Professional Documents
Culture Documents
What Are The Types of Backup? Explain Each?
What Are The Types of Backup? Explain Each?
Description
Pros
Cons
full backup
Provides a complete
copy of all your data;
makes it easy to locate
files which need
restoring.
incremental
backup
differential
backup
Redundant information
stored, because each
backup stores much of
the same information
plus the latest
information added or
created since the last
full backup. Subsequent
differential backups take
longer and longer as
more files are changed.
Backup Type
Forest Level
Forest Level
PDC Emulator
Domain Level
RID Master
Domain Level
Infrastructure Master
Domain Level
This DC is the only one that can process updates to the directory schema, and once the schema
update is complete, it is replicated from the schema master to all other DCs in the forest. There
is only one schema master in the forest.
2. Domain Naming Master (Forest level)
The domain naming master FSMO role holder is the DC responsible for making changes to the
forest-wide domain name space of the directory. This DC is the only one that can add or remove
a domain from the directory, and that is it's major purpose. It can also add or remove cross
references to domains in external directories. There is only one domain naming master in the
active directory or forest.
3. PDC Emulator (Domain level)
In a Windows 2000 domain, the PDC emulator server role performs the following functions:
Password changes performed by other DCs in the domain are replicated preferentially to the
PDC emulator first.
Authentication failures that occur at a given DC in a domain because of an incorrect password
are forwarded to the PDC emulator for validation before a bad password failure message is
reported to the user.
Account lockout is processed on the PDC emulator.
Time synchronization for the domain.
Group Policy changes are preferentially written to the PDC emulator.
Additionally, if your domain is a mixed mode domain that contains Windows NT 4 BDCs, then the
Windows 2000 domain controller, that is the PDC emulator, acts as a Windows NT 4 PDC to the
BDCs.
There is only one PDC emulator per domain.
Note: Some consider the PDC emulator to only be relevant in a mixed mode domain. This is not
true. Even after you have changed your domain to native mode (no more NT 4 domain
controllers), the PDC emulator is still necessary for the reasons above.
4. RID Master (Domain level)
The RID master FSMO role holder is the single DC responsible for processing RID Pool requests
from all DCs within a given domain. It is also responsible for removing an object from its domain
and putting it in another domain during an object move.
When a DC creates a security principal object such as a user, group or computer account, it
attaches a unique Security ID (SID) to the object. This SID consists of a domain SID (the same
for all SIDs created in a domain), and a relative ID (RID) that makes the object unique in a
domain.
Each Windows 2000 DC in a domain is allocated a pool of RIDs that it assigns to the security
principals it creates. When a DC's allocated RID pool falls below a threshold, that DC issues a
request for additional RIDs to the domain's RID master. The domain RID master responds to the
request by retrieving RIDs from the domain's unallocated RID pool and assigns them to the pool
of the requesting DC.
There is one RID master per domain in a directory.
5. Infrastructure Master (Domain level)
The DC that holds the Infrastructure Master FSMO role is responsible for cross domain updates
and lookups. When an object in one domain is referenced by another object in another domain,
it represents the reference by the GUID, the SID (for references to security principals), and the
distinguished name (DN) of the object being referenced. The Infrastructure role holder is the DC
responsible for updating an object's SID and distinguished name in a cross-domain object
reference.
When a user in DomainA is added to a group in DomainB, then the Infrastructure master is
involved. Likewise, if that user in DomainA, who has been added to a group in DomainB, then
changes his username in DomainA, the Infrastructure master must update the group
membership(s) in DomainB with the name change.
There is only one Infrastructure master per domain.
DHCP leases are used to reduce DHCP network traffic by giving clients specific
addresses for set periods of time. The DHCP process stages can be
remembered using the DORA acronym:
1. Discover - A broadcast is sent by the client with the client MAC address.
This is a DHCP discover message with source IP address of 0.0.0.0 and
destination address of 255.255.255.255. The client tries to get its last
address. If it is not available, the DHCP server will send a NACK signal.
The client state is initialization during the request stage.
2. Offer - A DHCP offer message is sent from the DHCP server with some or
all the optional information as listed above. Information sent includes the
IP address of the DHCP server that sent the accepted offer. All offered IP
addresses are marked unavailable by the DHCP server when the DHCP
server offers them until they are rejected. The client is in the selecting
state during this offer stage.
3. Request - The first offer received by the client is accepted. The client
broadcasts its selected choice using a DHCP request message which
includes the IP address of the DNS server that sent the accepted offer.
The client is in the requesting state during this selection stage.
4. Accept- The server acknowledges with a DHCP acknowledge indicating
the client can use the address or it will send a DHCP Nak instructing the
client that the address became unavailable. Other DHCP servers retract
their offers and mark the offered address as available and the accepted
address as unavailable. Any offered IP addresses not selected are freed to
be used again. The client state is the binding state during this
acknowledgement stage.
When the client sends the lease request, it then waits one second for an offer. If
a response is not received, the request is repeated at 9, 13, and 16 second
intervals with additional 0 to 1000 milliseconds of randomness. The attempt is
repeated every 5 minutes thereafter. The client uses port 67 and the server uses
port 68.
Client systems that are Windows 98 or later attempt to tell if another client is
already using the address received from the DHCP server by pinging the
address. The DHCP server can be configured to pretest addresses by pinging
them, but this will increase overhead and slow server response time.
FTP, NNTP, SMTP, KERBEROS, DNS, DHCP, POP3 port numbers?
21,143,52, Kerberos 5 (88) & Kerberos 4 (750), 53, 67, 110
4. What is Kerberos? Which version is currently used by Windows? How does Kerberos work?
Kerberos is an Internet Engineering Task Force (IETF) standard for providing authentication.
Kerberos works by having a central server grant a "ticket" honoured by all networked nodes
running Kerberos.Version 5
Microsoft Exchange Server interview questions
Distribution List?
5. GAL, Routing Group, Stm files, Eseutil & ininteg - what are they used for?
Its the Streaming Media files, the STM and EDB file together make up your
Mailbox Store. All mail that is received via MAPI is stored in the EDB and all other mail
is stored in the STM file.
ESEUTIL is a tool to defragment your exchange databases offline, to check their integrity and to repair a
damaged/lost database.
ISINTEG is used to do some tests on your information store and to fix some detected errors and problems.
ISINTEG is the only repair utility that understands the Exchange database as an Exchange database.
6. What is MIME & MAPI?
Short for Multipurpose Internet Mail Extensions, a specification for formatting non-ASCII messages so that
they can be sent over the Internet.
Short for Messaging Application Programming Interface, a system built into Microsoft Windows that
enables different e-mail applications to work together to distribute mail. As long as both applications are
MAPI-enabled, they can share mail messages with each other.
7. List the services of Exchange Server 2000?
Microsoft Exchange Information Store
Microsoft Exchange MTA Stack
Microsoft Exchange POP3
Microsoft Exchange IMAP4
Microsoft Exchange Routing Engine
Microsoft Exchange System Attendant
8. What is Global Catalog
The global catalog contains a partial replica of every Windows 2000 domain in the directory. The
GC lets users and applications find objects in an Active Directory domain tree given one or more
attributes of the target object. It also contains the schema and configuration of directory partitions.
This means the global catalog holds a replica of every object in the Active Directory, but with only
a small number of their attributes.
The global catalog is a distributed data repository that contains a searchable, partial
representation of every object in every domain in a multidomain Active Directory forest
9. Replication
need to understand the concepts and then spend some time experimenting to find the balance
that is right for you.
Cost. Your initial management task is to assign a cost to each site link. The cost of each
site link is based on an arbitrary number that you assign to it. The Active Directory uses
this cost to determine which site links have precedent over other site links. Lower-cost
site links are favored over higher-cost site links. For example, let's say I have a Boston
site and a Houston site. I have a T1 WAN connection between the two sites, but I also
have a backup VPN connection. For replication, I want to make certain that replication
always occurs over the T1 link, unless the link is down. If the link is down, the VPN link
can be used. So, in terms of cost, I might give the T1 site link a cost of 10, whereas the
VPN link might have a cost of 50. Using these numbers, the Active Directory always uses
the lowest-cost link over the higher-cost link. With the cost assignment, I can rest assured
that my best WAN connection between the two sites will always be utilized first.
Schedule. Your next management tactic is to use schedules carefully and wisely. In
intrasite replication, replication occurs frequently and without a schedule. In intersite
replication, you can use a schedule to determine how often replication can occur. The
idea is to provide a schedule that allows replication to occur as frequently as possible, but
does not use too much bandwidth during peak network hours. For example, if you know
that your environment uses a lot of intersite bandwidth between the work hours of 10:00
a.m. and 2:00 p.m., you might create a schedule that restricts replication during those
hours. How you schedule replication is entirely up to you, but once again, you'll want to
find that fine balance between data accuracy and latency that is acceptable for your
network.
Servers. For best replication performance, you should have at least one global catalog
server in each site. In reality, the global catalog server may increase replication traffic, but
it decreases user traffic over the WAN link, which leaves more room for replication. Also,
consider placing a DNS server in each site, and make sure that the site clients connect to
that DNS server for service, which will help reduce DNS traffic over the WAN link.
As you might imagine, one of the best things you can do to manage site replication traffic is to sit
down with a pencil and paper and carefully plan your Active Directory infrastructure. Careful
planning and the application of site configuration knowledge on your part will help you develop
sites and replication plans that will meet the needs of your network and give you the best
replication speed possible.
10. Key Components of Exchange 2003
Key components of Exchange
1. System attendant: Address generation & Creation of new ID's.
2. MTA: For Actual for transfer of mails
3. Information Store: Mailboxes
4. Routing Engine: takes routing decision.
5.
11. What is Receipent update Service?
The Recipient Update Service (RUS) is a very important component in your Exchange installation, it
is RUS that is responsible for updating address lists and email addresses in your Active Directory.
12. What are the required components of Windows Server 2003 for installing
Exchange 2003?
terabytes).
Storage
Groups
Information
Stores
Up to 5 Information Stores.
Cluster
Front End
X.400
Connectors
Standard Edition
16 GB database limit
One mailbox store
One public folder store
NEW: Server can act as a front-end (post-Beta 2)
Enterprise Edition
Clustering
Up to 20 databases per server
X.400 Connectors
Running one daemon for each of the services could significantly increase the load.
However if you are running big site (with many user) it is advisable to use dedicated
daemon. For example web server or MySQL database server.
A 'server process' run runs one time, when called by a daemon. Once done it will stop.
For example telnetd (in.telnetd) or ftpd called from xinetd/inetd daemon . By calling
server process from daemon you can save the load and memory. Use a server process for
small services such as ftpd, telnetd
CLIENT -> Daemon
ftp
-> xinetd
ftp
<- ftpd
quit
MTA :- A mail transfer agent or MTA (also called a mail transport agent, mail server, or a
mail exchange server in the context of the Domain Name System) is a computer program
or software agent that transfers electronic mail messages from one computer to another.
MUA :- An e-mail client, also called a mail user agent (MUA), is a computer program
that is used to read and send e-mail.
MSA :- A mail submission agent or MSA is a computer program or software agent which
receives electronic mail messages from a mail user agent (MUA) and contacts an mail
transfer agent (MTA) for delivery of the mail.
Many MTAs act as an MSA as well, but there are also programs that are specially
designed as MSAs without full MTA functionality.
RFC2476 recommended port for MSA is 587.
MDA :- A Mail Delivery Agent (MDA) is software that accepts incoming e-mail
messages and distributes them to recipients' individual mailboxes (if the destination
account is on the local machine), or forwards back to an SMTP server (if the destination
is on a remote server).
A mail delivery agent is not necessarily a mail transfer agent (MTA), although on many
systems the two functions are implemented by the same program.
What is the Difference between WINS and DNS ?
Firstly, DNS refers to 'Domain Name Server,' while WINS refers to 'Windows Internet
Name Service' both are used to resolve names, but in a very different way!
To help explain, I'm going to use an example that will ensure you get the right picture on
each of these services.
Consider a file server by the name 'Jupiter,' and the following two commands:
Ping Jupiter.space.net
Net use * \jupiter mainshare
The two above commands should look familiar. The first one simply sends a ping (icmp
echo) packet to our file server, ensuring it's alive, while the second command calls the
same server (Jupiter) in order to connect to a shared folder named 'mainshare.'
While both commands are referring to the same name (Jupiter), the difference between
them is important.
Ping here uses DNS to resolve Jupiter.space.net to an IP address, e.g 204.45.12.1, while
the 'net use' command make use of WINS to resolve the NetBIOS name 'Jupiter' to an IP
address.
So you might be wondering why are there two different services essentially performing
the same job?
The answer is that each of these services relies on different protocols they simply work
in a very different way.
WINS is an essential part of the Microsoft networking topology. In the older days, you
were required to run a WINS server in order to avoid name resolution problems within a
Windows network. The NetBIOS (Windows machine names) protocol back then would
only work on the NetBEUI transport protocol. If you ever ran Windows 95, you'd
remember the NetBEUI protocol was always present in your networking properties,
where as TCP/IP was optional.
Today, DNS has replaced WINS, since Microsoft made changes to NetBIOS, allowing it
to use the TCP/IP stack to perform its job (NetBIOS over TCP/IP) and most DNS servers
are able to handle NetBIOS requests. This is why WINS servers are becoming lesser day
by day.
In short, DNS maps TCP/IP host names to IP addresses and WINS maps NetBIOS host
names to IP addresses.
What is SOA (Start of Authority)?
The Domain Name System or DNS is a system that stores information about hostnames and
domain names in a kind of distributed database on networks, such as the Internet. Most
importantly, it provides a physical location (IP address) for each hostname, and lists the mail
exchange servers accepting e-mail for each domain.
What is PTR ?
PTR-records are used to map IP addresses to domain names (reverse of A-records).
The name of a PTR-record is the IP address with the segments reversed and with "in-addr.arpa"
appended to the end.
As an example, looking up the domain name for IP address "12.23.34.45" is done with a query for
the PTR-record for "45.34.23.12.in-addr.arpa"
For more information see the section on Reverse Zone / "in-addr.arpa".
To create a PTR-record use one of the following options:
The Reverse Zone Wizard.
The "Update Reverse Zone" check box in the Record Properties dialog for an A-record.
Right-click a reverse zone in the DNS Records window, and select "New Pointer (PTR-record)"
from the pop-up menu.
What is Stub Zones?
Enter stub zones to the rescue. A stub zone is like a secondary zone in that it obtains its
resource records from other name servers (one or more master name servers). A stub zone
is also read-only like a secondary zone, so administrators can't manually add, remove, or
modify resource records on it. But the differences end here, as stub zones are quite
different from secondary zones in a couple of significant ways.
First, while secondary zones contain copies of all the resource records in the
corresponding zone on the master name server, stub zones contain only three kinds of
resource records: