Windows Server 2003 for Interview
- 15 – Netstat
- 21 – FTP
- 23 – Telnet
- 25 – SMTP
- 42 – WINS
- 53 – DNS
- 67 – Bootp
- 68 – DHCP
- 80 – HTTP
- 88 – Kerberos
- 101 – HOSTNAME
- 110 – POP3
- 119 – NNTP
- 123 – NTP
- 139 – NetBIOS
- 161 – SNMP
- 180 – RIS
- 389 – LDAP
- 443 – HTTPS
- 520 – RIP
- 443 – SSL (https)
- 220 – IMAP3
- 3268 – AD Global Catalog
- 3269 – AD Global Catalog over SSL
- 500 – Internet Key Exchange, IKE (IPSec) (UDP 500)
Type of Backup- Normal, incremental,
differential, copy, daily
Difference between
Windows Server 2000 and Windows Server 2003
1)
Domain rename is not possible in windows 2000
2) Windows 2k - IE 5 and Windows 2k3 - IE6
3) Terminal
service are enhanced in win2k3
4) Windows 2k doesn't have 64
bit version
5) DNS Stub zone has introduced in win2k3.
6)
Volume Shadow copying has introduced.
7) Schema version has
changed from ver.13 to ver.30.
Active Directory
An active directory is a directory structure used on Microsoft
Windows based computers and servers to store information and
data about networks and domains.
Active Directory Domain
Services (AD DS), formerly known as Active Directory Directory
Services, is the central location for configuration information,
authentication requests, and information about all of the
objects that are stored within your forest. Using Active
Directory, you can efficiently manage users, computers, groups,
printers, applications, and other directory-enabled objects from
one secure, centralized location.
Active
Directory schema
One of the defining elements of a
forest is a common schema. The schema is a definition of the
types of objects that are allowed within a directory and the
attributes that are associated with those objects. These
definitions must be consistent across domains in order for the
security policies and access rights to function correctly. There
are two types of definitions within the
schema: attributes and classes, also known as schema objects and
metadata. Attributes are defined only once, and then can be
applied to multiple classes as needed. The object classes, or
metadata, are used to define objects. For example, the Users
class requires certain attributes such as user name, password,
groups, and so on. A particular user account is simply an Active
Directory object that has those attributes defined. A class is
simply a generic framework for objects. It is a collection of
attributes, such as Logon Name and Home Directory for user
accounts or Description and Network Address for computer
accounts. Active Directory comes standard with a predefined set
of attributes and classes that fit the needs for many network
environments. In addition, network administrators can extend the
schema by defining additional attributes and extending the
classes within the directory.
Global Catalog
Server
Domain controllers keep a complete copy of
the Active Directory database for a domain, so that information
about each object in the domain is readily available to users
and services. This works well within a domain but poses problems
when crossing domain trees. Active Directory solves this issue
with a special limited database known as the global catalog. The
global catalog stores partial replicas of the directories of
other domains. The catalog is stored on domain controllers that
have been designated as global catalog servers. These servers
also maintain the normal database for their domain.
Within a multi domain environment that is running in Windows
2000 Native mode or the Windows Server 2003 functional level, a
global catalog is required for logging on to the network. The
global catalog provides universal group membership information
for the user account that is attempting to log on to the
network. If the global catalog is not available during the logon
attempt and the user account is external to the local domain,
the user will only be allowed to log on to the local machine.
When you add a global catalog server to a site, the
Knowledge Consistency Checker (KCC) updates the replication
topology, after which replication of partial domain directory
partitions that are available within the site begins.
Replication of partial domain directory partitions that are
available only from other sites begins at the next scheduled
interval.
Components that comprise the system
state on a domain controller include:
·
System Start-up Files (boot files). These are the files
required for Windows 2000 Server to start.
· System
registry.
· Class registration database of
Component Services. The Component Object Model (COM) is
a binary standard for writing component software in a
distributed systems environment.
· SYSVOL.
The system volume provides a default Active Directory location
for files that must be shared for common access throughout a
domain. The SYSVOL folder on a domain controller contains:
o
NETLOGON shared folders. These usually host
user logon scripts and Group Policy objects (GPOs) for
non-Windows 2000based network clients.
o User logon scripts
for Windows 2000 Professional based clients and clients that are
running Windows 95, Windows 98, or Windows NT 4.0.
o Windows
2000 GPOs.
o File system junctions.
o File Replication
service (FRS) staging directories and files that are required to
be available and synchronized between domain controllers.
·
Active Directory. Active Directory Database includes:
·
Ntds.dit (Windows NT Directory Service): The
Active Directory database.
o Edb.chk: The
checkpoint file.
o Edb*.log: The transaction
logs, each 10 megabytes (MB) in size.
o Res1.log and
Res2.log: Reserved transaction logs.
Non-authoritative restore of Active Directory
A
non-authoritative restore returns the domain controller to its
state at the time of backup, then allows normal replication to
overwrite that state with any changes that have occurred after
the backup was taken. After you restore the system state, the
domain controller queries its replication partners. The
replication partners replicate any changes to the restored
domain controller, ensuring that the domain controller has an
accurate and updated copy of the Active Directory database.
Non-authoritative restore is the default method for restoring
Active Directory, and you will use it in most situations that
result from Active Directory data loss or corruption. To perform
a non-authoritative restore, you must be able to start the
domain controller in Directory Services Restore Mode.
Practice Test Exam