active directory intervie questions

7/27/2019 Active Directory Intervie Questions

1/49

Savios Suggestive & Informative Recipes from Ad CookbookInterview Questions

Q.1 Wat is te Active !irector"#

Ans$Active Directory stores information aboutresources on the network andmakes it easy for users to locate, manage and use their resources.

Q.% Were is te Active !irector" database &ocated#

Ans$ The Active Directory database is located in the

%systemroot%\NTD\NTD.D!T"

!t is based on #et database.

Q.' Wat is te Active !irector" Scema#

Ans$ $. !t is dynamically udatable. &. !t is dynamically available.

'. DA().

Q.( Wat is )!A*# Wat is te port for )!A*#

Ans$ )DA* is a method of communication in Active Directory. )DA* is adirectory service rotocol that is used to +uery and udate Active Directory.

Q.+ Wat is a tree#

Ans$A collection of domains which share a common namesace.

Q., Wat is te function of -s"stemroot/s"stem'%/dssec.dat0 fie#

Ans$To delegate the right to unlock locked user accounts to a user or grou inActive Directory, you must first make the right visible.

The %ystemroot%\ystem'&\Dssec.dat file contains filters that control the

whether a right is revealed, and can be written. en Dssec.dat in Notead

and find -ser/. 0ithin -ser/, the lockoutTime entry is listed alhabetically.

(hange the mask from 1 to 2, yielding lockoutTime32.

1


2/49

NT45 The mask values aears to be5

2 6 7ead and 0rite of roerty unfiltered

$ 6 7ead of roerty filtered

& 6 0rite of roerty filtered

1 6 8ilter out roerty.

Q. Wat are te core services in 23cange +.+# 23&p&ain te order of

starting te services#

Ans$ $. Directory service9D:5 net start mse;changeds"

&. !nformation tore9!:5 net start mse;changeis"

'. . net start mse;changees"

Q.4 Wat is te si5e of 6ransaction &og fi&e#

Ans$>


3/49

$.


4/49

Q1%. Wat is te &atest service pack for 23cange +.+ and 23cange %999#

Ans$ 4;change >.> 5 *=

4;change &222 5 *'

Q14. What is RUS? Which service is responsible for the RUS?

Ans: The Recipient Update Service(RUS) is a component in the Exchange 2000 SystemAttendant service. The RUS creates and maintains Exchange 2000-specific attri!te va"!es

in the Active #irectory.

$f yo! create a mai"ox for a !ser% the RUS is responsi"e for the a!tomatic generation of

the !ser&s Simp"e 'ai" Transfer rotoco"(S'T) address and any other proxy addresses

that yo! have defined for yo!r recipients. o*ever% in Active #irectory Users and

+omp!ters too"% the proxy addresses are not disp"ayed immediate"y eca!se a short "atency

4


5/49

period occ!rs efore the Recipient Update Service prod!ces the ne* e-mai" addresses. This

"atency occ!rs even if yo! have config!red the RUS to r!n contin!o!s"y.

After yo! insta"" Exchange 2000% t*o instances of RUS are created,

. The enterprise config!ration RUS%

2. The domain RUS

There is on"y one instance of the enterprise RUS in the organiation. /o! m!st have a RUSfor each domain that contains mai"ox-ena"ed !sers.

Each instance of the #omain RUS associates one Exchange 200 comp!ter(*here the RUS

r!ns) *ith one 1indo*s 2000 or 1indo*s 200 Server #omain contro""er(*here A# oects

are !pdated).

3n"y one RUS can e associated *ith any Active #irectory domain contro""er.

$f yo! have m!"tip"e sites% yo! can a"so add m!"tip"e instances of the RUS for each domain.

$n this scenario% an instance of the RUS is hosted on a #+ in each site% and mai"ox creation

does not depend on the inter-site rep"ication sched!"e of the A#.

$f yo! create a ne* mai"ox-ena"ed !ser% that !ser cannot "og on to their mai"ox !nti" the

RUS has generated the ne* proxy e-mai" addresses. $f yo! set the RUS to r!n on a sched!"e%that !ser may have to *ait a short period efore they can !se Exchange 200.

To !pdate addresses immediate"y% yo! can force the RUS to r!n man!a""y.

Q15. What is a recipient policy e!"ail policy an# "ailbo$ "ana%er policy?

Ans: Recipient po"icies are !sed in Exchange 200o server to a!tomatica""y contro" thegeneration of e-mai" addresses for recipient oects

The fo""o*ing are recipient oects%

. 'ai"-ena"es !sers

2. +ontacts. 4ro!ps

5. !"ic 6o"ders.

Recipient po"icies are simi"ar to the 7Site-Addressing8 feat!re in Exchange 9.9% !t are

more f"exi"e. 6or e.g. recipient po"icies a""o* yo! to create m!"tip"e addresses for a given

address type.

They provide a set of :#A-ased fi"ter r!"es. These r!"es a""o* yo! to se"ect the set of

recipients to *hich the recipient po"icy *i"" app"y.

'ai"ox manager po"icy is the po"icy in *hich the Exchange Administrator has the ai"ity to

contro" the content of !ser&s mai"ox.

Recipient po"icies are a set of config!ra"e r!"es that r!n on a sched!"e and eva"!ate a"" themessaging-ena"ed oects in yo!r Active #irectory forest. The po"icy !ses the r!"es to fi"ter

a"" of the oects and to se"ective"y app"y e-mai" addresses of specific types to those instances

that fit the predefined r!"es.

Q1&. What is e#b.ch' file (se# for?

Ans: The chec;point fi"es are !sed to ;eep a trac; of transactions that are committed to thedataase after ac;!p.

5


6/49

Q1). What is ese(til*# ese(til*p ese(til*% (se# for?

Ans, . Ese!ti" is a"so !sed for some transient storage d!ring on"ine compaction.

Q1+. ,$plain the -/0/, (tility?

Ans: $t a""o*s yo! to import and export Active #irectory content in :#$6 format.:#$6 fi"es are composed of "oc;s of entries. An entry can add% modify% or de"ete an

oect. The first "ine of an entry is the disting!ished name. The second "ine contains a

changetype% *hich can e add% modify% or de"ete. $f it is an oect addition% the rest of the

entry contains the attri!tes that sho!"d e initia""y set on the oect (one per "ine). 6or

oect de"etions% yo! do not need to specify any other attri!tes. And for oect

modifications% yo! need to specify at "east three more "ines. The first sho!"d contain the

type of modification yo! *ant to perform on the oect. This can e add (to set a

previo!s"y !nset attri!te or to add a ne* va"!e to a m!"tiva"!ed attri!te)% rep"ace (torep"ace an existing va"!e)% or de"ete (to remove a va"!e). The modification type sho!"d e

fo""o*ed y a co"on and the attri!te yo! *ant to perform the modification on. The next

"ine sho!"d contain the name of the attri!te fo""o*ed y a co"on% and the va"!e for the

attri!te. 6or examp"e% to rep"ace the "ast name attri!te *ith the va"!e Smith% yo!?d !se

the fo""o*ing :#$6

#n: cns"ithcn(sers#crallencorp#cco"chan%etype: "o#ify

replace: sn

sn: S"ith

!'odification entries m!st e fo""o*ed y a "ine that on"y contains a hyphen (-). /o! can

p!t additiona" modification actions fo""o*ing the hyphen% each separated y another

hyphen. ere is a comp"ete :#$6 examp"e that adds a smith !ser oect and then

modifies the given@ame and sn attri!tes for that oect,

#n: cns"ithcn(sers#crallencorp#cco"

chan%etype: a##

&


7/49

obectlass: (ser

sa"acco(ntna"e: s"ith

sn: 6S"ith(seracco(ntcontrol: 512

#n: cns"ithcn(sers#crallencorp#cco"chan%etype: "o#ify

a##: %iven7a"e

%iven7a"e: 6i"!

replace: sn

sn: S"ith

!

Q13. ,$plain the Anato"y of a /o"ain tr(st an# a forest in the Active /irectory?

Ans: 1. Anatomy of a #omain.

#omains are represented y #o"ain/7S obects.

)


8/49

Q14. What are the 3 78s in a forest?

Ans: . The 6orest Root #omain.

2. The +onfig!ration @+.

. The Schema @+.

Q15. What are the #ifferent partitions associate# 9ith a orest?

Ans: . onfi%(ration 7, +ontains data that is app"ica"e across a"" of thedomains and% th!s% is rep"icated to a"" domain contro""ers in the forest. Some of this

data inc"!des the site topo"ogy% "ist of partitions% p!"ished services% disp"ay specifiers%

and extended rights.

2. Sche"a 7 , +ontains the oects that descrie ho* data can e str!ct!redand stored in Active #irectory. The c"assSchema oects in the Schema @+

represent c"ass definitions for oects. The attri!teSchema oects descrie

*hat data can e stored *ith c"asses. The Schema @+ is rep"icated to a""

domain contro""ers in a forest.

. /o"ain 7, As descried ear"ier% a domain is a naming context that ho"dsdomain-specific data inc"!ding !ser% gro!p% and comp!ter oects.

5. Application partitions , +onfig!ra"e partitions that can e rooted any*herein the forest and can e rep"icated to any domain contro""er in the forest. These

are not avai"a"e *ith 1indo*s 2000.

+


9/49

Q1&. After s(ccessf(lly #e"otin% a /*re"ovin% the forest 9hich co""an#s help

#eter"ine if all entries have been re"ove#?

Ans,

netsh 9ins server ;W07SServer7a"e< sho9 na"e ;orest/7S7a"e< 1c

nsloo'(p ;/o"ainontroller/7S7a"e$3S name *i"" e sho*n in the/o"ain na"e Ipre!Win#o9s2DDDJ fie"d.

>. Using a +ommand-"ine $nterface,

. < #sB(ery K cnpartitionscnconfi%(ration;orestRoot/7< !filterLR,UR7M

INIobectcate%orycrossrefJI#nsroot;/o"ain/7S7a"e$3S name

of a domain is stored in the domain?s crossRef oect in the artitions container in the

+onfig!ration @+. Each crossRef oect has a dnsRoot attri!te% *hich is the f!""y C!a"ified

#@S name of the domain. The net>$3S@ame attri!te contains the @et>$3S name for the

domain.

Q2D. @o( 9ant to rena"e a #o"ain #(e to or%aniOational chan%es or le%al restrictions

beca(se of an acB(isition. Rena"in% a #o"ain is a very involve# process an# sho(l# be#one only 9hen absol(tely necessary. han%in% the na"e of a #o"ain can have an

i"pact on everythin% fro" /7S replication an# PFs to /S an# ertificate Services.A #o"ain rena"e also reB(ires that all #o"ain controllers an# "e"ber co"p(ters in the

#o"ain are reboote# 0s it possible in Win#o9s 2DDD?

Ans: Under 1indo*s 2000% there is no s!pported process to rename a domain. There is one*or;aro!nd for mixed-mode domains in *hich yo! revert the domain and any of its chi"d

11


12/49

domains ac; to 1indo*s @T domains. This can e done y demoting a"" 1indo*s 2000

domain contro""ers and "eaving the 1indo*s @T domain contro""ers in p"ace. /o! co!"d

then reintrod!ce 1indo*s 2000 domain contro""ers and !se the ne* domain name *hen

setting !p Active #irectory.

A domain rename proced!re is s!pported if a forest is r!nning a"" 1indo*s Server 200

domain contro""ers and is at the 1indo*s Server 200 forest f!nctiona" "eve".

The too" is -ren#o".e$e.

D2. @o( 9ant to create a one!9ay or t9o!9ay nontransitive tr(st fro" an A/ #o"ain toa Win#o9s 7 #o"ain.Ho9 #o 9e create a r(st Eet9een a Win#o9s 7 /o"ain an#

an A/ /o"ain ?

Ans. Using a graphica" !ser interface,

. 3pen the Active #irectory #omains and Tr!sts snap-in.

2. $n the "eft pane% right-c"ic; the domain yo! *ant to add a tr!st for and se"ectroperties.

. +"ic; on the Tr!sts ta.

5. +"ic; the @e* Tr!st !tton.

9. After the @e* Tr!st 1iard opens% c"ic; @ext.

. Type the @et>$3S name of the @T domain and c"ic; @ext.

F. Ass!ming the @T domain *as reso"va"e via its @et>$3S name% the next screen *i""

as; for the #irection of Tr!st. Se"ect T*o-*ay% 3ne-*ay incoming% or 3ne-*ay

o!tgoing% and c"ic; @ext.

G. $f yo! se"ected T*o-*ay or 3ne-*ay 3!tgoing% yo!?"" need to se"ect the scope of

a!thentication% *hich can e either #omain-*ide or Se"ective% and c"ic; @ext.

H. Enter and re-type the tr!st pass*ord and c"ic; @ext.

0. +"ic; @ext t*ice to finish.

Using a command-"ine interface

< net#o" tr(st ;74/o"ain7a"e< */o"ain:;A//o"ain7a"e< *A//LR,UR7M

L*User/:;A//o"ain7a"e


13/49

6or examp"e% to create a tr!st from the @T5 domain RA::E@+3RI@T5 to the A#

domain RA::E@+3R% !se the fo""o*ing command,

< net#o" tr(st RA,7FR>74 */o"ain:RA,7FR *A//LR,UR7M *User/:RA,7FRa#"inistrator *ass9or#/:KLR,UR7M

*UserF:RA,7FR>74a#"inistrator *ass9or#F:K

/o! can ma;e the tr!st idirectiona"% i.e.% t*o-*ay% y adding a


14/49

forests% yo! *o!"d have to set !p individ!a" externa" t*o-*ay tr!sts et*een every domain

in oth forests. $f yo! have t*o forests *ith three domains each and *anted to set !p a f!""y

tr!sted mode"% yo! *o!"d need nine individ!a" tr!sts. 6ig!re 2-5i""!strates ho* this *o!"d

"oo;.

6ig!re 2-5. Tr!sts necessary for t*o 1indo*s 2000 forests to tr!st each other

1ith a forest tr!st% yo! can define a sing"e one-*ay or t*o-*ay transitive tr!st re"ationship

that extends to a"" the domains in oth forests. /o! may *ant to imp"ement a forest tr!st if

yo! merge or acC!ire a company and yo! *ant a"" of the ne* company?s Active #irectory

reso!rces to e accessi"e for !sers in yo!r Active #irectory environment and vice versa.

6ig!re 2-9sho*s a forest tr!st scenario. To create a forest tr!st% yo! need to !se acco!nts

from the Enterprise Admins gro!p in each forest.

6ig!re 2-9. Tr!st necessary for t*o 1indo*s Server 200 forests to tr!st each other

Q23. @o( 9ant to create a shortc(t tr(st bet9een t9o A/ #o"ains in the sa"e forest orin #ifferent forests. Shortc(t tr(sts can "a'e the a(thentication process "ore efficient

bet9een t9o #o"ains in a forest.

Q.23 Ho9 to =ie9 the r(sts for a /o"ain ?

ro"em

@o( 9ant to vie9 the tr(sts for a #o"ain.

So"!tion

Using a graphica" !ser interface

1. Fpen the Active /irectory /o"ains an# r(sts snap!in.

2. 0n the left pane ri%ht!clic' the #o"ain yo( 9ant to vie9 an# select roperties.

14


15/49

3. lic' on the r(sts tab.


net#o" B(ery tr(st */o"ain:;/o"ain/7S7a"e netdom trust /Domain: /Remove/verbose[RETURN] [/UserO: /PasswordO:*][RETURN] [/UserD: /PasswordD:*]

D2F .o* to 6ind #!p"icate S$#s in a #omain K

ro"em

@o( 9ant to fin# any #(plicate S0/s in a #o"ain. Penerally yo( sho(l# never fin##(plicate S0/s in a #o"ain b(t it is possible in so"e sit(ations s(ch as 9hen the relative

i#entifier IR0/J SGF role o9ner has to be seiOe# or yo( are "i%ratin% (sers fro"

Win#o9s 7 #o"ains.

So"!tion


o fin# #(plicate S0/s r(n the follo9in% co""an# replacin%

9ith a #o"ain controller or #o"ain na"e:

> ntdsutil se! a!! man !o to se !"e!# du$sid % %

he follo9in% "essa%e 9ill be ret(rne#:

Du$li!ate &'D !"e!# !om$leted su!!ess(ull) +"e!# du$sidlo, (or an)du$li!ates

he #(psi#.lo% file 9ill be in the #irectory 9here yo( starte# ntdsutil.

0f yo( 9ant to #elete any obects that have #(plicate S0/s yo( can (se the follo9in%

co""an#:

> ntdsutil se! a!! man !o to se !lean du$sid % %

i'e the chec' co""an# the clean co""an# 9ill %enerate a "essa%e li'e the follo9in%(pon co"pletion:

Du$li!ate &'D !leanu$ !om$leted su!!ess(ull) +"e!# du$sidlo, (or an)du$li!ate

D.2G o* to 6ind the #omain +ontro""ers for a #omainK

ro"em

@o( 9ant to fin# the #o"ain controllers in a #o"ain.

1)


18/49

So"!tion


1. Fpen the Active /irectory Users an# o"p(ters snap!in.

2. onnect to the tar%et #o"ain.

3. lic' on the Domain +ontrollersFU.

4. he list of #o"ain controllers for the #o"ain 9ill be present in the ri%ht pane.


> netdom %uer) d! /Domain:

Q29. How to Find a Domain Controller's Site?

ro"em

@o( nee# to #eter"ine the site of 9hich a #o"ain controller is a "e"ber.

So"!tion


1. Fpen / an# fro" the "en( select onnection !onnect.

2. or Server enter the na"e of a #o"ain controller Ior leave blan' to #o aserverless bin#J.

3. or ort enter 3+C.

4. lic' F.

5. ro" the "en( select onnection Ein#.

&. ,nter cre#entials of a #o"ain (ser.

). lic' F.

+. ro" the "en( select Ero9se Search.

C. or Ease/7 type the #istin%(ishe# na"e of the &itescontainer Ie.%.

cnsitescnconfi%(ration#crallencorp #cco"J.

1D. or Scope select S(btree.

1+


19/49

11. or ilter enter:

-.-obe!t!ate,or)0server1-dns2ostName011

12. lic' R(n.


> nltest /ds,etsite /server:

Q 30. How to ove a Domain Controller to a Di!!erent Site?

ro"em

@o( 9ant to "ove a #o"ain controller to a #ifferent site.

So"!tion


1. Fpen the Active /irectory Sites an# Services snap!in.

2. 0n the left pane e$pan# the site that contains the #o"ain controller.

3. ,$pan# the &erverscontainer.

4. Ri%ht!clic' on the #o"ain controller yo( 9ant to "ove an# select Gove.

5. 0n the Gove Server bo$ select the site to 9hich the #o"ain controller 9ill be

"ove# an# clic' F.


When (sin% the dsmoveco""an# yo( "(st specify the /7 of the obect yo( 9ant to

"ove. 0n this case it nee#s to be the #istin%(ishe# na"e of the serverobect for the

#o"ain controller. he val(e for the !new$arentoption is the #istin%(ishe# na"e of the

&erverscontainer yo( 9ant to "ove the #o"ain controller to.

> dsmove 3new$arent

or e$a"ple the follo9in% co""an# 9o(l# "ove #c2 fro" the De(ault34irst3&ite3Namesite to the Ralei,"site.

> dsmove !n0d!56!n0servers6!n0De(ault34irst3&ite3Name6!n0sites6!n0!on(i,uration6[RETURN]rallen!or$ 3new$arent!n0servers6!n0Ralei,"6!n0sites6!n0!on(i,uration6rallen!or$

1C


20/49

Q3". How to Find t#e $lo%al Catalo& Servers in a Forest?

ro"em

@o( 9ant a list of the %lobal catalo% servers in a forest.

So"!tion


1. Fpen / an# fro" the "en( select onnection onnect.

2. or Server enter the na"e of a /.


4. lic' F.

5. ro" the "en( select onnection Ein#.

&. ,nter cre#entials of a #o"ain (ser.

). lic' F.

+. ro" the "en( select Ero9se Search.

C. or Ease/7 type the /7 of the Sites container Ie.%.cnsitescnconfi%(ration#crallencorp #cco"J.

1D. or Scope select S(btree.

11. or ilter enter -.-obe!t!ate,or)0ntdsdsa1-o$tions0711 .

12. lic' R(n.


> ds%uer) server 3(orest 3is,!

Q32. How to Find Domain Controllers and $lo%al Catalo&s via DS?

ro"em

@o( 9ant to fin# #o"ain controllers or %lobal catalo%s (sin% /7S loo'(ps.

2D


21/49

So"!tion

/o"ain controllers an# %lobal catalo% servers are represente# in /7S as SR= recor#s.

@o( can B(ery SR= recor#s (sin% nsloo#u$by settin% the t)$e0&R8 s(ch as the

follo9in%:

> nsloo#u$De(ault &erver: dns97rallen!or$!omddress: 7975;

> set t)$e0&R8

@o( then nee# to iss(e the follo9in% B(ery to retrieve all #o"ain controllers for the

specifie# #o"ain.

> lda$t!$

@o( can iss(e a si"ilar B(ery to retrieve %lobal catalo%s b(t since they are forest!9i#ethe B(ery is base# on the forest na"e.

> ,!t!$

@o( can even fin# the #o"ain controllers or %lobal catalo%s that are in a partic(lar site orthat cover a partic(lar site by B(eryin% the follo9in%:

> lda$t!$sites> ,!t!$sites

See Recipe 11.1+for "ore infor"ation on site covera%e.

B''. Cow about Findin& t#e FS( Role Holders ????

.29. ro"em

@o( 9ant to fin# the #o"ain controllers that are actin% as one of the SGF roles.

.29.2 So"!tion

.29.2. Using a graphica" !ser interface

or the Sche"a Gaster:

21


22/49

1. Fpen the Active /irectory Sche"a snap!in.

2. Ri%ht!clic' on Active /irectory Sche"a in the left pane an# select Fperations

Gaster.

or the /o"ain 7a"in% Gaster:

1. Fpen the Active /irectory /o"ains an# r(sts snap!in.

2. Ri%ht!clic' on Active /irectory /o"ains an# r(sts in the left pane an# select

Fperations Gaster.

or the / ,"(lator R0/ Gaster an# 0nfrastr(ct(re Gaster:

1. Fpen the Active /irectory Users an# o"p(ters snap!in.2. Ga'e s(re yo(Tve tar%ete# the correct #o"ain.

3. Ri%ht!clic' on Active /irectory Users an# o"p(ters in the left pane an# select

Fperations Gaster.

4. here are in#ivi#(al tabs for the / R0/ an# 0nfrastr(ct(re roles.

.29.2.2 Using a command-"ine interface

0n the follo9in% co""an# yo( can leave o(t the /Domainoption to

B(ery the #o"ain yo( are c(rrently lo%%e# on.

> netdom %uer) (smo /Domain:

or so"e reason this co""an# ret(rns a he para"eter is incorrect error on Win#o9s

Server 2DD3. Until that is resolve# yo( can (se the ds%uer)serverco""an# sho9n

here 9here can be s!"ema name in(r $d! or rid:

> ds%uer) server 3"as(smo

Q'(.How to Trans!er a FS( Role?

.2. ro"em

@o( 9ant to transfer a SGF role to a #ifferent #o"ain controller. his "ay be necessaryif yo( nee# to ta'e a c(rrent SGF role hol#er #o9n for "aintenance.

.2.2 So"!tion


22


23/49

1. Use the sa"e #irections as #escribe# inRecipe 3.25for vie9in% a specific SGF

e$cept tar%et Ii.e. ri%ht!clic' an# select onnect to /o"ain ontrollerJ the

#o"ain controller yo( 9ant to transfer the SGF to before selectin% FperationsGaster.

2. lic' the han%e b(tton.

3. lic' F t9ice.

4. @o( sho(l# then see a "essa%e statin% 9hether the transfer 9as s(ccessf(l.


he follo9in% 9o(l# transfer the / ,"(lator role to . See the

#isc(ssion to see abo(t transferrin% the other roles.

> ntdsutil roles !onn !o t s % trans(er PD+ % %

B'>. Cow to Sei)e a FS( Role?

.2F. ro"em

@o( nee# to seiOe a SGF role beca(se the c(rrent role hol#er is #o9n an# 9ill not be

restore#.

.2F.2 So"!tion

.2F.2. Using a command-"ine interface

he follo9in% 9o(l# seiOe the / ,"(lator role to :

> ntdsutil roles !onn !o t s % sei=e PD+ % %

Any of the other roles can be transferre# as 9ell (sin% ntdsutilby replacin% transfer

/ in the previo(s sol(tion 9ith one of the follo9in%:

seiOe #o"ain na"in% "aster

seiOe infrastr(ct(re "aster

seiOe R0/ "aster

seiOe sche"a "aster

Q36. How on Findin& t#e *DC +mulator FS( Role (wner via DS?

.2G. ro"em

23


24/49

@o( 9ant to fin# the / ,"(lator for a #o"ain (sin% /7S.

.2G.2 So"!tion

.2G.2. Using a command-"ine interface

> nsloo#u$ 3t)$e0&R8 lda$t!$$d!msd!s

B'1.How to,iew t#e -ttri%utes o! an (%e/t usin& D*?

5.2. ro"em

@o( 9ant to vie9 one or "ore attrib(tes of an obect (sin% /

5.2.2 So"!tion

5.2.2. Using a graphica" !ser interface

1. Fpen /.

2. ro" the "en( select onnection onnect.

3. or Server enter the na"e of a #o"ain controller or #o"ain that contains the

obect.


5. lic' F.

&. ro" the "en( select onnection Ein#.

). ,nter cre#entials of a (ser that can vie9 the obect Iif necessaryJ.

+. lic' F.

C. ro" the "en( select =ie9 ree.

1D. or Ease/7 type the /7 of the obect yo( 9ant to vie9.

11. or Scope select Ease.

12. lic' F.

5.2.2.2 Using a command-"ine interface

24


25/49

> ds%uer) * 3s!o$e base 3attr *

or Win#o9s 2DDD (se this co""an#:

> enum$ro$ DP://

B'. Cow to 1se D-* Controls?

5.. ro"em

@o( 9ant to (se an /A control as part of an /A operation.

5..2 So"!tion

5..2. Using a graphica" !ser interface

1. Fpen /.

2. ro" the "en( select Fptions ontrols.

3. or the Win#o9s Server 2DD3 version of / select the control yo( 9ant to (se

(n#er oa# re#efine#. he control sho(l# a(to"atically be a##e# to the list ofActive ontrols.

or the Win#o9s 2DDD version of / yo(Tll nee# to type the obect i#entifier

IF0/J of the control (n#er Fbect 0#entifier.

4. ,nter the val(e for the control (n#er =al(e.

5. Select 9hether the control is server! or client!si#e (n#er ontrol ype.

&. hec' the bo$ besi#e ritical if the control is critical.

). lic' the hec'!in b(tton.

+. lic' F.

C. At this point yo( 9ill nee# to invo'e the /A operation Ifor e$a"ple SearchJ

that 9ill (se the control. 0n the #ialo% bo$ for any operation be s(re that the,$ten#e# option is chec'e# before initiatin% the operation.

DH. o* to !se :# for Searching for 3ects in a #omainK

5.9. ro"em

@o( 9ant to fin# obects that "atch certain criteria in a #o"ain.

5.9.2 So"!tion

25


26/49


1. Fpen /.


3. or Server enter the na"e of a #o"ain controller Ior leave blan' to #o a

serverless bin#J.


5. lic' F.


). ,nter cre#entials of a (ser.

+. lic' F.

C. ro" the "en( select Ero9se Search.

1D. or Ease/7 type the base #istin%(ishe# na"e 9here the search 9ill start.

11. or Scope select the appropriate scope.

12. or ilter enter an /A filter.

13. lic' R(n.


> ds%uer) * 3s!o$e 3(ilter 3attr

5.. ro"em

@o( 9ant to perfor" a forest!9i#e search (sin% the %lobal catalo%.

5..2 So"!tion


1. Fpen /.

2&


27/49


3. or Server enter the na"e of a %lobal catalo% server.

4. or ort enter 32&+.

5. lic' F.


). ,nter cre#entials of a (ser.

+. lic' F.


1D. or Ease/7 type the base #istin%(ishe# na"e 9here to start the search.


12. or ilter enter an /A filter.

13. lic' R(n.

5..2.2 Using a command-"ine interface

> ds%uer) * 3,! 3s!o$e 3(ilter 3attr

@o( 9ant to #ele%ate a#"inistrative access of an FU to allo9 a %ro(p of (sers to "ana%e

obects in the FU.

9.H.2 So"!tion

9.H.2. Using a graphica" !ser interface

1. Fpen the Active /irectory Users an# o"p(ters snap!in.2. 0f yo( nee# to chan%e #o"ains ri%ht!clic' on Active /irectory Users an#

o"p(ters in the left pane select onnect to /o"ain enter the #o"ain na"e

an# clic' F.

2)


28/49

3. 0n the left pane bro9se to the tar%et FU ri%ht!clic' on it an# select /ele%ate

ontrol.

4. Select the (sers an#*or %ro(ps to #ele%ate control to by (sin% the A## b(tton an#clic' 7e$t.

5. Select the type of privile%e to %rant the (sers*%ro(ps an# clic' 7e$t.

&. lic' inish.

9.H.2.2 Using a command-"ine interface

As can be set via a co""an#!line 9ith the dsa!ls(tility fro" the S(pport ools. See

Recipe 14.1Dfor "ore infor"ation.

D52. o* to :in; a 43 to an 3UK

9.. ro"em

@o( 9ant to apply the settin%s in a PF to the (sers an#*or co"p(ters 9ithin an FU also

'no9n as lin'in% the PF to the FU.

9..2 So"!tion


1. Fpen the Pro(p olicy Gana%e"ent IPGJ snap!in.

2. ,$pan# orest in the left pane.

3. ,$pan# /o"ain an# navi%ate #o9n to the FU in the #o"ain yo( 9ant to lin' the

PF to.

4. Ri%ht!clic' on the FU an# select either reate an# in' a PF Here Iif the PF#oes not alrea#y e$istJ or in' an ,$istin% PF Iif yo( have alrea#y create# the

PFJ.

D5. o* to +reate a SiteK

.. ro"em

@o( 9ant to create a site.

..2 So"!tion

..2. Using a graphica" !ser interface

2+


29/49


2. Ri%ht!clic' on the &itescontainer an# select 7e9 Site.

3. Eesi#e 7a"e enter the na"e of the ne9 site.

4. Un#er in' 7a"e select a site lin' for the site.

5. lic' F t9ice.

..2.2 Using a command-"ine interface

reate an /0 file calle# create>site.l#f 9ith the follo9in% contents:

dn: !n06!n0sites6!n0!on(i,uration6!"an,et)$e: addobe!t!lass: site

dn: !n0i!ensin, &ite &ettin,s6!n06!n0sites6!n0!on(i,uration6!"an,et)$e: addobe!t!lass: li!ensin,&ite&ettin,s

dn: !n0NTD& &ite&ettin,s6!n06!n0sites6!n0!on(i,uration6!"an,et)$e: addobe!t!lass: nTD&&ite&ettin,s

dn: !n0&ervers6!n06!n0sites6!n0!on(i,uration6!"an,et)$e: addobe!t!lass: servers+ontainer

then r(n the follo9in% co""an#:

> ldi(de 3v 3i 3( !reatesiteld(

D55. o* to +reate a S!netK

.5. ro"em

@o( 9ant to create a s(bnet.

.5.2 So"!tion



2. Ri%ht!clic' on the S(bnets container an# select 7e9 S(bnet.

3. ,nter the A##ress an# Gas' an# then select 9hich site the s(bnet is part of.

2C


30/49

4. lic' F.


reate an /0 file calle# create>s(bnet.l#f 9ith the follo9in% contents:

dn: !n06!n0subnets6!n0sites6!n0!on(i,uration6!"an,et)$e: addobe!t!lass: subnetsiteObe!t: !n06!n0sites6!n0!on(i,uration6

then r(n the follo9in% co""an#:

> ldi(de 3v 3i 3( !reatesubnetld(

D59. o* to +reate a Site :in; K

.F. ro"em

@o( 9ant to create a site lin' to connect t9o or "ore sites to%ether.

.F.2 So"!tion

.F.2. Using a graphica" !ser interface


2. ,$pan# the &itescontainer.

3. ,$pan# the 'nter3&iteTrans$ortscontainer.

4. Ri%ht!clic' on 'PIor &?TPJ an# select 7e9 Site in'.

5. or 7a"e enter the na"e for the site lin'.

&. Un#er Site is not in this site lin' select at least t9o sites an# clic' the A## b(tton.

). lic' F.

.F.2.2 Using a command-"ine interface

he follo9in% /0 9o(l# create a site lin' connectin% the S6 an# /allas sites:

dn: !n0Dallas3&@+6!n0'P6!n0inter3sitetrans$orts6!n0sites6!n0!on(i,uration6!"an,et)$e: addobe!t!lass: sitein#siteObe!t: !n0&@+6!n0sites6!n0!on(i,uration6siteObe!t: !n0Dallas6!n0sites6!n0!on(i,uration6

3D


31/49

0f the /0 file 9ere na"e# create>site>lin'.l#f yo(T# then r(n the follo9in% co""an#:

> ldi(de 3v 3i 3( !reatesitelin#ld(

Q6 .How to Create a Site in 4rid&e ?

.2. ro"em

@o( 9ant to create a site lin' bri#%e beca(se yo(Tve #isable# site lin' transitivity.

.2.2 So"!tion



2. 0n the left pane e$pan# &ites 'nter3&ite Trans$orts.

3. Ri%ht!clic' either the 'Por &?TPfol#er #epen#in% 9hich protocol yo( 9ant to

create a site lin' bri#%e for.

4. Select 7e9 Site in' Eri#%e.

5. Hi%hli%ht t9o or "ore sites in the left bo$.

&. lic' the A## b(tton.

). lic' F.


reate an /0 file calle# create>site>lin'>bri#%e.l#f 9ith the follo9in% contents 9hererefer to the site lin's to be bri#%e#:

dn: !n06!n0'P6!n0inter3sitetrans$orts6!n0sites6!n0!on(i,uration6!"an,et)$e: addobe!t!lass: sitein#Arid,esitein#ist: !n06!n0'P6!n0'nter3siteTrans$orts6!n0sites6!n0!on(i,uration6

hen r(n the follo9in% co""an#:

> ldi(de 3v 3i 3( !reatesitelin#brid,eld(

31


32/49

D5F. o* to 6ind the >ridgehead Servers for a SiteK

.. ro"em

@o( 9ant to fin# the bri#%ehea# servers for a site.

..2 So"!tion

..2. Using a graphica" !ser interface

1. Fpen the Replication Gonitor fro" the S(pport ools Ire$lmoneBeJ.

2. ro" the "en( select =ie9 Fptions.

3. 0n the left pane ri%ht!clic' on Gonitore# Servers an# select A## Gonitore#Server.

4. Use the A## Gonitore# Server WiOar# to a## a server in the site yo( 9ant to fin#

the bri#%ehea# serverIsJ for.

5. 0n the left pane ri%ht!clic' on the server an# select Sho9 Eri#%eHea# Servers

0n his ServerTs Site.

..2.2 Using a command-"ine interface

> re$admin /brid,e"eads [] [/verbose]

he /brid,e"eadsoption is vali# only 9ith the Win#o9s Server 2DD3 version ofre$admin. here is no s(ch option in the Win#o9s 2DDD version.

..2. Using J>Script

B=.How to ove a Domain Controller to a Di!!erent Site?

ro"em

@o( 9ant to "ove a #o"ain controller to a #ifferent site. his "ay be necessary if yo(

pro"ote# the #o"ain controller 9itho(t first a##in% its s(bnet to Active /irectory. 0n that

case the #o"ain controller 9ill be a##e# to the De(ault34irst3&ite3Namesite.

So"!tion



32


33/49

2. 0n the left pane e$pan# &ites e$pan# the site 9here the server yo( 9ant to "ove

is containe# an# e$pan# the &erverscontainer.

3. Ri%ht!clic' on the server yo( 9ant to "ove an# select Gove.

4. Select the site to "ove the server to.

5. lic' F.


> dsmove !n06!n0servers6!n06[RETURN]!n0sites6!n0!on(i,uration6 3new$arent!n0servers6!n06[RETURN]!n0sites6!n0!on(i,uration6

D5H. o* to +onfig!re a #omain +ontro""er to +over '!"tip"e SitesK

.F. ro"em

@o( 9ant to confi%(re a #o"ain controller to cover "(ltiple sites 9hich 9ill ca(seclients in those sites to (se that #o"ain controller for a(thentication an# #irectory

loo'(ps.

.F.2 So"!tion

.F.2. Using a graphica" !ser interface

1. R(n re,editeBefro" the co""an# line or Start R(n.

2. 0n the left pane e$pan# H,@>FA>GAH07, S@S,G

(rrentontrolSet Services 7etlo%on ara"eters.

3. 0f the Siteovera%e val(e #oes not e$ist ri%ht!clic' on ara"eters in the left pane

an# select 7e9 G(lti!Strin% =al(e. or the na"e enter Siteovera%e.

4. 0n the ri%ht pane #o(ble!clic' on the val(e an# on a separate line enter each site

the server sho(l# cover.

5. lic' F.

.F.2.2 Using a command-"ine interface

> re, add2C?&)stem+urrent+ontrol&et&ervi!esNetlo,onParameters /v[RETURN]

33


34/49

&ite+overa,e /t RE?UT'&F /d 9

D90. o* to Trigger the L++K

.2F. ro"em

@o( 9ant to tri%%er the .

.2F.2 So"!tion

.2F.2. Using a graphica" !ser interface


2. 0n the left pane bro9se to the NTD&&ettin,sobect for the server yo( 9ant to

tri%%er the for.

3. Ri%ht!clic' on NTD& &ettin,s select All as's an# hec' Replication

opolo%y.

4. lic' F.

.2F.2.2 Using a command-"ine interface

> re$admin /#!!

D9. o* to #etermine if the L++ $s +omp"eting S!ccessf!""yK

.2G. ro"em

@o( 9ant to #eter"ine if the is co"pletin% s(ccessf(lly.

.2G.2 So"!tion

.2G.2. Using a graphica" !ser interface

1. Fpen the ,vent =ie9er of the tar%et #o"ain controller.2. lic' on the /irectory Service lo%.

3. 0n the ri%ht pane clic' on the So(rce hea#in% to sort by that col("n.

4. Scroll #o9n to vie9 any events 9ith So(rce: 7/S .

.2G.2.2 Using a command-"ine interface

he follo9in% co""an# 9ill #isplay any errors fo(n# in the /irectory Service lo%:

> d!dia, /v /test:#!!event /s:

34


35/49

D9. o* to #isa"e the L++ for a SiteK

.2H. ro"em

@o( 9ant to #isable the for a site an# %enerate yo(r o9n replication connections

bet9een #o"ain controllers.

.2H.2 So"!tion

.2H.2. Using a graphica" !ser interface

1. Fpen A/S0 ,#it.

2. onnect to the onfi%(ration 7a"in% onte$t if it is not alrea#y #isplaye#.

3. 0n the left pane bro9se the onfi%(ration 7a"in% onte$t Sites.

4. lic' on the site yo( 9ant to #isable the for.

5. 0n the ri%ht pane #o(ble!clic' +N0NTD&&ite&ettin,s.

&. Go#ify the o$tionsattrib(te. o #isable only intra!site topolo%y %eneration

enable the DDDD1 bit I#eci"al 1J. o #isable inter!site topolo%y %eneration enable

the 1DDDD bit I#eci"al 1&J. o #isable both enable the 1DDD1 bits I#eci"al 1)J.

). lic' F.

.2H.2.2 Using a command-"ine interface

@o( can #isable the for by (sin% the ldi(de(tility an# an /0 file

that contains the follo9in%:

dn: !n0NTD& &ite&ettin,s66!n0sites6!n0!on(i,uration6!"an,et)$e: modi()re$la!e: o$tionso$tions: 3

0f the /0 file 9ere na"e# #isable>'cc.l#f yo( 9o(l# r(n the follo9in% co""an#:

> ldi(de 3v 3i 3( disable#!!ld(

B>& .How to C#an&e t#e 5nterval at #i/# t#e 7CC Runs?

.0. ro"em

@o( 9ant to chan%e the interval at 9hich the r(ns.

35


36/49

.0.2 So"!tion


1. R(n re,editeBefro" the co""an# line or Start R(n.

2. ,$pan# H,@>FA>GAH07, S@S,G (rrentontrolSet

Services 7/S ara"eters.

3. Ri%ht!clic' on ara"eters an# select 7e9 /WFR/ =al(e.

4. ,nter the follo9in% for the na"e: Re$l to$olo,) u$date $eriod -se!sJ.

5. /o(ble!clic' on the ne9 val(e an# (n#er =al(e #ata enter the interval in

n("ber of secon#s ICDD is the #efa(ltJ.

&. lic' F.


> re, add 2C?&)stem+urrent+ontrol&et&ervi!esNTD&Parameters /vRe$l to$olo,)[RETURN]u$date $eriod -se!s1 /t REDGORD /d

B>'.How to Determine i! Two Domain Controllers -re in S8n/?

2.. ro"em

@o( 9ant to #eter"ine if t9o #o"ain controllers are in sync an# have no obects to

replicate to each other.

2..2 So"!tion

2..2. Using a command-"ine interface

Ey r(nnin% the follo9in% t9o co""an#s yo( can co"pare the (p!to!#ateness vector on

the t9o /s:

> re$admin /s"owutdve!

he Win#o9s 2DDD version of re$admin(se# a #ifferent synta$ to acco"plish the sa"e

thin%. Here is the eB(ivalent synta$:

> re$admin /s"owve!tor


37/49

> re$admin /s"owve!tor


38/49

&. Use the A## Gonitore# Server WiOar# to a## one of the #o"ain controllers yo(

9ant to co"pare I0Tll call it #c1J.

). 0n the left pane (n#er the server yo( (st a##e# e$pan# the na"in% conte$t thatyo( 9ant to chec' for (nreplicate# chan%es.

+. Ri%ht!clic' on the other #o"ain controller yo( 9ant to co"pare I0Tll call it #c2J

an# select hec' (rrent US7 an# Un!replicate# Fbects.

C. ,nter cre#entials if necessary an# clic' F.

1D. 0f so"e chan%es have not yet replicate# fro" #c2 to #c1 a bo$ 9ill pop (p thatlists the (nreplicate# obects.

11. o fin# o(t 9hat chan%es have yet to replicate fro" #c1 to #c2 repeat the sa"e

steps e$cept a## #c2 as a "onitore# server an# chec' for (nreplicate# chan%es

a%ainst #c1.


R(n the follo9in% t9o co""an#s to fin# the #ifferences bet9een t9o #o"ain controllers.

Use the /statisti!soption to vie9 a s(""ary of the chan%es:

> re$admin /s"ow!"an,es

he Win#o9s 2DDD version of re$adminhas a #ifferent synta$ to acco"plish the sa"e


> re$admin /,et!"an,es

D 9.o* to 6orce Rep"ication from 3ne #omain +ontro""er to Another

2.5. ro"em

@o( 9ant to force replication bet9een t9o partners.

2.5.2 So"!tion



2. Ero9se to the NTD&&ettin,obect for the #o"ain controller yo( 9ant to

replicate to.

3+


39/49

3. 0n the ri%ht pane ri%ht!clic' on the connection obect to the #o"ain controller yo(

9ant to replicate fro" an# select Replicate 7o9.


he follo9in% co""an# 9ill perfor" a replication sync of the na"in% conte$t specifie#by

he Win#o9s 2DDD version of re$adminhas a #ifferent synta$ to acco"plish the sa"e


> re$admin /s)n!


40/49

> re, add 2C?&)stem+urrent+ontrol&et&ervi!esNTD&Parameters /vRe$li!ator[RETURN]noti() $ause a(ter modi() -se!s1 /t REDGORD /d

D9G. o* to +hange the $nter-Site Rep"ication $nterva" K

2.. ro"em

@o( 9ant to set the sche#(le for replication for a site lin'.

2..2 So"!tion

hese sol(tions ass("e the 0 transport b(t the SG transport co(l# be (se# as 9ell.



2. ,$pan# the 'nter3&iteTrans$ortcontainer.

3. lic' on the 'Pcontainer.

4. 0n the ri%ht pane #o(ble!clic' on the site lin' yo( 9ant to "o#ify the replicationinterval for.

5. ,nter the ne9 interval besi#e Replicate every.

&. lic' F.


o chan%e the replication interval create an /0 file na"e# set>lin'>rep>interval.l#f9ith the follo9in% contents:

dn: !n0 ldi(de 3v 3i 3( setlin#re$intervalld(

D9H. o* to +hec; for otentia" Rep"ication ro"emsK

2.G. ro"em

4D


41/49

@o( 9ant to #eter"ine if replication is s(ccee#in%.

2.G.2 So"!tion

he follo9in% t9o co""an#s 9ill help i#entify proble"s 9ith replication on a so(rce

#o"ain controller:

> d!dia, /test:re$li!ations> re$admin /s"owre$l /errorsonl)

2.G. #isc!ssion

or a "ore #etaile# report yo( can (se the Replication Gonitor Ire$lmoneBeJ. he

Penerate Stat(s Report option 9ill pro#(ce a len%thy report of site topolo%y replication

infor"ation an# provi#e #etails on any errors enco(ntere#. he /irectory Service event

lo% can also be an inval(able so(rce of replication an# proble"s.

D0. o* to 6ind +onf"ict 3ects K

2.. ro"em

@o( 9ant to fin# conflict obects that are a res(lt of replication collisions.

2..2 So"!tion


1. Fpen /.


3. or Server enter the na"e of a #o"ain controller Ior leave blan' to #o a

serverless bin#J.

4. or ort enter 3+C or 32&+ for the %lobal catalo%.

5. lic' F.


). ,nter cre#entials Iif necessaryJ of a (ser that can vie9 the obect.

+. lic' F.


41


42/49

1D. or Ease/7 type the base /7 fro" 9here yo( 9ant to start the search.


12. or ilter enter -H-!n0*9+N4:*1-ou0*9+N4:*11.

13. lic' R(n.


he follo9in% co""an# fin#s all conflict obects 9ithin the 9hole forest:

> ds%uer) * (orestroot 3,! 3attr distin,uis"edName 3s!o$e subtree3(ilter[RETURN]-H-!n0*9+N4:*1-ou0*9+N4:*11

D. o* to Jie* 3ect 'etadataK

2.2. ro"em

@o( 9ant to vie9 "eta#ata for an obect. he obectTs re$lPro$ert)?etaDataattrib(te

stores "eta#ata infor"ation abo(t the "ost recent (p#ates to every attrib(te that has beenset on the obect.

2.2.2 So"!tion


1. Fpen /.


3. or Server enter the na"e of a #o"ain controller or #o"ain that contains the

obect.


5. lic' F.


). ,nter cre#entials Iif necessaryJ of a (ser that can vie9 the obect.

+. lic' F.

42


43/49

C. ro" the "en( select Ero9se Replication =ie9 Geta#ata.

1D. or Fbect /7 type the #istin%(ishe# na"e of the obect yo( 9ant to vie9.

11. lic' F.


0n the follo9in% co""an# replace 9ith the #istin%(ishe# na"e of the

obect for 9hich yo( 9ant to vie9 "eta#ata:

> re$admin /s"owobmeta

his co""an# 9as calle# /s"owmetain the Win#o9s 2DDD version of re$admin. Also

the para"eters are s9itche# in that version 9here co"es before

.

Q,%.

$. 0hatEs the difference between local, global and universal grousF

!omain oca groups assign access permissions to goba domain groups

for oca domain resources. ;oba groups provide access to resources

in oter trusted domains.


44/49

=. 0hy doesnEt )D work under 0indows NTF

If te >6Config.po fie e3ist it as te igest priorit" among te

numerous poicies.

>. 0here are grou olicies storedF

S"stemRootS"stem'%/;roup*oic"

@. 0hat is *T and *(F

;roup poic" tempate and group poic" container.

1. 0here is *T storedF

S"stemRoot/SSDB)/s"svo/domainname/*oicies/;et8eeting poicies

$$. Cow can you restrict running certain alications on a machineF

Dia group poic" securit" settings for te group ten Software

Restriction *oicies.

$&. Gou need to automatically install an a, but


45/49

6e former as fewer privieges and wi probab" re?uire user

Intervention. *us it uses .5ap fies.

$=. 0hat can be restricted on 0indows erver &22' that wasnEt there in revious

roductsF

;roup *oic" in Windows Server %99' determines a users rigt to modif" network and dia=

up 6C*FI* properties.


46/49


47/49

to te sared resources. A faut=toerant root node stores te !fs topoog" in te Active

!irector" wic is repicated to oter domain controers. 6us redundant root nodes ma"

incude mutipe connections to te same data residing in different sared foders.

'2. 0eEre using the D8 fault6tolerant installation, but cannot access it from a

0inH bo;.

. !s Merberos encrytion symmetric or asymmetricF

S"mmetric.

'@. Cow does 0indows &22' erver try to revent a middle6man attack on encryted

lineF

6ime stamp is attaced to te initia cient re?uest encr"pted wit te sared ke".

'1. 0hat hashing algorithms are used in 0indows &22' erverF

RSA !ata Securit"@s 8essage !igest + J8!+K produces a 1%4=bit as and te

Secure :as Agoritm 1 JS:A=1K produces a 1,9=bit as.

'. 0hat third6arty certificate e;change rotocols are used by 0indows &22'

erverF

4)


48/49

Windows Server %99' uses te industr" standard *MCS=19 certificate re?uest and *MCS=

certificate response to e3cange CA certificates wit tird=part" certificate autorities.

'H. 0hatEs the number of ermitted unsuccessful logons on Administrator accountF


49/49

active directory intervie questions

Documents