the
combination of Remote Desktop Session Host and RemoteFX improves the VDI
experience in Windows Server 2012.
What is/are the drawback(s) of the new IP Address Management tool in Windows Server 2012?
It can only manage
servers that belong to designated Windows domains.
It cannot manage DHCP
appliances.
Overall, IPAM promises
to improve the unwieldy address management process, but it does have some
limitations in its initial version.
In June 2012, Microsoft revealed that one of its key products was running on Windows Server 2012. This was:
Bing
With the release
candidate version of Windows Server 2012, the company migrated Bing's servers
to Windows Server 2012 to demonstrate its stability.
In Windows Server 2012, administrators can access the Active Directory Recycle Bin only via PowerShell. - False
The Active Directory
Recycle Bin, first introduced in Windows Server 2008 R2, is now accessible via
a graphical user interface (GUI) (once it is turned on; it is disabled by
default). Note that the AD Recycle Bin does not work the same as the typical
desktop version.
Resilent file System
When accessing file shares hosted on NAS devices after deploying Windows Server 2012 domain controllers, you may observe the following symptoms:
- Connections to mapped network drives using the format
\\servername\sharename\subfolder
fail with "Access Denied". - This problem occurs under the following conditions:
- Kerberos is used to authenticate the user's session to the NAS device.
- The Kerberos ticket used in the session setup was issued by a KDC running Windows Server 2012.
- The NAS device does not understand Resource SID Compression, which is a new feature for Kerberos in Windows Server 2012.
Note -
Please send Interesting
Windows and AD Interview Questions to waran.siva@gmail.com to append here for
the use of our Friends.