IT Questions and Answers :)

Sunday, January 15, 2023

Common questions and answers asked to L1 VMware/Network Engineer & Administrator or Admin

Common questions and answers asked to L1 VMware/Network Engineer & Administrator or Admin

What are the layers of the OSI reference model and What is its job?

What are the layers of the OSI reference model and What is its job?

There are 7 OSI layers: 

1) Physical Layer, 

2) Data Link Layer, 

3) Network Layer, 

4) TransportLayer, 

5) Session Layer, 

6) Presentation Layer, and 

7) Application Layer.


The Network layer is responsible for data routing, packet switching, and control of network

congestion. Routers operate under this layer.


What are routers? 

Routers can connect two or more network segments. These are intelligent network devices that store information in their routing tables, such as paths, hops, and bottlenecks. With this info, they can determine the best path for data transfer. Routers operate at the OSI Network Layer.


What is a VPN? 

VPN means Virtual Private Network, a technology that allows a secure tunnel to be created across a network such as the Internet. For example, VPNs allow you to establish a secure dial-up connection to a remote server.


Briefly describe NAT

NAT is Network Address Translation. This is a protocol that provides a way for multiple computers on a common network to share a single connection to the Internet. 


What are proxy servers, and how do they protect computer networks? 

Proxy servers primarily prevent external users who are identifying the IP addresses of an internal network. Without knowledge of the correct IP address, even the physical location of the network cannot be identified. Proxy servers can make a network virtually invisible to external users.


How can you identify the IP class of a given IP address? 

By looking at the first octet of any given IP address, you can identify whether it’s Class A, B, or C. If the first octet begins with a 0 bit, that address is Class A. If it begins with bits 10 then that address is a Class B address. If it begins with 110, then it’s a Class C network.


What is the disadvantage of a star topology? 

One major disadvantage of star topology is that once the central Hub or switch gets damaged, the entire network becomes unusable.


What is the main job of the ARP? 

The main task of the ARP or Address Resolution Protocol is to map a known IP address to a MAC layer address.


What protocol can be applied when you want to transfer files between different platforms, such as UNIX systems and Windows servers? 

Use FTP (File Transfer Protocol) for file transfers between such different servers. This is possible because FTP is platform-independent


What is ICMP? 

ICMP is an Internet Control Message Protocol. It provides messaging and communication for protocols within the TCP/IP stack. This is also the protocol that manages error messages that are used by network tools such as PING


What is SMTP? 

SMTP is short for Simple Mail Transfer Protocol. This protocol deals with all internal mail and provides the necessary mail delivery services on the TCP/IP protocol stack.


What is one basic requirement for establishing VLANs? 

A VLAN is required because at the switch level. There is only one broadcast domain. It means whenever a new user is connected to switch. This information is spread throughout the network. VLAN on switch helps to create a separate broadcast domain at the switch level. It is used for security purposes.


What are the different types of VPN?

 Access VPN: Access VPN is used to provide connectivity to remote mobile users and telecommuters. It serves as an alternative to dial-up connections or ISDN (Integrated Services Digital Network) connections. It is a low-cost solution and provides a wide range of connectivity. 

Site-to-Site VPN: A Site-to-Site or Router-to-Router VPN is commonly used in large companies having branches in different locations to connect the network of one office to another in different locations. There are 2 sub-categories as mentioned below:  

Intranet VPN: Intranet VPN is useful for connecting remote offices in different geographical locations using shared infrastructure (internet connectivity and servers) with the same accessibility policies as a private WAN (wide area network). 

Extranet VPN: Extranet VPN uses shared infrastructure over an intranet, suppliers, customers, partners, and other entities and connects them using dedicated connections.


Topology: All the nodes are connected using the central link known as the bus. It is useful to connect a smaller number of devices. If the main cable gets damaged, it will damage the whole network.

Star Topology: All the nodes are connected to one single node known as the central node. It is more robust. If the central node fails the complete network is damaged. Easy to troubleshoot. Mainly used in home and office networks.

Ring Topology: Each node is connected to exactly two nodes forming a ring structure. If one of the nodes are damaged, it will damage the whole network. It is used very rarely as it is expensive and hard to install and manage.

Mesh Topology: Each node is connected to one or many nodes. It is robust as failure in one link only disconnects that node. It is rarely used and installation and management are difficult.

Tree Topology: A combination of star and bus topology also know as an extended bus topology. All the smaller star networks are connected to a single bus. If the main bus fails, the whole network is damaged.

Hybrid: It is a combination of different topologies to form a new topology. It helps to ignore the drawback of a particular topology and helps to pick the strengths from other.


What are Unicasting, Anycasting, Multicasting and Broadcasting?

Unicasting: If the message is sent to a single node from the source then it is known as unicasting. This is commonly used in networks to establish a new connection.

Anycasting: If the message is sent to any of the nodes from the source then it is known as anycasting. It is mainly used to get the content from any of the servers in the Content Delivery System. 

Multicasting: If the message is sent to a subset of nodes from the source then it is known as multicasting. Used to send the same data to multiple receivers.

Broadcasting: If the message is sent to all the nodes in a network from a source then it is known as broadcasting. DHCP and ARP in the local network use broadcasting.


What happens when you enter google.com in the web browser?

If not, the browser checks if the IP of the URL is present in the cache (browser and OS) if not then request the OS to do a DNS lookup using UDP to get the corresponding IP address of the URL from the DNS server to establish a new TCP connection.

A new TCP connection is set between the browser and the server using three-way handshaking.

An HTTP request is sent to the server using the TCP connection.

The web servers running on the Servers handle the incoming HTTP request and send the HTTP response.

The browser process the HTTP response sent by the server and may close the TCP connection or reuse the same for future requests.

If the response data is cacheable then browsers cache the same. • Browser decodes the response and renders the conten


What is SNMP architecture? 

SNMP has a simple architecture based on a client-server model.

The servers, called managers, collect and process information about devices on the network.

The clients, called agents, are any type of device or device component connected to the network. They can include not just computers, but also network switches, phones, printers, and so on.


What are the different memories used in a CISCO router?

NVRAM: stores the startup configuration file.

DRAM: stores the configuration file that is being executed.

ROM It is the bootstrap software that runs and maintains instructions for POST diagnostics.

Flash Memory: stores the Cisco IOS.


Differentiate User Mode from Privileged Mode 

User Mode is used for regular task when using a CISCO router, such as to view system information, connecting to remote devices, and checking the status of the router. On the other hand, privileged mode includes all options that are available for User Mode, plus more. You can use this mode in order to make configurations on the router, including making tests and debugging.


Differentiate full-duplex from half-duplex.

 In full-duplex, both the transmitting device and the receiving device can communicate simultaneously, that is, both can be transmitting and receiving at the same time. In the case of half-duplex, a device cannot receive while it is transmitting, and vice versa.


In configuring a router, what command must be used if you want to delete the configuration data that is stored in the NVRAM? 

erase startup-config


What Is The Location Of The Active Directory Database? 

C:windows\Ntds\Ntds.dit.


Name the default protocol used in directory services? 

LDAP (Lightweight Directory Access Protocol).


Explain Emulation Drivers? 

The emulation drivers are mainly devices that imitate another program. In simple terms, emulation drivers are a trick to fool the device that it is some other sort of a device.


What Are Synthetic Drivers? 

Synthetic drives are different and better than the emulation ones in their functions. They don’t imitate another program but, create another hardware complex device on a virtual platform.


What Is Desktop Virtualization? 


Desktop virtualization is a logical procedure to isolate and extract the OS or system from the client that is ready to access it. There are many types of desktop virtualizations some of which include virtual machines while some do not

What Is Dac? 

Microsoft Dynamic Access Control or DAC is a data governance tool in Windows Server 2012 that allows administrators control access settings. It uses centralized policies to permit administrators to review who has access to individual files. Files can be classified manually or automatically.

Define SYSVOL? 

The SysVOL file keeps the server’s copy of the domain’s public files. The fillings such as users, group policy.

What is Kerberos? 

Kerberos is a verification protocol for the network. It is built to present secure verification for client applications by using secret-key cryptography.

What do you mean by organizational units? 

The Organizational Unit is a serious design factor impacting policy, security, competence and the charge of administration. Organizational Units are a kind of LDAP (X.500) pot. It can be a reflection of as a sub-domain element with comparable properties to domains.

What do you mean by Active Directory Recycle Bin? 

Active Directory Recycle bin is a characteristic of Windows Server 2008 AD. It helps to re-establish by chance deleted Active Directory objects without using a backed-up AD database, rebooting area controller.

Do we use clustering in Active Directory? …. Why? 

No one installs Active Directory in a bunch. There is no need for clustering a field controller. Active Directory provides total joblessness with two or more servers.

What is child DC?

Child DC is a sub-area controller under the root domain controller which share a namespace.

Tell me the port no of LDAP?

 The port no of LDAP is 389

If I try to look schema, how can I do that?

 c:\windows\system32>regsvr32 schmmgmt.dll
Open mmc --> add snapin --> add Active directory schema
name it as schema.msc Open administrative tool --> schema.msc

Define Native Mode? 


When all domain controllers in a given area are consecutively Windows 2000 Server, this way permits organizations to take the lead of new Active Directory features such as worldwide groups, inter-domain group membership and nested group membership.

What is VMware and what are their benefits? 

VMware provides different applications and software for virtualization. VMware products are categorized into two levels, desktop applications, and Server applications. It is useful for: • Running multiple operating systems and applications on a single computer • Consolidate hardware to get vastly higher productivity from fewer servers • Save more of total cost spend on IT • It simplifies IT management and speeds up the deployment of new applications

Explain what is hypervisor 


A hypervisor is a program that enables multiple operating systems to share a single hardware host. Each operating system has the host’s processor, memory and other resources all to itself. The hypervisor controls the resources and host processor, allocating what is required for each operating system in turn and make sure that the guest operating system cannot disrupt each other.

Explain VMware DRS? 

VMware DRS stands for Distributed Resource Scheduler; it dynamically balances resources across various host under a cluster or resource pool. It enables users to determine the rules and
policies which decide how virtual machines deploy resources, and these resources should be prioritized to multiple virtual machines

What are the storage and availability in vCloud Suite? 

Storage DRS:It place and load balance virtual machines based on storage capacity and I/O latency
Storage vMotion:It employs proactive, non-disruptive storage migration to reduce virtual machine storage I/O bottlenecks and free up valuable storage capacity 
Application HA:It gains high availability that is bound to specific applications
Data Protection: Based on EMC avamar, it deploys a back-up and recovery tool

What is the difference between VMware HA and Vmware FT? 


VMware FT is enabled per VM basis while VMware is enabled per cluster 

In the case of ESX host failure, virtual machines are the failed host and are re-started and powered-on the other active hosts in HA cluster. But FT-enabled virtual machines; there is no downtime. In the case of a host failure, the secondary VM will be activated, and it becomes primary and continue to run from the exact point where the primary VM is failed or left off.

What is Fault Tolerant Logging? 

The communication between two ESXI host is known as Fault logging when FT is configured between them.

Explain vSS 

vSS stands for Virtual Standard Switch is responsible for communication of VMs hosted on a single physical host. It automatically detects a VM which wants to communicate with other VM on the same physical server

What are pluggable devices which can be added while Virtual Machine is running? 

You can add HDDs and NIC while Virtual Machine is running.

What is Cold and Hot Migration? 

When you migrate powered off or suspended, it is known as cold migration. When you migrate your running power on virtual machines, it is known as hot migration.

Explain the importance of snapshot in VMWare

A VMWare snapshot is a copy of a virtual machine disk file which is used to restore a VM to a specific point in time when the system fails, or system error occurs.

Explain Cluster in VMware 

Cluster in VMware is a logical grouping of multi ESXi hosts. It allows you to add or delete the host from the cluster. It also provides a feature like HA, DRS, on the cluster.

Disadvantages of the VMware virtualization platform

It requires a considerable investment to buy the resources
High-end server needs which increase the cost. 
Different technologies are required for its implementation

Can we do vMotion between two data centers? 

Yes, we can do vMotion between two datacenters. However, for this VM should be powered off.

What is RDM? 

RDM is a sort form of Raw Device Mapping. It is a file stored in VMFS volume which acts as a proxy for a raw physical device. It allows you to store virtual machine data directly on LUN.

What is NFS? 

NFS is a Network file system. It is a file sharing protocol which ESXI host used to communicate with the NAS device. It is a specialized store device which connects to a network.

What is VMKernel? 

Why is it important? The VMkernel is the interface between virtual machines (VMs) and the physical hardware of the system. The responsibility of VMkernel is to scheduling CPUs, allocating memory and providing other hardware abstraction with other operating system (OS) services.

How can I differentiate between virtual machine port groups and VMkernel ports? 

The big difference between a Virtual Machine port group and a VMkernel port group is the sort of traffic it’s passing. As you’ll see, a VMkernel port is passing traffic specific to VMware vSphere. A virtual machine port group is simply passing your garden variety virtual machine traffic.

How does vMotion work in the background? 

The Virtual Machine Memory state is copied over the Vmotion Network from the source Host to the Target Host. users still access the virtual machine and potentially update pages in memory. A list of modified pages in memory is kept during a memory Bitmap on the source Host.

What happens if VMotion fails? 

VMotion will fail if the target host does not have enough memory to satisfy the reservation of the virtual machine. If you want to fix this, migrate the virtual machine to another ESXi host that can provide the guaranteed memory for the VM or reduce the memory reservation of the virtual machine.

What’s iSCSI in VMware? 

iSCSI may be a protocol which uses the TCP to move SCSI commands and also enables the utilization of the prevailing TCP/IP networking infrastructure as a cargo area Network.

What’s the difference between FC and FCoE? 

FCOE maps Fiber Channel over full duplex Ethernet networks based on IEEE 802.3 standard. and therefore the other hand, Fiber Channel or FC may be a serial data transfer protocol and standard for high-speed enterprise-grade storage networking. It accelerates to 128 Gbps and delivers storage data over fast optical networks.

What’s the utilization of snapshots in VMware? 

The VMware snapshot is used to preserve the state and data of the Virtual machine at the present point in time so once you are done testing, you’ll quickly revert the VM back to a desired state. In VMware, VMware snapshots are easy and quick thanks to saving the state of a virtual machine before you test a software update, patch or other change.

What’s the complete sort of LUN? 

LUN stands for Logical Unit Number.

What’s the difference between RDM and VMDK? 

RDM is additionally referred to as a pass-through disk, and may be a mapping file that acts as a proxy for a physical device like a LUN. On the opposite side VMDK may be a file that appears as a tough drive to the guest OS . Fundamentally it’s a virtual disk drive.

What’s the difference between SAN and vSAN? 

SAN leverages storage protocols like FCP and iSCSI while vSAN only works with ESXi hosts. Within the case of SAN, storage administrators are required to pre-allocate storage on different systems although vSAN automatically converts local storage resources into one storage pool.

What’s a vSphere client?

The vSphere Client is an application software that permits management of a vSphere installation. The vSphere Client provides an administrator with access to the key functions of vSphere without the necessity to access a vSphere server directly.

What’s the max number of virtual machines per host? 

Maximum number of virtual machines per host is 100

What are the 2 reasons why a virtual machine might fail to power on? 

The virtual machine is running on an ESXi host which has an expired license. 
The virtual machine is running on a data-store which has insufficient disc space for the .vswp file.

What’s the utilization of vCenter server? 

vCenter is employed to manage multiple ESXi hosts, virtual machines and every one dependent component from one centralized location.

What are the services in vCenter server? 

The vCenter Server services are vCenter Server, vSphere Web Client, Inventory Service, vSphere Auto Deploy, vSphere ESXi Dump Collector, VMware vSphere Syslog Collector on Windows and VMware Sphere Syslog Service for the vCenter Server Appliance.
Share:

Thursday, March 12, 2020

Which of these is NOT an FSMO role?

Which of these is NOT an FSMO role?

  • RID Master
  • Schema Master
  • TCP Master
  • PDC Emulator 

 
Which of these is NOT an FSMO role?

EXPLANATION

There are 5 FSMO roles:
PDC Emulator (One per domain), RID Master (One per domain), Schema Master (One per forest), Domain Naming Master (One per forest), Infrastructure Master (One per domain)
https://wiki.samba.org/index.php/Flexible_Single-Master_Operations_(FSMO)_Roles

SOURCE

https://wiki.samba.org/index.php/Flexible_Single-Master_Operations_(FSMO)_Roles
Share:

Tuesday, January 29, 2019

In Group Policy, what is the default order of precedence, (not to be confused with the order in which a policy is processed,) excluding User and Computer accounts, that a policy is applied?

In Group Policy, what is the default order of precedence, (not to be confused with the order in which a policy is processed,) excluding User and Computer accounts, that a policy is applied?

  • Domain, Site, OU, Local
  • OU, Domain, Site, Local
  • Local, Site, Domain, OU
  • Site, OU, Domain, Local 

 
In Group Policy, what is the default order of precedence, (not to be confused with the order in which a policy is processed,) excluding User and Computer accounts, that a policy is applied?

EXPLANATION

The order of precedence for Group Policy is:
  • OU
  • Domain
  • Site
  • Local
However the order that the Policy is processed is just the opposite:
  • Local
  • Site
  • Domain
  • OU

SOURCE

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc757050(v=ws.10)
Share:

Wednesday, September 5, 2018

By default, what is the lowest permission needed to join computers to an Active Directory domain?

By default, what is the lowest permission needed to join computers to an Active Directory domain?

  • Schema Admin
  • Domain Admins
  • Authenticated Users
  • Enterprise Admins 

 

EXPLANATION

By default any Authenticated User can add up to 10 computers to a domain.  The risk with this could be that a user sets up a new workstation and give themselves an admin account on the computer, then add it to the domain using their domain account. 
With these elevated permissions they could do many things.  Most notably, but not limited to, the higher chance of getting a virus on the system to an inexperienced user.

SOURCE

https://technet.microsoft.com/en-us/library/cc976452.aspx
Share:

Tuesday, August 21, 2018

In Active Directory, what would a RSOP report tell you?

In Active Directory, what would a RSOP report tell you?

  • Remote System Operation Protocol
  • Random State Oscillation Period
  • Removal Strategy for Outside People
  • Resultant Set Of Policy 

In Active Directory, what would a RSOP report tell you?

EXPLANATION




 A Resultant Set of Policy (RSOP) is a report of all Group Policy settings within Active Directory that shows how those settings can affect a network, or how existing Group Policy Objects (GPOs) affect various combinations of users and computers when the local security policy is applied.
Share:

Friday, August 3, 2018

In Windows Active Directory, what is the default time interval that the Knowledge Consistency Checker (KCC) uses for incremental syncs to review and update the Active Directory replication topology?

In Windows Active Directory, what is the default time interval that the Knowledge Consistency Checker (KCC) uses for incremental syncs to review and update the Active Directory replication topology?

  • 48 hours
  • 15 minutes
  • 60 minutes
  • 5 minutes 

 

EXPLANATION




By default, the knowledge consistency checker (KCC) reviews and makes modifications to the Active Directory replication topology every 15 minutes. The KCC ensures propagation of data, either directly or transitively, by creating and deleting connection objects as needed. The KCC recognizes changes that occur in the environment and ensures that domain controllers are not orphaned in the replication topology.

For more information on the KCC, see: https://technet.microsoft.com/en-us/library/cc961781.aspx
Share:

Monday, July 9, 2018

With Windows assigned software packages distributed via Group Policy (to computers), when are packages installed on endpoints?

With Windows assigned software packages distributed via Group Policy (to computers), when are packages installed on endpoints?

  • Randomly 15-60 minutes later
  • During windows updates
  • During their next reboot
  • During the user's next logon 

 
With Windows assigned software packages distributed via Group Policy (to computers), when are packages installed on endpoints?

EXPLANATION

You can assign a program distribution to users or computers. If you assign the program to a user, it is installed when the user logs on to the computer. When the user first runs the program, the installation is completed. If you assign the program to a computer, it is installed when the computer starts, and it is available to all users who log on to the computer. When a user first runs the program, the installation is completed.

SOURCE

https://technet.microsoft.com/en-us/library/cc753768(v=ws.11).aspx
Share:

With Windows assigned software packages distributed via Group Policy (to computers), when are packages installed on endpoints?

With Windows assigned software packages distributed via Group Policy (to computers), when are packages installed on endpoints?

  • Randomly 15-60 minutes later
  • During windows updates
  • During their next reboot
  • During the user's next logon 

 
With Windows assigned software packages distributed via Group Policy (to computers), when are packages installed on endpoints?

EXPLANATION

You can assign a program distribution to users or computers. If you assign the program to a user, it is installed when the user logs on to the computer. When the user first runs the program, the installation is completed. If you assign the program to a computer, it is installed when the computer starts, and it is available to all users who log on to the computer. When a user first runs the program, the installation is completed.

SOURCE

https://technet.microsoft.com/en-us/library/cc753768(v=ws.11).aspx
Share:

Tuesday, June 5, 2018

In Windows Active Directory, what are Group Policy Objects?

In Windows Active Directory, what are Group Policy Objects?

  • Settings that define what a system should look like and how it will behave
  • They determine the hierarchy of a domain, which can fit the operational structure of an organization
  • A set of folder rules that determine where Outlook will save email messages
  • Affords the capability for secure extension of network operations to the Web 

 
In Windows Active Directory, what are Group Policy Objects?

EXPLANATION

Group Policy, in part, controls what users can and cannot do on a computer system: for example, to enforce a password complexity policy that prevents users from choosing an overly simple password, to allow or prevent unidentified users from remote computers to connect to a network share, to block access to the Windows Task Manager or to restrict access to certain folders. A set of such configurations is called a Group Policy Object (GPO)
See: http://searchwindowsserver.techtarget.com/definition/Group-Policy-Object

Share:

Wednesday, November 29, 2017

In a Windows domain, using built in domain features, how can you easily stop malicious software/viruses/cryptolocker from running from the downloads folder, or temporary internet files?

In a Windows domain, using built in domain features, how can you easily stop malicious software/viruses/cryptolocker from running from the downloads folder, or temporary internet files?

  • Advanced Windows Firewall Settings
  • Fancy Antivirus Software
  • Train your users to be more careful
  • Apply a Software Restriction Policy GPO 
 
In a Windows domain, using built in domain features, how can you easily stop malicious software/viruses/cryptolocker from running from the downloads folder, or temporary internet files?

EXPLANATION

Using a software restriction Policy you can create a whitelist or blacklist policy of locations that software is allowed to launch from. This included applications, scripts and so on. You can easily block software from launching from anywhere within a users profile, including the downloads folder. If you want to get into the advanced settings, you can blacklist ALL software and provide a while list of hashes for applications on your domain. SRP is extremely powerful, and very user friendly to configure. It is a valuable tool to use in keeping your network safe.

SOURCE

https://technet.microsoft.com/en-us/library/cc786941(v=ws.10).aspx
Share:

Thursday, November 23, 2017

Which of the following domain trust types does not extend beyond the trusted and trusting domains?

Which of the following domain trust types does not extend beyond the trusted and trusting domains?


  • Shortcut
  • Forest
  • Internet
  • External             
Which of the following domain trust types does not extend beyond the trusted and trusting domains?

EXPLANATION

An external trust provides access to resources located on an NT4 domain or a domain in a non-trusted forest. It is not transitive.
Forest trusts provide access to resources in any domain in the forest. Forest trusts are transitive.
Shortcut trusts are used to improve user login times between two domain in a forest. These trusts are also transitive.
Internet trusts do not exist

SOURCE

https://technet.microsoft.com/en-us/library/cc730798(v=ws.11).aspx
Share:

In Active Directory, you CANNOT link a group policy object (GPO) to which of the following?

In Active Directory, you CANNOT link a group policy object (GPO) to which of the following?

  • Site
  • Default container
  • OU
  • Domain 
In Active Directory, you CANNOT link a group policy object (GPO) to which of the following?

 

EXPLANATION

A Group Policy Object (GPO) is a collection of settings that define what a system will look like and how it will behave for a defined group of users. You can use the Group Policy Microsoft Management Console (MMC) to configure them. In the Group Policy Management Console (GPMC) console tree, you can link a GPO with the site, domain, or organizational unit (OU). You cannot link them to the default container.
Share:

On a Windows Domain Controller, which of the following does the SYSVOL share contain?

On a Windows Domain Controller, which of the following does the SYSVOL share contain?

  • The Active Directory replication queue
  • The primary Active Directory database
  • Group policy object files and network logon scripts
  • System Volume partition information 

 
On a Windows Domain Controller, which of the following does the SYSVOL share contain?

EXPLANATION

SYSVOL provides a standard location to store important elements of Group Policy objects (GPOs) and scripts that need to be read and synchronized by all domain members.
https://social.technet.microsoft.com/wiki/contents/articles/24160.active-directory-back-to-basics-sy...

SOURCE

https://social.technet.microsoft.com/wiki/contents/articles/24160.active-directory-back-to-basics-sysvol.aspx
Share:

Wednesday, November 22, 2017

When using Group Policy Preferences to deploy a File item, what does the "Update" action do?

When using Group Policy Preferences to deploy a File item, what does the "Update" action do?

  • Creates the file if it does not exist. Updates the file content and attributes if it does.
  • Updates the file attributes if the file exists. Does nothing if the file does not already exist.
  • Creates the file if it does not exist. Updates the file attributes (but not content) if it does.
  • Updates the file content if the file exists. Does nothing if the file does not already exist. 

 
When using Group Policy Preferences to deploy a File item, what does the "Update" action do?

EXPLANATION

The Update action has the following behavior when used to configure a File item in Group Policy Preferences:
Modify settings of an existing file (or multiple files in one folder) for computers or users. This action differs from Replace in that it only updates file attributes defined within the preference item. All other file attributes remain as configured on the file. If the file does not exist, then the Update action copies the file from the source location to the destination.
From TechNet - Configure a File Item
Share:

A user is getting an "Access Denied" message when they try to open a file. How do you change their permissions using the Windows command line?

Which of the following domain trust types does not extend beyond the trusted and trusting domains?

  • Internet
  • Shortcut
  • Forest
  • External

 
A user is getting an "Access Denied" message when they try to open a file. How do you change their permissions using the Windows command line?

EXPLANATION

An external trust provides access to resources located on an NT4 domain or a domain in a non-trusted forest. It is not transitive.
Forest trusts provide access to resources in any domain in the forest. Forest trusts are transitive.
Shortcut trusts are used to improve user login times between two domain in a forest. These trusts are also transitive.
Internet trusts do not exist

SOURCE

https://technet.microsoft.com/en-us/library/cc730798(v=ws.11).aspx
 
Share:

Which of the following Active Directory structures allow multiple subdomains to be associated with a single domain namespace?

Which of the following Active Directory structures allow multiple subdomains to be associated with a single domain namespace?

  • Domain group
  • Organizational unit
  • Tree
  • Forest
 
Which of the following Active Directory structures allow multiple subdomains to be associated with a single domain namespace?
 

EXPLANATION

In Active Directory, a tree (also known as a domain tree) groups together collections of domains in a single hierarchal structure. A single subdomain in the tree is known as a child domain, and the single domain that they are associated with is called the parent domain.
A group of multiple trees associated with a single Active Directory container instance is known as a forest.
 
Share:

When joining a linux PC to a windows domain, what other program do you need to install alongside samba?

When joining a linux PC to a windows domain, what other program do you need to install alongside samba?

  • win-net-tools
  • apache
  • krb5
  • gdb
 
When joining a linux PC to a windows domain, what other program do you need to install alongside samba?

EXPLANATION

The krb5, or kerberos package (whose name may vary slightly between different distributions, e.g. on debian the package containing it is called krb5-user) is required to join the domain. As well as configuring the smb.conf for samba with the details of the domain, the krb5.conf file must also be configured with the kerberos realm used to authenticate against the domain controller. Without kerberos, authentication may not take place on a modern windows network.

SOURCE

https://wiki.debian.org/AuthenticatingLinuxWithActiveDirectory
Share:

Popular Posts