1.What is AD DS?
AD DS, full name as Active Directory is the distributed directory service that it included with Windows Server OS.
2.What AD DS includes?
- AD DS on a Windows Server Network;
- Active Directory Lightweight Directory Services;
- Structure and Storage Technologies;
- Domain Controller Roles;
- Replication Technologies;
- Search and Publication Technologies;
- Installation, Upgrade and Migration Technologies.
3.What purposes AD DS typically used for?
- Internal directory;
- External directory;
- Application directory.
4.What Active Directory provides?
- A central location for network administration and delegation of administrative authority;
- Information security and single sign-on for user access to network resources;
- Flexible and global searching;
- Storage for application data;
- Systematic synchronization for directory updates;
- Remote administration;
- Single, modifiable, and extensible schema;
- Integration of object names with DNS, the Internet standard computer location system;
- Lightweight Directory Access Protocol support.
5.What parts that Active Directory structure and storage architecture contains?
- Active Directory domains and forests;
- DNS Support for Active Directory;
- Data store.
6.What the relationship between Forest, Domain and OU?
Forest contain one or more Domain(s), and OUs insides a Domain.
7.What DNS Service in an Active Directory used for?
To let Directory Client discover Directory Controller and inform Directory Client that where is the domain controller located, DNS Service also provide domain name for a domain such as contoso.com and DNS name for a domain joined computer such as computer1.contoso.com.
8.What Schema in an Active Directory used for?
Schema contains definitions for all the objects that are used to store information in the directory.
9.What the Active Directory Logical Structure contains?
- Organization Units;
- Domain Trees;
- Site Objects.
10.What are Domains?
Domains are logical directory components that we create to manage the administrative requirements of our organization. Domains can also be defined as:
- Containers within a forest;
- Units of Policy;
- Units of Replication;
- Authentication and Authorization Boundaries;
- Units of Trust.
11.What are Forests?
Forest is a single instance of Active Directory. Therefore, a forest is synonymous with Active Directory. Forests can also be defined as:
- Collections of Domain Containers that Trust Each Other;
- Units of Replication;
- Security Boundaries;
- Units of Delegation.
12.What the “Extending the Schema” means?
In some situations, the default attributes and object definitions in the schema are insufficient to create new object types that are required by some applications or services that interoperate with the directory. In these situations, it is possible to customize the schema by adding new object definitions to it.
13.How should we deal with the DNS Server while setting an Active Directory?
Select the checkbox in front of “Active Directory Domain Controller” in add a new features or roles wizard, at the mean time select the checkbox in front of “DNS Server” as well, because DNS Service is necessary for an Active Directory, though DNS Service isn’t a part of Active Directory.
14.What 5 operations master roles that AD DS defines?
- Schema master;
- Domain naming master;
- Primary Domain Controller (PDC) emulator;
- Infrastructure master;
- Relative ID (RID) Master.
15.What are Active Directory Levels?
The functional level of a domain or forest controls which advanced features are available in the domain or forest. Raising the functional level allows the introduction of advanced features but also limits the versions of Windows Server that can run on domain controllers in the environment.
16.What are the two exceptions if we need to rollback function level?
If we set the domain function level to Windows Sever 2008 R2, and the forest function level is Windows Server 2008 or lower, we’re able to roll back the domain function level to Windows Server 2008 (only).
If we set the forest function level to Windows Server 2008 R2, and the Active Directory Recycle Bin isn’t enabled, we’re able to roll back the forest function level to Windows Server 2008 (only).