1. What are the types of backup? Explain each?

Description

Pros

Cons

full backup

A complete set of all

files you wish to back
up. Think of this as your
'reference set'. You only
need perform a full
backup occasionally.

Provides a complete
copy of all your data;
makes it easy to locate
files which need
restoring.

Takes a long time and

the most space on
backup media;
redundant backups
created, as most files
remain static.

incremental
backup

A backup of those files

which have changed
since the last backup of
any type.

Uses the lease time and

space as only those files
changed since the last
backup are copied; lets
you back up multiple
versions of the same
file.

Makes the job of

restoring files fiddly, as
you have to reinstall the
last full backup first,
then all subsequent
incremental backups in
the correct order; also
makes it hard to locate a
particular file in the
backup set.

differential
backup

A backup of those files

which have changes
since the last full
backup. Should be
performed at regular
intervals.

Takes up less time and

space than a full backup;
provides for more
efficient restoration
than incremental
backups.

Redundant information
stored, because each
backup stores much of
the same information
plus the latest
information added or
created since the last
full backup. Subsequent
differential backups take
longer and longer as
more files are changed.

Backup Type

What are Levels of RAID 0, 1, 5? Which one is better & why?

2. What are FMSO Roles? List them.
The 5 FSMO server roles:
Schema Master

Forest Level

One per forest

Domain Naming Master

Forest Level

One per forest

PDC Emulator

Domain Level

One per domain

RID Master

Domain Level

One per domain

Infrastructure Master

Domain Level

One per domain

1. Schema Master (Forest level)

The schema master FSMO role holder is the Domain Controller responsible for performing
updates to the active directory schema. It contains the only writable copy of the AD schema.

This DC is the only one that can process updates to the directory schema, and once the schema
update is complete, it is replicated from the schema master to all other DCs in the forest. There
is only one schema master in the forest.
2. Domain Naming Master (Forest level)
The domain naming master FSMO role holder is the DC responsible for making changes to the
forest-wide domain name space of the directory. This DC is the only one that can add or remove
a domain from the directory, and that is it's major purpose. It can also add or remove cross
references to domains in external directories. There is only one domain naming master in the
active directory or forest.
3. PDC Emulator (Domain level)
In a Windows 2000 domain, the PDC emulator server role performs the following functions:
Password changes performed by other DCs in the domain are replicated preferentially to the
PDC emulator first.
Authentication failures that occur at a given DC in a domain because of an incorrect password
are forwarded to the PDC emulator for validation before a bad password failure message is
reported to the user.
Account lockout is processed on the PDC emulator.
Time synchronization for the domain.
Group Policy changes are preferentially written to the PDC emulator.
Additionally, if your domain is a mixed mode domain that contains Windows NT 4 BDCs, then the
Windows 2000 domain controller, that is the PDC emulator, acts as a Windows NT 4 PDC to the
BDCs.
There is only one PDC emulator per domain.
Note: Some consider the PDC emulator to only be relevant in a mixed mode domain. This is not
true. Even after you have changed your domain to native mode (no more NT 4 domain
controllers), the PDC emulator is still necessary for the reasons above.
4. RID Master (Domain level)
The RID master FSMO role holder is the single DC responsible for processing RID Pool requests
from all DCs within a given domain. It is also responsible for removing an object from its domain
and putting it in another domain during an object move.
When a DC creates a security principal object such as a user, group or computer account, it
attaches a unique Security ID (SID) to the object. This SID consists of a domain SID (the same
for all SIDs created in a domain), and a relative ID (RID) that makes the object unique in a
domain.
Each Windows 2000 DC in a domain is allocated a pool of RIDs that it assigns to the security
principals it creates. When a DC's allocated RID pool falls below a threshold, that DC issues a
request for additional RIDs to the domain's RID master. The domain RID master responds to the
request by retrieving RIDs from the domain's unallocated RID pool and assigns them to the pool
of the requesting DC.
There is one RID master per domain in a directory.
5. Infrastructure Master (Domain level)
The DC that holds the Infrastructure Master FSMO role is responsible for cross domain updates
and lookups. When an object in one domain is referenced by another object in another domain,
it represents the reference by the GUID, the SID (for references to security principals), and the
distinguished name (DN) of the object being referenced. The Infrastructure role holder is the DC
responsible for updating an object's SID and distinguished name in a cross-domain object
reference.
When a user in DomainA is added to a group in DomainB, then the Infrastructure master is
involved. Likewise, if that user in DomainA, who has been added to a group in DomainB, then
changes his username in DomainA, the Infrastructure master must update the group
membership(s) in DomainB with the name change.
There is only one Infrastructure master per domain.

Note: The Infrastructure Master (IM) role should be held by a domain

controller that is not a Global Catalog server (GC). If the Infrastructure
Master runs on a Global Catalog server it will stop updating object
information because it does not contain any references to objects that it does
not hold. This is because a Global Catalog server holds a partial replica of
every object in the forest. As a result, cross-domain object references in that
domain will not be updated and a warning to that effect will be logged on
that DC's event log. If all the domain controllers in a domain also host the
global catalog, all the domain controllers have the current data, and it is not
important which domain controller holds the infrastructure master role.
3. Describe the lease process of the DHCP server.

DHCP leases are used to reduce DHCP network traffic by giving clients specific
addresses for set periods of time. The DHCP process stages can be
remembered using the DORA acronym:
1. Discover - A broadcast is sent by the client with the client MAC address.
This is a DHCP discover message with source IP address of 0.0.0.0 and
destination address of 255.255.255.255. The client tries to get its last
address. If it is not available, the DHCP server will send a NACK signal.
The client state is initialization during the request stage.
2. Offer - A DHCP offer message is sent from the DHCP server with some or
all the optional information as listed above. Information sent includes the
IP address of the DHCP server that sent the accepted offer. All offered IP
addresses are marked unavailable by the DHCP server when the DHCP
server offers them until they are rejected. The client is in the selecting
state during this offer stage.
3. Request - The first offer received by the client is accepted. The client
broadcasts its selected choice using a DHCP request message which
includes the IP address of the DNS server that sent the accepted offer.
The client is in the requesting state during this selection stage.
4. Accept- The server acknowledges with a DHCP acknowledge indicating
the client can use the address or it will send a DHCP Nak instructing the
client that the address became unavailable. Other DHCP servers retract
their offers and mark the offered address as available and the accepted
address as unavailable. Any offered IP addresses not selected are freed to
be used again. The client state is the binding state during this
acknowledgement stage.
When the client sends the lease request, it then waits one second for an offer. If
a response is not received, the request is repeated at 9, 13, and 16 second
intervals with additional 0 to 1000 milliseconds of randomness. The attempt is
repeated every 5 minutes thereafter. The client uses port 67 and the server uses
port 68.

Client systems that are Windows 98 or later attempt to tell if another client is
already using the address received from the DHCP server by pinging the
address. The DHCP server can be configured to pretest addresses by pinging
them, but this will increase overhead and slow server response time.
FTP, NNTP, SMTP, KERBEROS, DNS, DHCP, POP3 port numbers?
21,143,52, Kerberos 5 (88) & Kerberos 4 (750), 53, 67, 110
4. What is Kerberos? Which version is currently used by Windows? How does Kerberos work?
Kerberos is an Internet Engineering Task Force (IETF) standard for providing authentication.
Kerberos works by having a central server grant a "ticket" honoured by all networked nodes
running Kerberos.Version 5
Microsoft Exchange Server interview questions
Distribution List?
5. GAL, Routing Group, Stm files, Eseutil & ininteg - what are they used for?
Its the Streaming Media files, the STM and EDB file together make up your
Mailbox Store. All mail that is received via MAPI is stored in the EDB and all other mail
is stored in the STM file.
ESEUTIL is a tool to defragment your exchange databases offline, to check their integrity and to repair a
damaged/lost database.
ISINTEG is used to do some tests on your information store and to fix some detected errors and problems.
ISINTEG is the only repair utility that understands the Exchange database as an Exchange database.
6. What is MIME & MAPI?
Short for Multipurpose Internet Mail Extensions, a specification for formatting non-ASCII messages so that
they can be sent over the Internet.
Short for Messaging Application Programming Interface, a system built into Microsoft Windows that
enables different e-mail applications to work together to distribute mail. As long as both applications are
MAPI-enabled, they can share mail messages with each other.
7. List the services of Exchange Server 2000?
Microsoft Exchange Information Store
Microsoft Exchange MTA Stack
Microsoft Exchange POP3
Microsoft Exchange IMAP4
Microsoft Exchange Routing Engine
Microsoft Exchange System Attendant
8. What is Global Catalog
The global catalog contains a partial replica of every Windows 2000 domain in the directory. The
GC lets users and applications find objects in an Active Directory domain tree given one or more
attributes of the target object. It also contains the schema and configuration of directory partitions.
This means the global catalog holds a replica of every object in the Active Directory, but with only
a small number of their attributes.
The global catalog is a distributed data repository that contains a searchable, partial
representation of every object in every domain in a multidomain Active Directory forest
9. Replication

Bandwidth usage and consumption is an ongoing issue in network environments. As network

environments have become more complex and distributed, the need to control traffic over WAN
links has become more and more important, and a typical concern with an Active Directory
implementation is the way AD will handle replication between sites.
Replication is the process of sending update information between domain controllers. Because
every domain controller in the Active Directory environment holds a copy of the Active Directory
database, each domain controller must be updated when a change occurs. For example, if you
change a user's password, that password change must be replicated to all other domain
controllers to ensure that the database is accurate on all other domain controllers. Without
replication, the Active Directory would quickly become a collection of useless, inaccurate data.
The Active Directory does a good job with replication data because changes made to the Active
Directory are replicated on an attribute level. In the Active Directory, objects are made of
attributes, or descriptors of that object. For example, a user account may have attributes such as
user name, password, email address, phone number, and so on. When a change is made to an
object, only the changed attribute must be replicatednot the entire object. For example, let's say
you change a user's password. The only item that must be replicated to across the environment is
the password attribute for that objectnot the entire user account. So, the Active Directory is
thrifty in terms of bandwidth usage because attribute replication converses as much bandwidth as
possible.
The Active Directory provides two methods of replication within the Active Directory environment:
intrasite replication and intersite replication. Intrasite replication is replication within an Active
Directory site. The Active Directory uses sites to determine which IP subnets are considered
"well-connected" in your environment. By your site definition, the Active Directory assumes that
the IP subnets within a site are well connected and that bandwidth is considered freely available
and inexpensive. Using this assumption, the Active Directory automatically configures connection
objects between domain controllers within the site so that replication between domain controllers
occurs frequently and without a schedule. As an administrator, there is nothing you must
configure or manage with intrasite replicationthe Active Directory takes care of it without your
intervention.
Intersite replication, on the other hand, is a more difficult animal to configure. You help the Active
Directory understand what WAN connections are available between your sites and how the Active
Directory should manage data. The process of managing replication between sites is a lot like
walking a balancing beamyou have to balance what you want in terms of replication with what
your WAN links can physically manage. Without a doubt, the more replication that occurs
between sites, the more accurate the database will be all of the time. In most environments,
however, constant replication over WAN links is not a practical solution. Therefore, most
administrators are faced with a trade-off between data accuracy and time. In Active Directory
terms, the time required to replicate data from domain controller to domain controller and site to
site is called latency. As an administrator, the trick is to find the best replication balance to
manage traffic between sites while keeping database data as accurate as possiblein other
words, you want to reduce latency as much as possible.
Intersite replication is based on site links. Sites are connected by some kind of WAN
communication link. This may be something as grand as a T3 link, or as small as a VPN or
modem connection. Depending on how your sites are connected, you configure site links in the
Active Directory. These site links define the WAN connections that are between your sites. After
the Active Director understands how your sites are linked together, you can then begin to
implement control features that can help you find the balance between accurate data and latency
that is right for your organization. Unfortunately, there are no hard and fast rulesthe Active
Directory is flexible enough to allow you to find the balance that is right for your needs. So, you

need to understand the concepts and then spend some time experimenting to find the balance
that is right for you.

Cost. Your initial management task is to assign a cost to each site link. The cost of each
site link is based on an arbitrary number that you assign to it. The Active Directory uses
this cost to determine which site links have precedent over other site links. Lower-cost
site links are favored over higher-cost site links. For example, let's say I have a Boston
site and a Houston site. I have a T1 WAN connection between the two sites, but I also
have a backup VPN connection. For replication, I want to make certain that replication
always occurs over the T1 link, unless the link is down. If the link is down, the VPN link
can be used. So, in terms of cost, I might give the T1 site link a cost of 10, whereas the
VPN link might have a cost of 50. Using these numbers, the Active Directory always uses
the lowest-cost link over the higher-cost link. With the cost assignment, I can rest assured
that my best WAN connection between the two sites will always be utilized first.
Schedule. Your next management tactic is to use schedules carefully and wisely. In
intrasite replication, replication occurs frequently and without a schedule. In intersite
replication, you can use a schedule to determine how often replication can occur. The
idea is to provide a schedule that allows replication to occur as frequently as possible, but
does not use too much bandwidth during peak network hours. For example, if you know
that your environment uses a lot of intersite bandwidth between the work hours of 10:00
a.m. and 2:00 p.m., you might create a schedule that restricts replication during those
hours. How you schedule replication is entirely up to you, but once again, you'll want to
find that fine balance between data accuracy and latency that is acceptable for your
network.
Servers. For best replication performance, you should have at least one global catalog
server in each site. In reality, the global catalog server may increase replication traffic, but
it decreases user traffic over the WAN link, which leaves more room for replication. Also,
consider placing a DNS server in each site, and make sure that the site clients connect to
that DNS server for service, which will help reduce DNS traffic over the WAN link.

As you might imagine, one of the best things you can do to manage site replication traffic is to sit
down with a pencil and paper and carefully plan your Active Directory infrastructure. Careful
planning and the application of site configuration knowledge on your part will help you develop
sites and replication plans that will meet the needs of your network and give you the best
replication speed possible.
10. Key Components of Exchange 2003
Key components of Exchange
1. System attendant: Address generation & Creation of new ID's.
2. MTA: For Actual for transfer of mails
3. Information Store: Mailboxes
4. Routing Engine: takes routing decision.
5.
11. What is Receipent update Service?
The Recipient Update Service (RUS) is a very important component in your Exchange installation, it
is RUS that is responsible for updating address lists and email addresses in your Active Directory.

12. What are the required components of Windows Server 2003 for installing
Exchange 2003?

ASP.NET, SMTP, NNTP, W3SVC

13. What must be done to an AD forest before Exchange can be deployed?
Setup /forestprep
14. What Exchange process is responsible for communication with AD?
DSACCESS
15. What connector type would you use to connect to the Internet, and what are the
two methods of sending mail over that connector?
SMTP Connector: Forward to smart host or use DNS to route to each address
16. How would you optimise Exchange 2003 memory usage on a Windows Server
2003 server with more than 1Gb of memory?
Add /3Gb switch to boot.ini
17. What are the standard port numbers for SMTP, POP3, IMAP4, RPC, LDAP and
Global Catalog?
SMTP 25, POP3 110, IMAP4 143, RPC 135, LDAP 389, Global Catalog 3268
18. Name the process names for the following: System Attendant?
MAD.EXE, Information Store STORE.EXE, SMTP/POP/IMAP/OWA
INETINFO.EXE
19. What is the maximum amount of databases that can be hosted on Exchange 2003
Enterprise?
20 databases. 4 SGs x 5 DBs
20. What are the disadvantages of circular logging?
In the event of a corrupt database, data can only be restored to the last backup
21. Difference between Exchange 2000 Enterprise Edt and Standard Edt.
Exchange 2000 Enterprise Edt.
Database
Size

Database size is limited only by

hardware (with a maximum size of 16

Exchange 2000 Standard Edt.

Maximum 16-gigabyte (GB) database
limit per database.

terabytes).

Note Individual database size is the

combined size of the .edb file and the .stm
file for that database.

Storage
Groups

4 Storage Groups can be created.

4 Storage Groups can be created.

Information
Stores

Up to 5 Information Stores.

One mailbox store database and one

public folder store database that can
be accessed by using MAPI and
Outlook Web Access

Cluster

Exchange 2000 Enterprise Server can

be clustered on the Microsoft Cluster
Server Service.

Exchange clustering is not supported.

Front End

Exchange 2000 Enterprise Server can

be implemented as a front end server
for front end/back end configuration.

Exchange front-end server

configuration is not supported.

X.400
Connectors

The X.400 Connector is included.

X.400 connector is not supported.

22. Features in Exchange 2003 compare to Exchange 2000

Some features that are new in Exchange 2003 are:
Volume Shadow Copy Service for Database Backups/Recovery
Mailbox Recovery Center
Recovery Storage Group
Front-end and back-end Kerberos authentication
Distribution lists are restricted to authenticated users
Real-time Safe and Block lists
Inbound recipient filtering
Attachment blocking in Microsoft Office Outlook Web Access
HTTP access from Outlook 2003
cHTML browser support (i-Mode phones)
xHTML (Wireless Application Protocol [WAP] 2.0) browser support
Queues are centralized on a per-server basis
Move log files and queue data using Exchange System Manager
Multiple Mailbox Move tool
Dynamic distribution lists
1,700 Exchange-specific events using Microsoft Operations Manager (requires Microsoft
Operations Manager)

Deployment and migration tools

23. Difference between Exchange 2003 Standard and Enterprise Edition ?

Standard Edition
16 GB database limit
One mailbox store
One public folder store
NEW: Server can act as a front-end (post-Beta 2)

Enterprise Edition
Clustering
Up to 20 databases per server
X.400 Connectors

Both Editions support features such as:

Database snapshot
OMA and ActiveSync
AirMAPI
Recovery Storage Group
Exchange Management Pack for MOM
Note: It is not possible to in-place upgrade Exchange 2000 Enterprise Edition to Exchange
2003 Standard Edition.

24. Difference between a Daemon and a Server

A 'daemon' is a software process that runs in the background (continuously) and provides
the service to client upon request. For example named is a daemon. When requested it
will provide DNS service. Other examples are:
xinetd (it is a super-daemon, it is responsible for invoking other Internet servers
when they are needed)
inetd (same as xinetd, but with limited configuration options)
sendmail/postfix (to send/route email)
Apache/httpd (web server)
Following simple example illustrate relationship between client and daemon.
CLIENT -> Daemon
Browser <- Apache web server

Running one daemon for each of the services could significantly increase the load.
However if you are running big site (with many user) it is advisable to use dedicated
daemon. For example web server or MySQL database server.
A 'server process' run runs one time, when called by a daemon. Once done it will stop.
For example telnetd (in.telnetd) or ftpd called from xinetd/inetd daemon . By calling
server process from daemon you can save the load and memory. Use a server process for
small services such as ftpd, telnetd
CLIENT -> Daemon
ftp
-> xinetd
ftp
<- ftpd
quit

-> Calls server process

-> Calls ftpd
-> xinetd stops ftpd

MTA :- A mail transfer agent or MTA (also called a mail transport agent, mail server, or a
mail exchange server in the context of the Domain Name System) is a computer program
or software agent that transfers electronic mail messages from one computer to another.
MUA :- An e-mail client, also called a mail user agent (MUA), is a computer program
that is used to read and send e-mail.
MSA :- A mail submission agent or MSA is a computer program or software agent which
receives electronic mail messages from a mail user agent (MUA) and contacts an mail
transfer agent (MTA) for delivery of the mail.
Many MTAs act as an MSA as well, but there are also programs that are specially
designed as MSAs without full MTA functionality.
RFC2476 recommended port for MSA is 587.
MDA :- A Mail Delivery Agent (MDA) is software that accepts incoming e-mail
messages and distributes them to recipients' individual mailboxes (if the destination
account is on the local machine), or forwards back to an SMTP server (if the destination
is on a remote server).
A mail delivery agent is not necessarily a mail transfer agent (MTA), although on many
systems the two functions are implemented by the same program.
What is the Difference between WINS and DNS ?

Firstly, DNS refers to 'Domain Name Server,' while WINS refers to 'Windows Internet
Name Service' both are used to resolve names, but in a very different way!
To help explain, I'm going to use an example that will ensure you get the right picture on
each of these services.
Consider a file server by the name 'Jupiter,' and the following two commands:
Ping Jupiter.space.net
Net use * \jupiter mainshare
The two above commands should look familiar. The first one simply sends a ping (icmp
echo) packet to our file server, ensuring it's alive, while the second command calls the
same server (Jupiter) in order to connect to a shared folder named 'mainshare.'
While both commands are referring to the same name (Jupiter), the difference between
them is important.
Ping here uses DNS to resolve Jupiter.space.net to an IP address, e.g 204.45.12.1, while
the 'net use' command make use of WINS to resolve the NetBIOS name 'Jupiter' to an IP
address.
So you might be wondering why are there two different services essentially performing
the same job?

The answer is that each of these services relies on different protocols they simply work
in a very different way.
WINS is an essential part of the Microsoft networking topology. In the older days, you
were required to run a WINS server in order to avoid name resolution problems within a
Windows network. The NetBIOS (Windows machine names) protocol back then would
only work on the NetBEUI transport protocol. If you ever ran Windows 95, you'd
remember the NetBEUI protocol was always present in your networking properties,
where as TCP/IP was optional.
Today, DNS has replaced WINS, since Microsoft made changes to NetBIOS, allowing it
to use the TCP/IP stack to perform its job (NetBIOS over TCP/IP) and most DNS servers
are able to handle NetBIOS requests. This is why WINS servers are becoming lesser day
by day.
In short, DNS maps TCP/IP host names to IP addresses and WINS maps NetBIOS host
names to IP addresses.
What is SOA (Start of Authority)?
The Domain Name System or DNS is a system that stores information about hostnames and
domain names in a kind of distributed database on networks, such as the Internet. Most
importantly, it provides a physical location (IP address) for each hostname, and lists the mail
exchange servers accepting e-mail for each domain.
What is PTR ?
PTR-records are used to map IP addresses to domain names (reverse of A-records).
The name of a PTR-record is the IP address with the segments reversed and with "in-addr.arpa"
appended to the end.
As an example, looking up the domain name for IP address "12.23.34.45" is done with a query for
the PTR-record for "45.34.23.12.in-addr.arpa"
For more information see the section on Reverse Zone / "in-addr.arpa".
To create a PTR-record use one of the following options:
The Reverse Zone Wizard.
The "Update Reverse Zone" check box in the Record Properties dialog for an A-record.
Right-click a reverse zone in the DNS Records window, and select "New Pointer (PTR-record)"
from the pop-up menu.
What is Stub Zones?

Enter stub zones to the rescue. A stub zone is like a secondary zone in that it obtains its
resource records from other name servers (one or more master name servers). A stub zone
is also read-only like a secondary zone, so administrators can't manually add, remove, or

modify resource records on it. But the differences end here, as stub zones are quite
different from secondary zones in a couple of significant ways.
First, while secondary zones contain copies of all the resource records in the
corresponding zone on the master name server, stub zones contain only three kinds of
resource records:

A copy of the SOA record for the zone.

Copies of NS records for all name servers authoritative for the zone.
Copies of A records for all name servers authoritative for the zone.