1. What are the types of backup? Explain each?

Backup Type full backup Description A complete set of all files you wish to back up. Think of this as your 'reference set'. You only need perform a full backup occasionally. A backup of those files which have changed since the last backup of any type. Pros Provides a complete copy of all your data; makes it easy to locate files which need restoring. Uses the lease time and space as only those files changed since the last backup are copied; lets you back up multiple versions of the same file. Cons Takes a long time and the most space on backup media; redundant backups created, as most files remain static. Makes the job of restoring files fiddly, as you have to reinstall the last full backup first, then all subsequent incremental backups in the correct order; also makes it hard to locate a particular file in the backup set. Redundant information stored, because each backup stores much of the same information plus the latest information added or created since the last full backup. Subsequent differential backups take longer and longer as more files are changed.

incremental backup

differential backup

A backup of those files which have changes since the last full backup. Should be performed at regular intervals.

Takes up less time and space than a full backup; provides for more efficient restoration than incremental backups.

What are Levels of RAID 0, 1, 5? Which one is better & why? 2. What are FMSO Roles? List them.
The 5 FSMO server roles: Schema Master Domain Naming Master PDC Emulator RID Master Infrastructure Master Forest Level Forest Level Domain Level Domain Level Domain Level One per forest One per forest One per domain One per domain One per domain

1. Schema Master (Forest level) The schema master FSMO role holder is the Domain Controller responsible for performing updates to the active directory schema. It contains the only writable copy of the AD schema. This DC is the only one that can process updates to the directory schema, and once the schema update is complete, it is replicated from the schema master to all other DCs in the forest. There

is only one schema master in the forest. 2. Domain Naming Master (Forest level) The domain naming master FSMO role holder is the DC responsible for making changes to the forest-wide domain name space of the directory. This DC is the only one that can add or remove a domain from the directory, and that is it's major purpose. It can also add or remove cross references to domains in external directories. There is only one domain naming master in the active directory or forest. 3. PDC Emulator (Domain level) In a Windows 2000 domain, the PDC emulator server role performs the following functions: Password changes performed by other DCs in the domain are replicated preferentially to the PDC emulator first. Authentication failures that occur at a given DC in a domain because of an incorrect password are forwarded to the PDC emulator for validation before a bad password failure message is reported to the user. Account lockout is processed on the PDC emulator. Time synchronization for the domain. Group Policy changes are preferentially written to the PDC emulator. Additionally, if your domain is a mixed mode domain that contains Windows NT 4 BDCs, then the Windows 2000 domain controller, that is the PDC emulator, acts as a Windows NT 4 PDC to the BDCs. There is only one PDC emulator per domain. Note: Some consider the PDC emulator to only be relevant in a mixed mode domain. This is not true. Even after you have changed your domain to native mode (no more NT 4 domain controllers), the PDC emulator is still necessary for the reasons above. 4. RID Master (Domain level) The RID master FSMO role holder is the single DC responsible for processing RID Pool requests from all DCs within a given domain. It is also responsible for removing an object from its domain and putting it in another domain during an object move. When a DC creates a security principal object such as a user, group or computer account, it attaches a unique Security ID (SID) to the object. This SID consists of a domain SID (the same for all SIDs created in a domain), and a relative ID (RID) that makes the object unique in a domain. Each Windows 2000 DC in a domain is allocated a pool of RIDs that it assigns to the security principals it creates. When a DC's allocated RID pool falls below a threshold, that DC issues a request for additional RIDs to the domain's RID master. The domain RID master responds to the request by retrieving RIDs from the domain's unallocated RID pool and assigns them to the pool of the requesting DC. There is one RID master per domain in a directory. 5. Infrastructure Master (Domain level) The DC that holds the Infrastructure Master FSMO role is responsible for cross domain updates and lookups. When an object in one domain is referenced by another object in another domain, it represents the reference by the GUID, the SID (for references to security principals), and the distinguished name (DN) of the object being referenced. The Infrastructure role holder is the DC responsible for updating an object's SID and distinguished name in a cross-domain object reference. When a user in DomainA is added to a group in DomainB, then the Infrastructure master is involved. Likewise, if that user in DomainA, who has been added to a group in DomainB, then changes his username in DomainA, the Infrastructure master must update the group membership(s) in DomainB with the name change. There is only one Infrastructure master per domain.

Note: The Infrastructure Master (IM) role should be held by a domain controller that is not a Global Catalog server (GC). If the Infrastructure Master runs on a Global Catalog server it will stop updating object information because it does not contain any references to objects that it does not hold. This is because a Global Catalog server holds a partial replica of every object in the forest. As a result, cross-domain object references in that domain will not be updated and a warning to that effect will be logged on that DC's event log. If all the domain controllers in a domain also host the global catalog, all the domain controllers have the current data, and it is not important which domain controller holds the infrastructure master role.
3. Describe the lease process of the DHCP server.

DHCP leases are used to reduce DHCP network traffic by giving clients specific addresses for set periods of time. The DHCP process stages can be remembered using the DORA acronym: 1. Discover - A broadcast is sent by the client with the client MAC address. This is a DHCP discover message with source IP address of 0.0.0.0 and destination address of 255.255.255.255. The client tries to get its last address. If it is not available, the DHCP server will send a NACK signal. The client state is initialization during the request stage. 2. Offer - A DHCP offer message is sent from the DHCP server with some or all the optional information as listed above. Information sent includes the IP address of the DHCP server that sent the accepted offer. All offered IP addresses are marked unavailable by the DHCP server when the DHCP server offers them until they are rejected. The client is in the selecting state during this offer stage. 3. Request - The first offer received by the client is accepted. The client broadcasts its selected choice using a DHCP request message which includes the IP address of the DNS server that sent the accepted offer. The client is in the requesting state during this selection stage. 4. Accept- The server acknowledges with a DHCP acknowledge indicating the client can use the address or it will send a DHCP Nak instructing the client that the address became unavailable. Other DHCP servers retract their offers and mark the offered address as available and the accepted address as unavailable. Any offered IP addresses not selected are freed to be used again. The client state is the binding state during this acknowledgement stage. When the client sends the lease request, it then waits one second for an offer. If a response is not received, the request is repeated at 9, 13, and 16 second intervals with additional 0 to 1000 milliseconds of randomness. The attempt is repeated every 5 minutes thereafter. The client uses port 67 and the server uses port 68.

Client systems that are Windows 98 or later attempt to tell if another client is already using the address received from the DHCP server by pinging the address. The DHCP server can be configured to pretest addresses by pinging them, but this will increase overhead and slow server response time.
FTP, NNTP, SMTP, KERBEROS, DNS, DHCP, POP3 port numbers? 21,143,52, Kerberos 5 (88) & Kerberos 4 (750), 53, 67, 110 4. What is Kerberos? Which version is currently used by Windows? How does Kerberos work? Kerberos is an Internet Engineering Task Force (IETF) standard for providing authentication. Kerberos works by having a central server grant a "ticket" honoured by all networked nodes running Kerberos.Version 5 Microsoft Exchange Server interview questions Distribution List? 5. GAL, Routing Group, Stm files, Eseutil & ininteg - what are they used for? Its the Streaming Media files, the STM and EDB file together make up your Mailbox Store. All mail that is received via MAPI is stored in the EDB and all other mail is stored in the STM file. ESEUTIL is a tool to defragment your exchange databases offline, to check their integrity and to repair a damaged/lost database. ISINTEG is used to do some tests on your information store and to fix some detected errors and problems. ISINTEG is the only repair utility that understands the Exchange database as an Exchange database. 6. What is MIME & MAPI? Short for Multipurpose Internet Mail Extensions, a specification for formatting non-ASCII messages so that they can be sent over the Internet. Short for Messaging Application Programming Interface, a system built into Microsoft Windows that enables different e-mail applications to work together to distribute mail. As long as both applications are MAPI-enabled, they can share mail messages with each other. 7. List the services of Exchange Server 2000? Microsoft Exchange Information Store Microsoft Exchange MTA Stack Microsoft Exchange POP3 Microsoft Exchange IMAP4 Microsoft Exchange Routing Engine Microsoft Exchange System Attendant 8. What is Global Catalog The global catalog contains a partial replica of every Windows 2000 domain in the directory. The GC lets users and applications find objects in an Active Directory domain tree given one or more attributes of the target object. It also contains the schema and configuration of directory partitions. This means the global catalog holds a replica of every object in the Active Directory, but with only a small number of their attributes. The global catalog is a distributed data repository that contains a searchable, partial representation of every object in every domain in a multidomain Active Directory forest 9. Replication

Bandwidth usage and consumption is an ongoing issue in network environments. As network environments have become more complex and distributed, the need to control traffic over WAN links has become more and more important, and a typical concern with an Active Directory implementation is the way AD will handle replication between sites. Replication is the process of sending update information between domain controllers. Because every domain controller in the Active Directory environment holds a copy of the Active Directory database, each domain controller must be updated when a change occurs. For example, if you change a user's password, that password change must be replicated to all other domain controllers to ensure that the database is accurate on all other domain controllers. Without replication, the Active Directory would quickly become a collection of useless, inaccurate data. The Active Directory does a good job with replication data because changes made to the Active Directory are replicated on an attribute level. In the Active Directory, objects are made of attributes, or descriptors of that object. For example, a user account may have attributes such as user name, password, email address, phone number, and so on. When a change is made to an object, only the changed attribute must be replicatednot the entire object. For example, let's say you change a user's password. The only item that must be replicated to across the environment is the password attribute for that objectnot the entire user account. So, the Active Directory is thrifty in terms of bandwidth usage because attribute replication converses as much bandwidth as possible. The Active Directory provides two methods of replication within the Active Directory environment: intrasite replication and intersite replication. Intrasite replication is replication within an Active Directory site. The Active Directory uses sites to determine which IP subnets are considered "well-connected" in your environment. By your site definition, the Active Directory assumes that the IP subnets within a site are well connected and that bandwidth is considered freely available and inexpensive. Using this assumption, the Active Directory automatically configures connection objects between domain controllers within the site so that replication between domain controllers occurs frequently and without a schedule. As an administrator, there is nothing you must configure or manage with intrasite replicationthe Active Directory takes care of it without your intervention. Intersite replication, on the other hand, is a more difficult animal to configure. You help the Active Directory understand what WAN connections are available between your sites and how the Active Directory should manage data. The process of managing replication between sites is a lot like walking a balancing beamyou have to balance what you want in terms of replication with what your WAN links can physically manage. Without a doubt, the more replication that occurs between sites, the more accurate the database will be all of the time. In most environments, however, constant replication over WAN links is not a practical solution. Therefore, most administrators are faced with a trade-off between data accuracy and time. In Active Directory terms, the time required to replicate data from domain controller to domain controller and site to site is called latency. As an administrator, the trick is to find the best replication balance to manage traffic between sites while keeping database data as accurate as possiblein other words, you want to reduce latency as much as possible. Intersite replication is based on site links. Sites are connected by some kind of WAN communication link. This may be something as grand as a T3 link, or as small as a VPN or modem connection. Depending on how your sites are connected, you configure site links in the Active Directory. These site links define the WAN connections that are between your sites. After the Active Director understands how your sites are linked together, you can then begin to implement control features that can help you find the balance between accurate data and latency that is right for your organization. Unfortunately, there are no hard and fast rulesthe Active Directory is flexible enough to allow you to find the balance that is right for your needs. So, you

need to understand the concepts and then spend some time experimenting to find the balance that is right for you. Cost. Your initial management task is to assign a cost to each site link. The cost of each site link is based on an arbitrary number that you assign to it. The Active Directory uses this cost to determine which site links have precedent over other site links. Lower-cost site links are favored over higher-cost site links. For example, let's say I have a Boston site and a Houston site. I have a T1 WAN connection between the two sites, but I also have a backup VPN connection. For replication, I want to make certain that replication always occurs over the T1 link, unless the link is down. If the link is down, the VPN link can be used. So, in terms of cost, I might give the T1 site link a cost of 10, whereas the VPN link might have a cost of 50. Using these numbers, the Active Directory always uses the lowest-cost link over the higher-cost link. With the cost assignment, I can rest assured that my best WAN connection between the two sites will always be utilized first. Schedule. Your next management tactic is to use schedules carefully and wisely. In intrasite replication, replication occurs frequently and without a schedule. In intersite replication, you can use a schedule to determine how often replication can occur. The idea is to provide a schedule that allows replication to occur as frequently as possible, but does not use too much bandwidth during peak network hours. For example, if you know that your environment uses a lot of intersite bandwidth between the work hours of 10:00 a.m. and 2:00 p.m., you might create a schedule that restricts replication during those hours. How you schedule replication is entirely up to you, but once again, you'll want to find that fine balance between data accuracy and latency that is acceptable for your network. Servers. For best replication performance, you should have at least one global catalog server in each site. In reality, the global catalog server may increase replication traffic, but it decreases user traffic over the WAN link, which leaves more room for replication. Also, consider placing a DNS server in each site, and make sure that the site clients connect to that DNS server for service, which will help reduce DNS traffic over the WAN link.

As you might imagine, one of the best things you can do to manage site replication traffic is to sit down with a pencil and paper and carefully plan your Active Directory infrastructure. Careful planning and the application of site configuration knowledge on your part will help you develop sites and replication plans that will meet the needs of your network and give you the best replication speed possible. 10. Key Components of Exchange 2003 Key components of Exchange 1. System attendant: Address generation & Creation of new ID's. 2. MTA: For Actual for transfer of mails 3. Information Store: Mailboxes 4. Routing Engine: takes routing decision. 5. 11. What is Receipent update Service?
The Recipient Update Service (RUS) is a very important component in your Exchange installation, it is RUS that is responsible for updating address lists and email addresses in your Active Directory.

12. What are the required components of Windows Server 2003 for installing Exchange 2003?

ASP.NET, SMTP, NNTP, W3SVC 13. What must be done to an AD forest before Exchange can be deployed? Setup /forestprep 14. What Exchange process is responsible for communication with AD? DSACCESS 15. What connector type would you use to connect to the Internet, and what are the two methods of sending mail over that connector? SMTP Connector: Forward to smart host or use DNS to route to each address 16. How would you optimise Exchange 2003 memory usage on a Windows Server 2003 server with more than 1Gb of memory? Add /3Gb switch to boot.ini 17. What are the standard port numbers for SMTP, POP3, IMAP4, RPC, LDAP and Global Catalog? SMTP 25, POP3 110, IMAP4 143, RPC 135, LDAP 389, Global Catalog 3268 18. Name the process names for the following: System Attendant? MAD.EXE, Information Store STORE.EXE, SMTP/POP/IMAP/OWA INETINFO.EXE 19. What is the maximum amount of databases that can be hosted on Exchange 2003 Enterprise? 20 databases. 4 SGs x 5 DBs 20. What are the disadvantages of circular logging? In the event of a corrupt database, data can only be restored to the last backup 21. Difference between Exchange 2000 Enterprise Edt and Standard Edt. Database Size Exchange 2000 Enterprise Edt. Database size is limited only by hardware (with a maximum size of 16 terabytes). Exchange 2000 Standard Edt. Maximum 16-gigabyte (GB) database limit per database.

Note Individual database size is the combined size of the .edb file and the .stm file for that database.

Storage Groups Information Stores Cluster Front End X.400 Connectors

4 Storage Groups can be created. Up to 5 Information Stores.

4 Storage Groups can be created. One mailbox store database and one public folder store database that can be accessed by using MAPI and Outlook Web Access Exchange clustering is not supported. Exchange front-end server configuration is not supported. X.400 connector is not supported.

Exchange 2000 Enterprise Server can be clustered on the Microsoft Cluster Server Service. Exchange 2000 Enterprise Server can be implemented as a front end server for front end/back end configuration. The X.400 Connector is included.

22. Features in Exchange 2003 compare to Exchange 2000

Some features that are new in Exchange 2003 are:

Volume Shadow Copy Service for Database Backups/Recovery Mailbox Recovery Center Recovery Storage Group Front-end and back-end Kerberos authentication Distribution lists are restricted to authenticated users Real-time Safe and Block lists Inbound recipient filtering Attachment blocking in Microsoft Office Outlook Web Access HTTP access from Outlook 2003 cHTML browser support (i-Mode phones) xHTML (Wireless Application Protocol [WAP] 2.0) browser support Queues are centralized on a per-server basis Move log files and queue data using Exchange System Manager Multiple Mailbox Move tool Dynamic distribution lists 1,700 Exchange-specific events using Microsoft Operations Manager (requires Microsoft Operations Manager) Deployment and migration tools

23. Difference between Exchange 2003 Standard and Enterprise Edition ?

Standard Edition

16 GB database limit One mailbox store One public folder store NEW: Server can act as a front-end (post-Beta 2)

Enterprise Edition

Clustering Up to 20 databases per server X.400 Connectors

Both Editions support features such as:

Database snapshot OMA and ActiveSync AirMAPI Recovery Storage Group Exchange Management Pack for MOM Note: It is not possible to in-place upgrade Exchange 2000 Enterprise Edition to Exchange 2003 Standard Edition.

24. Difference between a Daemon and a Server A 'daemon' is a software process that runs in the background (continuously) and provides the service to client upon request. For example named is a daemon. When requested it will provide DNS service. Other examples are:

xinetd (it is a super-daemon, it is responsible for invoking other Internet servers when they are needed) inetd (same as xinetd, but with limited configuration options) sendmail/postfix (to send/route email) Apache/httpd (web server)

Following simple example illustrate relationship between client and daemon.

CLIENT -> Daemon Browser <- Apache web server

Running one daemon for each of the services could significantly increase the load. However if you are running big site (with many user) it is advisable to use dedicated daemon. For example web server or MySQL database server. A 'server process' run runs one time, when called by a daemon. Once done it will stop. For example telnetd (in.telnetd) or ftpd called from xinetd/inetd daemon . By calling server process from daemon you can save the load and memory. Use a server process for small services such as ftpd, telnetd
CLIENT -> Daemon ftp -> xinetd ftp <- ftpd quit -> Calls server process -> Calls ftpd -> xinetd stops ftpd

MTA :- A mail transfer agent or MTA (also called a mail transport agent, mail server, or a mail exchange server in the context of the Domain Name System) is a computer program or software agent that transfers electronic mail messages from one computer to another.

MUA :- An e-mail client, also called a mail user agent (MUA), is a computer program that is used to read and send e-mail. MSA :- A mail submission agent or MSA is a computer program or software agent which receives electronic mail messages from a mail user agent (MUA) and contacts an mail transfer agent (MTA) for delivery of the mail. Many MTAs act as an MSA as well, but there are also programs that are specially designed as MSAs without full MTA functionality. RFC2476 recommended port for MSA is 587. MDA :- A Mail Delivery Agent (MDA) is software that accepts incoming e-mail messages and distributes them to recipients' individual mailboxes (if the destination account is on the local machine), or forwards back to an SMTP server (if the destination is on a remote server). A mail delivery agent is not necessarily a mail transfer agent (MTA), although on many systems the two functions are implemented by the same program.
What is the Difference between WINS and DNS ?

Firstly, DNS refers to 'Domain Name Server,' while WINS refers to 'Windows Internet Name Service' both are used to resolve names, but in a very different way! To help explain, I'm going to use an example that will ensure you get the right picture on each of these services. Consider a file server by the name 'Jupiter,' and the following two commands: Ping Jupiter.space.net Net use * \jupiter mainshare The two above commands should look familiar. The first one simply sends a ping (icmp echo) packet to our file server, ensuring it's alive, while the second command calls the same server (Jupiter) in order to connect to a shared folder named 'mainshare.' While both commands are referring to the same name (Jupiter), the difference between them is important. Ping here uses DNS to resolve Jupiter.space.net to an IP address, e.g 204.45.12.1, while the 'net use' command make use of WINS to resolve the NetBIOS name 'Jupiter' to an IP address. So you might be wondering why are there two different services essentially performing the same job? The answer is that each of these services relies on different protocols they simply work in a very different way. WINS is an essential part of the Microsoft networking topology. In the older days, you were required to run a WINS server in order to avoid name resolution problems within a

Windows network. The NetBIOS (Windows machine names) protocol back then would only work on the NetBEUI transport protocol. If you ever ran Windows 95, you'd remember the NetBEUI protocol was always present in your networking properties, where as TCP/IP was optional. Today, DNS has replaced WINS, since Microsoft made changes to NetBIOS, allowing it to use the TCP/IP stack to perform its job (NetBIOS over TCP/IP) and most DNS servers are able to handle NetBIOS requests. This is why WINS servers are becoming lesser day by day. In short, DNS maps TCP/IP host names to IP addresses and WINS maps NetBIOS host names to IP addresses. What is SOA (Start of Authority)?
The Domain Name System or DNS is a system that stores information about hostnames and domain names in a kind of distributed database on networks, such as the Internet. Most importantly, it provides a physical location (IP address) for each hostname, and lists the mail exchange servers accepting e-mail for each domain. What is PTR ? PTR-records are used to map IP addresses to domain names (reverse of A-records). The name of a PTR-record is the IP address with the segments reversed and with "in-addr.arpa" appended to the end. As an example, looking up the domain name for IP address "12.23.34.45" is done with a query for the PTR-record for "45.34.23.12.in-addr.arpa" For more information see the section on Reverse Zone / "in-addr.arpa". To create a PTR-record use one of the following options: The Reverse Zone Wizard. The "Update Reverse Zone" check box in the Record Properties dialog for an A-record. Right-click a reverse zone in the DNS Records window, and select "New Pointer (PTR-record)" from the pop-up menu. What is Stub Zones?

Enter stub zones to the rescue. A stub zone is like a secondary zone in that it obtains its resource records from other name servers (one or more master name servers). A stub zone is also read-only like a secondary zone, so administrators can't manually add, remove, or modify resource records on it. But the differences end here, as stub zones are quite different from secondary zones in a couple of significant ways.

First, while secondary zones contain copies of all the resource records in the corresponding zone on the master name server, stub zones contain only three kinds of resource records:

A copy of the SOA record for the zone. Copies of NS records for all name servers authoritative for the zone. Copies of A records for all name servers authoritative for the zone.