Friday, March 2, 2012

Active Directory Interview Questions and Answers

Sponsored Links

Here is a list of most frequently asked 100 interview questions and its answers related to Microsoft Active Directory technologies. I have attended few interviews and been asked few of these questions. These Q&A is related to both Windows Server 2003 and 2008. I have not included questions regarding old versions of AD as those are almost obsolete. I will be posting other Q&A specifically related to DNS and Group Policy etc. soon in another post. Please look at the bottom of the post for hints to the answers.

  1. Explain three main features of Active Directory?
  2. What do you mean by Active Directory functional levels? How does it help an organization’s network functionality?
  3. What are the Domain and Forest functional levels of Windows Server 2003 AD?
  4. What are the Domain and Forest functional levels of Windows Server 2008 AD?
  5. How to add additional Domain Controller in a remote site with slower WAN link?
  6. How do we install Active Directory in Windows 7 Computer?
  7. What are the prerequisites to install Active Directory in a Server?
  8. What is FSMO role? (Or what are Single Master Operations / Flexible Single Master Operations / Operations Master Role / SMO / OMR?)
  9. Explain Infrastructure Master Role. What will be the impact if DC with Infrastructure Master Role goes down?
  10. What are the two forest specific FSMO roles?
  11. Which FSMO role directly impacting the consistency of Group Policy?
  12. I want to promote a new additional Domain Controller in an existing domain. Which are the groups I should be a member of?
  13. Tell me one easiest way to check all the 5 FSMO roles.
  14. Can I configure two RID masters in a domain?
  15. Can I configure two Infrastructure Master Role in a forest? If yes, please explain.
  16. What will be the impact on the network if Domain Controller with PDC Emulator crashes?
  17. What are the physical components of Active Directory?
  18. What are the logical components of Active Directory?
  19. What are the Active Directory Partitions? (Or what are Active Directory Naming Contexts? Or what is AD NC?)
  20. What is group nesting?
  21. Explain Group Types and Group Scopes?
  22. What is the feature of Domain Local Group?
  23. How will you take Active Directory backup?
  24. What are the Active Directory Restore types?
  25. How is Authoritative Restore different from non-Authoritative Restore?
  26. Explain me, how to restore Active Directory using command line?
  27. Tell me few switches of NTDSUTIL command.
  28. What is a tombstone? What is the tombstone lifetime period?
  29. What do you understand by Garbage Collection? Explain.
  30.  What is Lost and Found Container?
  31. Where can I locate Lost and Found Container?
  32. Is Lost and Found Container included in Windows Server 2008 AD?
  33. Have you ever installed Active Directory in a production environment?
  34. Do we use clustering in Active Directory? Why?
  35. What is Active Directory Recycle Bin?
  36. What is RODC? Why do we configure RODC?
  37. How do you check currently forest and domain functional levels? Say both GUI and Command line.
  38. Explain Knowledge Consistency Checker (KCC)
  39. What are the tools used to check and troubleshoot replication of Active Directory?
  40. What is SYSVOL folder used for?
  41. What is the use of Kerberos in Active Directory? Which port is used for Kerberos communication?
  42. Which version of Kerberos is used for Windows 2000/2003 and 2008 Active Directory?
  43. Please name few port numbers related to Active Directory.
  44. What is an FQDN?
  45. Tell me few DS commands and its usage.
  46. Explain Active Directory tree and forest.
  47. What are Intersite and Intrasite replication?
  48. What is shortcut trust?
  49. What is selective Authentication?
  50. Give me brief explanation of different types of Active Directory trusts.
  51. Have you heard of ADAC?
  52. What is the use of ADSIEDIT?  How do we install it in Windows Server 2003 AD?
  53. I am unable to create a Universal Security group in my Active Directory? What will be the possible reason?
  54. What is ADMT? What is it used for?
  55. What do you mean by Lingering Objects in AD? How to remove Lingering Objects?
  56. Explain Global Catalog. What kind of AD infrastructure makes most use of Global Catalog?
  57. Global Catalog and Infrastructure master roles cannot be configure in same Domain Controller. Why?
  58. How do you check all the GCs in the forest?
  59. How many objects can be created in Active Directory? (both 2003 and 2008)
  60. Can you explain the process between a user providing his Domain credential to his workstation and the desktop being loaded? Or how the AD authentication works?
  61. What is LDAP?
  62. Which is default location of Active Directory? What are the main files related to AD?
  63. In a large forest environment, why we don’t configure all Domain Controllers as GCs?
  64. What is NETDOM command line tool used for?
  65. What is role seizure? Who do we perform role seizure?
  66. What is ISTG? What is role of ISTG in Active Directory?
  67. Is it possible to find idle users who did not log in for last few months?
  68. Tell me the order of GPO as it applied.
  69. What are the uses of CSVDE and LDIFDE?
  70. What are the differences between a user object and contact object?
  71. What do you mean by Bridge Head server?
  72. What is urgent replication?
  73. Please explain Realm trust.
  74. Explain object class and object attribute.
  75. My organization wants to add new object attribute to the user object. How do you achieve it?
  76. What do you understand about GUID?
  77. What is the command used for Domain Controller decommissioning?
  78. Have you ever planned and implemented Active Directory infrastructure anywhere? Tell me few considerations we have to take during the AD planning.
  79. Name few differences from Windows Server 2003 AD and Windows Server 2008 AD.
  80. Which domain and forest functional level I will select if I am installing Windows Server 2008 AD in an Existing environment where we have Windows Server 2003 Domain Controllers?
  81. What are the replication intervals for Intersite and intrasite replication? Is there any change in 2003 and 2008?
  82. I want to transfer RID master role to a new Domain Controller. What are the steps I need to follow?
  83. Tell me few uses of NTDSUTIL commands?
  84. Name few services that directly impact the functionality of Domain Controller.
  85. You said there are 5 FSMO roles. Please explain what will be the impact on the AD infra if each FSMO roles fails?
  86. What is Active Directory defragmentation? How do you do AD defragmentation? And why do we do it?
  87. Tell me Different between online and offline defragmentation.
  88. How do you uninstall active directory? What are the precautions we have to take before removing active directory?
  89. A user is unable to log into his desktop which is connected to a domain. What are the troubleshooting steps you will consider?
  90. A Domain Controller called ABC is failing replication with XYZ. How do you troubleshoot the issue?
  91. A user account is frequently being locked out. How do you investigate this issue? What will be the possible solution suggest the user?
  92. Imagine you are trying to add a Windows 7 computer to Active Directory domain. But its showing an error ‘Unable to find Domain Controller’. How will you handle this issue?
  93. What are the services required for Active Directory replication?
  94. What is Active Directory application partition? What are the uses of it?
  95. Many users of a network are facing latency while trying to log into their workstations. How do you investigate this problem?
  96. Now, some questions related to Windows Server 2008 Active Directory. What do you mean by IDA? What are the new components of Windows 2K8 Active Directory?
  97. I want to edit the Active Directory Schema. How can I bring Schema editor into my MMC?
  98. Name few Active Directory Built in groups
  99. What are the differences between Enterprise Administrators and Domain Administrators groups?
  100. I have to create 1000 user objects in my Active Directory domain. Who can I achieve that with least administrative effort? Tell me few tools that I can use.
Try to answer these questions and take a note of your answers. It will help you for a self assessment. Once completed answering these questions, you can go to this link to find out answers session and compare with your findings.


blog comments powered by Disqus
Related Posts Plugin for WordPress, Blogger...