Which folder contains login scripts in an Active Directory domain?

Which folder contains login scripts in an Active Directory domain?

• Scripts
• Schema
• System32
• Sysvol 

EXPLANATION

The logon script is the file that does the actual action. It could be almost any action, as noted above. So we’ll start by creating that script. The default location for logon scripts is the NETLOGON share, which, by default, is shared on all Domain Controllers in an Active Directory forest, and is located in the following folder:

%SystemRoot%\SYSVOL\sysvol\<domain DNS name>\scripts

Where %SystemRoot% is usually “C:\Windows” and <domain DNS name> is the DNS name of the domain, similar to “Techlanda.local”. This folder, which is a part of the SYSVOL special folder, is replicated to all the Domain Controllers in the domain.

Read More

Which of the following is NOT a valid Active Directory group scope?

Which of the following is NOT a valid Active Directory group scope?

• Distribution
• Domain Local
• Global
• Universal 

EXPLANATION

Group Scopes

The different group scopes make it possible for groups to be used differently to assign permissions for accessing resources. A group’s scope defines the place in the network where the group will be used or is valid. This is the degree to which the group will be able to reach across a domain, domain tree, or forest. The group scope also determines what users can be included as group members.
In Active Directory, there are three different group scopes:

• Global groups: Global groups are containers for user accounts and computers accounts in the domain. They assign permissions to objects that reside in any domain in a tree or forest. Users can include a global group in the access control list (ACL) of objects in any domain in the tree/forest. A global group can, however, only have members from the domain in which it is created. What this means is that a global group cannot include user accounts, computer accounts, and global groups from other domains. The domain functional level set for the domain determines which members can be included in the global group.
  
  • Windows 2000 Mixed: Only user accounts and computer accounts from the domain in which the group was created can be added as group members.
  • Windows 2000 Native / Windows Server 2003: User accounts, computer accounts, and other global groups from the domain in which the group was created can be added as group members.
• Domain Local groups: Domain local groups can have user accounts, computer accounts, global groups, and universal groups from any domain as group members. However, only domain local groups can assign permissions to local resources or to resources that reside in the domain in which the domain local group was created. This means that only domain local groups in the ACL of objects that are located in the local domain can be included. The domain functional level set for the domain determines which members can be included in the domain local group.
  
  • Windows 2000 Mixed: User accounts, computer accounts, and global groups from any domain can be added as group members.
  • Windows 2000 Native / Windows Server 2003: User accounts, computer accounts, global groups, and universal groups from any domain can be added as group members. Other domain local groups from the same domain as group members can also be added.
• Universal groups: Universal groups can have user accounts, computer accounts, global groups, and other universal groups from any domain in the tree or forest as members. This basically means that users can add members from any domain in the forest to a universal group. Users can use universal groups to assign permissions to access resources that are located in any domain in the forest. Universal groups are only available when the domain functional level for the domain is Windows 2000 Native or Windows Server 2003. Universal groups are not available when domains are functioning in the Windows 2000 Mixed domain functional level. Users can convert a universal group to a global group or to a domain local group if the particular universal group has no other universal group as a group member. When adding members to universal groups, it is recommended to add global groups as members and not individual users.

Read More

There are two types of groups recognized by Active Directory: Security and _________

There are two types of groups recognized by Active Directory: Security and _________

• Peer
• Domain
• Global
• Distribution 

EXPLANATION

Group Types

Two types of groups can be created in Active Directory. Each group type is used for a different purpose. A security group is one that is created for security purposes, while a distribution group is one created for purposes other than security purposes. Security groups are typically created to assign permissions, while distribution groups are usually created to distribute bulk e-mail to users. As one may notice, the main difference between the two groups is the manner in which each group type is used. Active Directory allows users to convert a security group into a distribution group and to convert a distribution group into a security group if the domain functional level is raised to Windows 2000 Native or above.

• Security groups: A security group is a collection of users who have the same permissions to resources and the same rights to perform certain system tasks. These are the groups to which permissions are assigned so that its members can access resources. Security groups therefore remove the need for an Administrator to individually assign permissions to users. Users that need to perform certain tasks can be grouped in a security group then assigned the necessary permissions to perform these tasks. Each user that is a member of the group has the same permissions. In addition to this, each group member receives any e-mail sent to a security group. When a security group is first created, it receives an SID. It is this SID that enables permissions to be assigned to security groups – the SID can be included in a resource’s DACL. An access token is created when a user logs on to the system. The access token contains the user’s SID and the SID of those groups to which the user is a member of. This access token is referenced when the user attempts to access a resource. The access token is compared with the resource’s DACL to determine which permissions the user should receive for the resource.
• Distribution groups: Distribution groups are created to share information with a group of users through e-mail messages. Thus, a distribution group is not created for security purposes. A distribution does not obtain an SID when it is created. Distribution groups enable the same message to be simultaneously sent to its group members. Messages do not need to be individually sent to each user. Applications such as Microsoft Exchange that work with Active Directory can use distribution groups to send bulk e-mail to groups of users.

Read More

Which tool gives you a real-time graphical look at Microsoft Windows (Vista and later) performance information?

Which tool gives you a real-time graphical look at Microsoft Windows (Vista and later) performance information?

• Task Monitor
• Resource Monitor
• Task Viewer
• Event Monitor 

EXPLANATION

Resource Monitor, a utility in Windows Vista and later, displays information about the use of hardware and software resources in real time. Users can launch Resource Monitor by executing resmon.exe.

Resource Monitor is a necessary complement to Task Manager, which is too limited (Windows 7 here). For instance, only Resource Monitor will show what discs are currently spinning. 

Read More

Which tool can you use to troubleshoot Active Directory problems?

Which tool can you use to troubleshoot Active Directory problems?

• Repadmin
• WSRM
• Hammer
• Repmon 

EXPLANATION

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2, Windows Server 2008, Windows Server 2008 R2
This document describes how to use the Repadmin.exe tool to monitor, diagnose, and troubleshoot common replication problems in your Active Directory® environment. All the information in this document applies to computers running the Microsoft® Windows® 2000 Server and Windows Server® 2003 operation systems. This document includes the following topics:

• Repadmin Introduction and Technology Overview
  
• Repadmin Requirements, Syntax, and Parameter Descriptions
  
• Repadmin Usage Scenarios
  
• Repadmin for Experts
  

To obtain a copy of this guide in .doc file format, see Troubleshooting replication with repadmin on the Microsoft Download Center (http://go.microsoft.com/fwlink/?LinkID=129020).

 

Read More

What is the name of the shared folder that exists on all domain controllers and stores things like Group Policy objects and login scripts?

What is the name of the shared folder that exists on all domain controllers and stores things like Group Policy objects and login scripts?

• Builtin
• Share
• SYSVOL
• C$ 

EXPLANATION

The System Volume (Sysvol) is a shared directory that stores the server copy of the domain's public files that must be shared for common access and replication throughout a domain

The System Volume (Sysvol) is a shared directory that stores the server copy of the domain's public files that must be shared for common access and replication throughout a domain. The Sysvol folder on a domain controller contains the following items:

• Net Logon shares. These typically host logon scripts and policy objects for network client computers.
• User logon scripts for domains where the administrator uses Active Directory Users and Computers.
• Windows Group Policy.
• File replication service (FRS) staging folder and files that must be available and synchronized between domain controllers.
• File system junctions.

File system junctions are used extensively in the Sysvol structure and are a feature of NTFS file system 3.0. You must be aware of the existence of junction points and how they operate so that you can avoid data loss or corruption that may occur if you modify the Sysvol structure.

 

Read More

What does CPU stand for?

What does CPU stand for?

• Core Processing Unit
• Custom Processing Unit
• Central Processing Unit
• Computer Processing Unit 

EXPLANATION

A central processing unit is the electronic circuitry within a computer that carries out the instructions of a computer program by performing the basic arithmetic, logical, control and input/output operations specified by the instructions. The computer industry has used the term "central processing unit" at least since the early 1960s.Wikipedia

Read More