List of important port numbers15 Netstat21 FTP23 Telnet25 SMTP42 WINS53 DNS67 Bootp68 DHCP80 HTTP88 Kerberos101 HOSTNAME110 POP3119 NNTP123 NTP (Network time protocol)139 NetBIOS161 SNMP180 RIS389 LDAP (Lightweight Directory Access Protocol)443 HTTPS (HTTP over SSL/TLS)520 RIP79 FINGER37 Time3389 Terminal services443 SSL (https) (http protocol over TLS/SSL)220 IMAP33268 AD Global Catalog3269 AD Global Catalog over SSL 500 Internet Key Exchange, IKE (IPSec) (UDP 500

UNC Universal Naming Convention \\servername\shared name (It is used to access the shared folder)MAC Media Access Control PDC Primary Domain ControllersBDC Backup Domain ControllersSMP Symmetric Multi ProcessorsAMP Asymmetric Multi ProcessingEFS Encrypted File SystemFAT File Allocation TableHCL Hardware Compatibility ListIIS Internet Information ServiceLSA Local Security AuthorityMMC Microsoft Management ConsoleOU Organizational UnitRAS Remote Access ServiceRDP Remote Desktop Protocol (used for Terminal Services)RRAS Routing and Remote Access ServiceSID Security IdentifierWINS Windows Internet Name ServiceGUID Globally Unique identifierIAS Internet Authentication ServiceUPN User Principle Name (Username@domainname.com)BIOS Basic Input Output System

Net BIOS Network Basic Input/Output SystemARP Address Resolution ProtocolDVD Digital Video DiskGPO Group Policy Object (LGPO Local Group Policy Object)IPsec Internet Protocol SecurityISP Internet Service ProviderNAT Network Address TranslationMBT Master Boot RecordUSB Universal Serial BusPOST Power On Self TestSCSI Small Computer System InterfaceSMTP Simple Mail Transfer ProtocolURL Uniform Resource LocatorRAID Redundant Array of Independent DiskIDE Intelligent drive Electronics or Integrated Drive ElectronicsFQDN Fully Qualified Domain Name (full computer name) [computername.domainname.com]OSPF Open Shortest Path First (these two are routing protocols)RIP Routing Information ProtocolPOP3 Post Office Protocol (used to receive the mails)SMTP Simple Mail Transfer Protocol (Used to send the mails)SMPS Switch Mode Power SupplyPING Packet Internet GroperVNC Virtual Network ComputingEULA End User License AgreementCAL Client Access LicenseTSCAL Terminal Services Client Access LicenseUPS Uninterruptible Power SupplyBIND Berkeley Internet Name DomainPXE Pre boot eXecutable Environment UDF Uniqueness Database fileLDAP Light weight Directory Access ProtocolISDN Integrated Services Digital Network VLSM Variable Length Subnet MaskCIDR Classless Inter Domain RoutingIGMP Internet Group Management ProtocolFSMO Flexible Single Master OperationsAPIPA Automatic IP addressingNetBEUI Net Bios Enhanced User InterfaceUDP User Datagram ProtocolFTP File Transfer ProtocolMbps Mega bits per secondNtds.dit Nt directory services. directory information tree.ICMP Internet Control message ProtocolIGMP Internet group Management ProtocolNNTP Network News Transfer ProtocolRADIUSRemote Authentication Dial In User serviceSNMP Simple Network Management protocolVPN Virtual Private NetworkL2TP Layer2 Tunneling ProtocolPPTP Point to Point Tunneling ProtocolADSI Active Directory Service InterfacesSUS Software Update ServiceSMS System Management ServiceWUS Windows Update serviceTFTP Trivial File Transfer Protocol

*OSI MODEL : 1. Application Layer --------- Data2. Presentation Layer ------- Data3. Session Layer -------------Data4. Transport Layer ----------Segments5. Network Layer ----------- Packets ( Router – IP )6. Data Link Layer ---------- Frames ( Switch & Bridge – MAC )7. Physical Layer ------------ Dealing with Bits ( Repeater & Hub )

*What is the purpose of forward lookup?It resolves the Host names (Friendly Name) to IP addresses*What is the purpose of Reverse lookup zone?It resolves the IP addresses to Host names*What is the difference between Primary zone and Secondary zone?Primary zone has read and write permissions, where as Secondary zone has read only permission.Note: Secondary zone is used for Backup and Load balancing.

* What’s the difference between local, global and universal groups? Domain local groups assign access permissions to global domain groups for local domain resources. Global groups provide access to resources in other trusted domains. Universal groups grant access to resources in all trusted domains.

* What remote access options does Windows Server 2003 support? Dial-in, VPN, dial-in with callback.

*Brief explanation of RAID Levels Microsoft Windows XP, Windows 2000 and Windows Server 2003 offer two types of disk storage: basic and dynamic. *Basic Disk StorageBasic storage uses normal partition tables supported by MS-DOS, Microsoft Windows 95, Microsoft Windows 98, Microsoft Windows Millennium Edition (Me), Microsoft Windows NT, Microsoft Windows 2000, Windows Server 2003 and Windows XP. A disk initialized for basic storage is called a basic disk. A basic disk contains basic volumes, such as primary partitions, extended partitions, and logical drives. Additionally, basic volumes include multidisk volumes that are created by using Windows NT 4.0 or earlier, such as volume sets, stripe sets, mirror sets, and stripe sets with parity. Windows XP does not support these multidisk basic volumes. Any volume sets, stripe sets, mirror sets, or stripe sets with parity must be backed up and deleted or converted to dynamic disks before you install Windows XP Professional.

*Dynamic Disk StorageDynamic storage is supported in Windows XP Professional, Windows 2000 and Windows Server 2003. A disk initialized for dynamic storage is called a dynamic disk. A dynamic disk contains dynamic volumes, such as simple volumes, spanned volumes, striped volumes, mirrored volumes, and RAID-5 volumes. With dynamic storage, you can perform disk and volume management without the need to restart Windows.

Note: Dynamic disks are not supported on portable computers or on Windows XP Home Edition-based computers. You cannot create mirrored volumes or RAID-5 volumes on Windows XP Home Edition, Windows XP Professional, or Windows XP 64-Bit Edition-based computers. However, you can use a Windows XP Professional-based computer to create a mirrored or RAID-5 volume on remote computers that are running Windows 2000 Server, Windows 2000 Advanced Server, or Windows 2000 Datacenter Server, or the Standard, Enterprise and Data Center versions of Windows Server 2003.

Storage types are separate from the file system type. A basic or dynamic disk can contain any combination of FAT16, FAT32, or NTFS partitions or volumes.

A disk system can contain any combination of storage types. However, all volumes on the same disk must use the same storage type.

Difference between FAT and NTFS

NTFS 1.allows access local to w2k,w2k3,XP,win NT4 with SP4 & later may get access for some file.

2.Maximum size of partition is 2 Terabytes & more.

3.Maximum File size is up to 16TB.

4.File & folder Encryption is possible only in NTFS.

FAT 32 1.Fat 32 Allows access to win 95,98,win millenium,win2k,xp on local partition.

2.Maximum size of partition is up to 2 TB.

3.Maximum File size is up to 4 GB.

4.File & folder Encryption is not possible.

*To convert a Basic Disk to a Dynamic Disk:

Use the Disk Management snap-in in Windows XP/2000/2003 to convert a basic disk to a dynamic disk. To do this, follow these steps: 1. Log on as Administrator or as a member of the Administrators group. 2. Click Start, and then click Control Panel. 3. Click Performance and Maintenance, click Administrative Tools, and then double-click Computer Management. You can also right-click My Computer and choose Manage if you have My Computer displayed on your desktop. 4. In the left pane, click Disk Management. 5. In the lower-right pane, right-click the basic disk that you want to convert, and then click Convert to Dynamic Disk. You must right-click the gray area that contains the disk title on the left side of the Details pane. 6. Select the check box that is next to the disk that you want to convert (if it is not already selected), and then click OK. 7. Click Details if you want to view the list of volumes in the disk. Click Convert. 8. Click Yes when you are prompted to convert the disk, and then click OK.

Warning: After you convert a basic disk to a dynamic disk, local access to the dynamic disk is limited to Windows XP Professional, Windows 2000 and Windows Server 2003. Additionally, after you convert a basic disk to a dynamic disk, the dynamic volumes cannot be changed back to partitions. You must first delete all dynamic volumes on the disk and then convert the dynamic disk back to a basic disk. If you want to keep your data, you must first back up the data or move it to another volume.

*Dynamic Storage TermsA volume is a storage unit made from free space on one or more disks. It can be formatted with a file system and assigned a drive letter. Volumes on dynamic disks can have any of the following layouts: simple, spanned, mirrored, striped, or RAID-5. *A simple volume uses free space from a single disk. It can be a single region on a disk or consist of multiple, concatenated regions. A simple volume can be extended within the same disk or onto additional disks. If a simple volume is extended across multiple disks, it becomes a spanned volume. *A spanned volume is created from free disk space that is linked together from multiple disks. You can extend a spanned volume onto a maximum of 32 disks. A spanned volume cannot be mirrored and is not

fault-tolerant. *A striped volume is a volume whose data is interleaved across two or more physical disks. The data on this type of volume is allocated alternately and evenly to each of the physical disks. A striped volume cannot be mirrored or extended and is not fault-tolerant. Striping is also known as RAID-0. *A mirrored volume is a fault-tolerant volume whose data is duplicated on two physical disks. All of the data on one volume is copied to another disk to provide data redundancy. If one of the disks fails, the data can still be accessed from the remaining disk. A mirrored volume cannot be extended. Mirroring is also known as RAID-1. *A RAID-5 volume is a fault-tolerant volume whose data is striped across an array of three or more disks. Parity (a calculated value that can be used to reconstruct data after a failure) is also striped across the disk array. If a physical disk fails, the portion of the RAID-5 volume that was on that failed disk can be re-created from the remaining data and the parity. A RAID-5 volume cannot be mirrored or extended. *The system volume contains the hardware-specific files that are needed to load Windows (for example, Ntldr, Boot.ini, and Ntdetect.com). The system volume can be, but does not have to be, the same as the boot volume. *The boot volume contains the Windows operating system files that are located in the %Systemroot% and %Systemroot%\System32 folders. The boot volume can be, but does not have to be, the same as the system volume. RAID 0 – StripingRAID 1- Mirroring (minimum 2 HDD required)RAID 5 – Striping With Parity (Minimum 3 HDD required)RAID levels 1 and 5 only gives redundancy

What is a global catalog Global catalog is a role, which maintains Indexes about objects. It contains full information of the objects in its own domain and partial information of the objects in other domains. Universal Group membership information will be stored in global catalog servers and replicate to all GC’s in the forest. What is Active Directory?

Active Directory is a directory service, which stores information about network resources such as users, groups, computes, printers, and shares. Active Directory provides single point for organization, control, management.

Note: In a lay man language Active Directory is some thing like Yellow Pages.

*What is Active Directory and what is the use of it Active directory is a directory service, which maintains the relation ship between resources and enabling them to work together. Because of AD hierarchal structure windows 2000 is more scalable, reliable. Active directory is derived from X.500 standards where information is stored is hierarchal tree like structure. Active directory depends on two Internet standards one is DNS and other is LDAP. Information in Active directory can be queried by using LDAP protocol *What is TTL & how to set TTL time in DNS? TTL is Time to Live setting used for the amount of time that the record should remain in cache when name resolution happened.We can set TTL in SOA (start of authority record) of DNS *How to take DNS and WINS, DHCP backup %System root%/system32/dns%System root%/system32/WINS%System root%/system32/DHCP *What is recovery console Recovery console is a utility used to recover the system when it is not booting properly or not at all booting. We can perform fallowing operations from recovery consoleWe can copy, rename, or replace operating system files and foldersEnable or disable service or device startup the next time that start computerRepair the file system boot sector or the Master Boot RecordCreate and format partitions on drives

*What is FSMO Roles: The five FSMO roles are: *Schema Master: The schema master domain controller controls all updates and modifications to the schema. Once the Schema update is complete, it is replicated from the schema master to all other DCs in the directory. To update the schema of a forest, you must have access to the schema master. There can be only one schema master in the whole forest. *Domain naming master: The domain naming master domain controller controls the addition or removal of domains in the forest. This DC is the only one that can add or remove a domain from the directory. It can also add or remove cross references to domains in external directories. There can be only one domain naming master in the whole forest. *Infrastructure Master: When an object in one domain is referenced by another object in another domain, it represents the reference by the GUID, the SID (for references to security principals), and the DN of the object being referenced. The infrastructure FSMO role holder is the DC responsible for updating an object's SID and distinguished name in a cross-domain object reference. At any one time, there can be only one domain controller acting as the infrastructure master in each domain. Note: The Infrastructure Master (IM) role should be held by a domain controller that is not a Global Catalog server (GC). If the Infrastructure Master runs on a Global Catalog server it will stop updating object information because it does not contain any references to objects that it does not hold. This is because a Global Catalog server holds a partial replica of every object in the forest. As a result, cross-domain object references in that domain will not be updated and a warning to that effect will be logged on that DC's event log. If all the domain controllers in a domain also host the global catalog, all the domain controllers have the current data, and it is not important which domain controller holds the infrastructure master role. *Relative ID (RID) Master: The RID master is responsible for processing RID pool requests from all domain controllers in a particular domain. When a DC creates a security principal object such as a user or group, it attaches a unique Security ID (SID) to the object. This SID consists of a domain SID (the same for all SIDs created in a domain), and a relative ID (RID) that is unique for each security principal SID created in a domain. Each DC in a domain is allocated a pool of RIDs that it is allowed to assign to the security principals it creates. When a DC's allocated RID pool falls below a threshold, that DC issues a request for additional RIDs to the domain's RID master. The domain RID master responds to the request by retrieving RIDs from the domain's unallocated RID pool and assigns them to the pool of the requesting DC. At any one time, there can be only one domain controller acting as the RID master in the domain. *PDC Emulator: The PDC emulator is necessary to synchronize time in an enterprise. Windows 2000/2003 includes the W32Time (Windows Time) time service that is required by the Kerberos authentication protocol. All Windows 2000/2003-based computers within an enterprise use a common time. The purpose of the time service is to ensure that the Windows Time service uses a hierarchical relationship that controls authority and does not permit loops to ensure appropriate common time usage. .• Schema master - Forest-wide and one per forest. • Domain naming master - Forest-wide and one per forest. • RID master - Domain-specific and one for each domain. • PDC - PDC Emulator is domain-specific and one for each domain. • Infrastructure master - Domain-specific and one for each domain. Explain the activities of each role?1) Schema Master:

It will govern the Active Directory to all the Domain Controllers in a forest.2) Domain Naming Master:

Maintains the unique Domain Naming System in a forest to avoid duplication.3) RID master:

It assigns unique ID to every user account. (Domain + RID)4) PDC Emulator:

If PDC is upgraded to windows 2000 it will send data to BDC’s on the network. (Replication of user Database)If the user password is not matching in a particular Domain, then it will contact PDC emulator of first Domain Controller (Master Domain controller)

5) Infrastructure Master: Maintains the infrastructure group proper files on the master Domain controller.

*What is Active Directory De-fragmentation? De-fragmentation of AD means separating used space and empty space created by deleted objects and reduces directory size (only in offline De-fragmentation)

*What is tombstone period Tombstones are nothing but objects marked for deletion. After deleting an object in AD the objects will not be deleted permanently. It will be remain 60 days by default (which can be configurable) it adds an entry as marked for deletion on the object and replicates to all DC’s. After 60 days object will be deleted permanently from all Dc’s.

*What are the different types of partitions present in AD? Active directory is divided into three partitionsConfiguration Partition—replicates entire forestSchema Partition—replicates entire forestDomain Partition—replicate only in domainApplication Partition (Only in Windows 2003) What are the (two) services required for replication File Replication Service (FRS)Knowledge Consistency Checker (KCC)

*Windows Server 2003 Web Edition Windows Server 2003, Web Edition is mainly for building and hosting Web applications, Web pages, and XML Web Services. It is designed to be used primarily as an IIS 6.0 Web server and provides a platform for rapidly developing and deploying XML Web services and applications that use ASP.NET technology, a key part of the .NET Framework. This edition does not require Client Access Licenses and Terminal Server mode is not included on Web Edition. However, Remote Desktop for Administration is available on Windows Server 2003, Web Edition. Only 10 concurrent file-sharing connections are allowed at any moment. It is not possible to install Microsoft SQL Server and Microsoft Exchange software on this version of Windows, although MSDE and SQL Server 2005 Express are fully supported after service pack 1 is installed. The most important limitation of Web edition is a maximum memory of 2 GB RAM. Additionally, Windows Server 2003, Web Edition cannot act as a domain controller. See Compare the Editions of Windows Server 2003.

*Windows Server 2003 Standard Edition Windows Server 2003, Standard Edition is aimed towards small to medium sized businesses. Flexible yet versatile, Standard Edition supports file and printer sharing, offers secure Internet connectivity, and allows centralized desktop application deployment. This edition of Windows will run on up to 4 processors with up to 4 GB RAM. 64-bit versions are also available for the AMD x86-64 architecture and the Intel clone of that same architecture, EM64T. The 64-bit version of Windows Server 2003, Standard Edition is capable of addressing up to 32 GB of RAM and it also supports Non-Uniform Memory Access (NUMA), something the 32-bit version does not.

*Windows Server 2003 Enterprise Edition Windows Server 2003, Enterprise Edition is aimed towards medium to large businesses. It is a full-function server operating system that supports up to eight processors and provides enterprise-class features such as eight-node clustering using Microsoft Cluster Server (MSCS) software and support for up to 32 GB of memory. Enterprise Edition also comes in a 64-bit edition for Intel. 64-bit versions are also available for the AMD x86-64 architecture and the Intel clone of that same architecture, EM64T. The 64-bit version of Windows Server 2003, Enterprise Edition is capable of addressing up to 1 TB of RAM. Both 32-bit and 64-bit versions support Non-Uniform Memory Access (NUMA).

*Windows Server 2003 Datacenter Edition Windows Server 2003, Datacenter Edition is the flagship of the Windows Server line and designed for immense infrastructures demanding high security and reliability. Datacenter supports up to 64 processors. It also supports Non-Uniform Memory Access (NUMA).

*Windows Server 2003 Compute Cluster Edition Windows Server 2003, Compute Cluster Edition is designed for working with the most difficult computing problems that would require high performance computing clusters. Compute Cluster edition deploys in clusters of multiple servers to form large supercomputers. Microsoft intends to release this edition in 2006.

*Windows Server 2003 Storage Server Windows Storage Server 2003 is optimised to provide dedicated file and print sharing services. It is only available through OEMs when purchased pre-configured with network attached storage devices, which are available in a wide variety of sizes from a couple hundred gigabytes to a few terabytes. One significant difference, when compared with the other Windows Server 2003 editions that provide file and print services, is that Storage Server does not require client access licenses

*What is the use of SYSVOL FOLDER? Policies and scripts saved in SYSVOL folder will be replicated to all domain controllers in the domain. FRS (File replication service) is responsible for replicating all policies and scripts 

*Difference between Exchange 2003 and 2007

Exchange Server 2003 Exchange Server 2003 may be run on the Windows 2000 Server if the fourth service pack has already been installed. It may also be run on 32 bit Windows Server 2003. There is a new disaster recovery feature that is even better than before. It allows the server to experience less downtime. The Exchange Server 2003 received some features form Microsoft Mobile Information server as well. These include Outlook Mobile Access as well as ActiveSync. Improved versions of anti-spam and anti-virus were also included. Management tools for mailboxes and messages have been improved and Instant Messaging and Exchange Conferencing Server are now separate products. There are two versions available of Exchange Server 2003. These include the Enterprise edition and the Standard edition. There are many other features that are available on Exchange Server 2003.

Exchange Server 2007 When Exchange Server 2003 was released there were no immediate plans as to what would happen to the product. A 2005 edition was dropped and it was not until the end of 2006 that the new version was released. Some of the new features included integration of voicemail, improved filtering, Web service support, and Outlook Web Access interface. The new edition was run on a 64 bit x 64 version of Windows Server. This increases the performance significantly. There are quite a few improvements to Exchange Server 2007. These include better calendaring, improved web access, unified messages, and better mobility. From a system protection standpoint there is more clustering, antivirus, anti spam, and compliance included. The IT experience is improved overall with a 64-bit performance. Deployment is better; routing is simplified as well as the command line shell and GUI.

There have been many changes and improvements to the Exchange Server 2007 and it is better than ever. There are no definite plans as to what Microsoft has in store for Exchange Server but the next version will certainly be better than ever.

What is the Difference between Exchange 2003 and 2007?

Exchange 2003 and 2007 difference

· 2003 is 32 bit· Single server base, No roles base· Outlook Mobile Access (or OMA)· Active sync· Up-To-Date Notifications

Exchange 2003 with SP2

· Direct Push· Global Address List lookup· Mobile Admin

*2007 exchange server Enhanced and Newly added features

· Has Power full command line Power shell for configuration· Most of configuration is done through power shell· Fast message retrieval· Follow-up flags· Meeting attendee information· Enhanced Exchange Search· Windows Share Point and file share document access· Reset PIN/Password· Enhanced PPC security· Auto discover for over the air (OTA) provisioning· Out of Office· Support for HTML messages

What is a zone?A database of records is called a zone. Also called a zone of authority, a subset of the Domain Name System (DNS) namespace that is managed by a name server

What are the commands used for DHCP?

IpconfigIpconfig /allIpconfig /releaseIpconfig /renew

What is the process of assigning IP address by DHCP service?

There are four stages in assigning IP address to a host by DHCP server.1) DHCP discover2) DHCP offer3) DHCP request4) DHCP Acknowledge

DHCP Discover: When ever client has to obtain an IP address from a DHCP server it will broadcast a

message called “DHCP discover” , which contains destination address 255.255.255.255 and source IP address

as 0.0.0.0 and its MAC address.

DHCP offer:

The DHCP server on the network will respond to DHCP discover by sending a DHCP offer message to the client requesting an IP address.DHCP request:

The client after receiving offer message will send a “DHCP request” message asking the DHCP server to confirm the IP address it has offered to it through DHCP offer message.DHCP Acknowledge:

DHCP server will respond to the “DHCP request” message by sending acknowledge message through which it confirms the IP address to other machine.

Windows 2000 Operating System family

OS Name Processor RAM (min.)

RAM (rec.)

Free Hard disk space

Supported

no. of Pros. RAMWindows 2000 Professional

Pentium / 133MHz 32 MB 64 MB 650 MB1 GB (rec.)

2 4 GB

Windows 2000 Server

Pentium / 133MHz 128 MB 256 MB Approx.1 GB(Rec. 2 GB)

4 4 GB

Windows 2000 Advanced Server

Pentium / 133MHz 128 MB 256 MB Approx 1 GB(Rec. 2 GB)

8 8 GB

Windows 2000 Datacenter Server

Pentium / 133MHz 128 MB 256 MB Approx 1 GB(Rec. 2 GB)

32 64 GB

*What is the primary difference between a workgroup and a domain?A workgroup is a distributed directory maintained on each computer within the workgroup. A

domain is a centralized directory of resources maintained on domain controllers and presented to the user through Active Directory services.

*Why do we need Multiple Domain Controllers?If you have multiple domain controllers, it provides better support for users than having only one. Multiple domain controllers provide automatic backup for user accounts and other Active Directory data, and they work together to support domain controller functions (such as validating logons).

*What are Unicast, Multicast, and Broad cast?

Unicast: Just from one computer to one computer.Multicast: Those who ever register for a particular multicast group to those only.Broadcast: To all the computers.*What is NETBIOS?NETBIOS stands for Network Basic Input Output System. It is a naming interface, it is interface by which client can connect to access the lower level of the TCP/IP model to be able to communicate and access those resources.

We share resources with the NETBIOS interface in windows NT. This means that we are using NetBIOS name to connect the client to the server. *What is the length of NETBIOS name?

A NETBIOS name is 16 characters long. The first fifteen characters you can use for the server name, the 16th character is an identifier for what type of service it is registering. *What are the different sub net classes are there?

Class A Addresses 1-126.x.x.xClass B Addresses 128-191.x.x.xClass C Addresses 192-223.x.x.xClass D Addresses 224-239.x.x.xClass E Addresses 240-254.x.x.x

*Diagnostic Utilities:-PING:Verifies that TCP/IP is configured and another host is available.FINGER:Retrieves system information from a remote computer that supports TCP/IP finger servicesHOSTNAME:It displays the host name.NSLOOKUP:Examines Entries in the DNS database, which pertains to a particular host or domainNETSTAT:Displays protocol statistics and the current state of TCP/IP concepts.NBTSTAT:Checks the state of current NetBIOS over TCP/IP connections, updates LMhost’s cache or determines your registered name or scope ID.Route:Views or modifies the local routing table.

TRACERT: Verifies the route from the local host to remote hostARP :Displays a cache of local resolved IP address to MAC address

*What is NAT? Ans: NAT stands for Network Address Translation. It is a device between the Internet (i.e., public network) and our private network. On one NIC card it has valid Internet address; on the other NIC it has our private (internal) network address.NAT is a device that translates one valid public IP address to more tuple internal private address.What is proxy?NAT server helps the client to access Internet, where as proxy server does everything for client. When a request comes from the client the proxy server surfs the internet and caches the results to its local disk, sends that result to the client. With proxy we have performance improvement, because results are cached to the local hard disk. With proxy we have security, because only one system in the internal network communicating with the Internet. Rather than allowing clients to access internet by changing IP address, the proxy server does all the surfing for clients and caches to its local disk and gives to the clients.

*What is a Domain?A group of computers that are part of a network and shares a common directory and security polices. In Windows 2000 a domain is a security boundary and permissions that are granted in one domain are not carried over to other domains*What is the use of LDAP (X.500 standard?) LDAP is a directory access protocol, which is used to exchange directory information from server to clients or from server to servers * What is a subnet?In computer networks based on the Internet Protocol Suite, a subnetwork, or subnet, is aportion of the network's computers and network devices that have a common, designatedIP address routing prefix (cf. Classless Inter-Domain Routing, CIDR).A routing prefix is the sequence of leading bits of an IP address that precede the portion of theaddress used as host identifier (or rest field in early Internet terminology).* What is subnet Mask ?A subnet (short for "subnetwork") is an identifiably separate part of an organization'snetwork. Typically, a subnet may represent all the machines at one geographic location, inone building, or on the same local area network (LAN). Having an organization's networkdivided into subnets allows it to be connected to the Internet with a single shared networkaddress. Without subnets, an organization could get multiple connections to the Internet, onefor each of its physically separate subnetworks, but this would require an unnecessary use ofthe limited number of network numbers the Internet has to assign. It would also require thatInternet routing tables on gateways outside the organization would need to know about andhave to manage routing that could and should be handled within an organization.* Describe the integration between DHCP and DNS?Traditionally, DNS and DHCP servers have been configured and managed one at a time.Similarly, changing authorization rights for a particular user on a group of devices has meantvisiting each one and making configuration changes. DHCP integration with DNS allows theaggregation of these tasks across devices, enabling a company's network services to scale instep with the growth of network users, devices, and policies, while reducing administrativeoperations and costs.This integration provides practical operational efficiencies that lower total cost of ownership.Creating a DHCP network automatically creates an associated DNS zone, for example,reducing the number of tasks required of network administrators. And integration of DNS andDHCP in the same database instance provides unmatched consistency between service andmanagement views of IP address-centric network services data* What is domain tree ?Domain Trees: A domain tree comprises several domains that share a common schema and configuration, forming a contiguous namespace. Domains in a tree are also linked together by trustrelationships. Active Directory is a set of one or more trees.Trees can be viewed two ways. One view is the trust relationships between domains. Theother view is the namespace of the domain tree.

What is forests ?A collection of one or more domain trees with a common schema and implicit trustrelationships between them. This arrangement would be used if you have multiple rootDNS addresses.What is domain controller ?Primary domain controller (PDC) and backup domain controller (BDC) are roles that canbe assigned to a server in a network of computers that use the Windows NT operatingsystem. Windows NT uses the idea of a domain to manage access to a set of networkresources (applications, printers, and so forth) for a group of users. The user need only tolog in to the domain to gain access to the resources, which may be located on a number ofdifferent servers in the network. One server, known as the primary domain controller,manages the master user database for the domain. One or more other servers aredesignated as backup domain controllers. The primary domain controller periodicallysends copies of the database to the backup domain controllers. A backup domaincontroller can step in as primary domain controller if the PDC server fails and can alsohelp balance the workload if the network is busy enough.Setting up and maintaining PDCs and BDCs and domain information is a major activity forthe administrator of a Windows NT network. In Windows 2000, the domain controllerconcept is retained but the PDC and BDC server roles are generally replaced by the ActiveDirectory.4. What are the differences between Exchange Sever 2003 Standard and Enterprise Editions?Following are the difference between Exchange server 2003 Standard and Enterprise Edition.Feature Standard Edition Enterprise Edition

Storage groups support 1 storage group 4 storage groups

Number of databases per storage group

2 databases 5 databases

Individual database size 16 gigabytes (GB) Maximum 16 terabytes, limited only by hardware

Exchange Clustering Not supported Supported

X.400 connector Not included Included

*What are the steps involved in Exchange Server installation?

1. Prerequisites Installation – ASP .Net, IIS, SMTP, NNTP and WWW services Installation2. Forest Preparation3. Domain Preparation4. Exchange Server 2003 Installation

* What are the different clustering options in Exchange 2003?

Exchange server 2003 supports two types of clustering option which is already supported by windows server 2003

1. Network Load balancing – server aware clustering technology , load balance by distributing the TCP/IP traffic among each server node in cluster. To client computers, the cluster is seen as a single resource and is address by a single IP.

2. Cluster service – application or service aware clustering technology, provides continual application service availability through failover and failback

*What is purpose of Exchange Server Clustering?

The purpose of Exchange Server Clustering is to prevent the Exchange server from going offline.

*What is Heartbeat?

Heart beat is a special type of network packet that is sent out to each server node participating in a cluster to determine the responsiveness of a node. Server nodes that do not respond to heart beat packets for a configurable period of time are marked a inactive

*Which are the Cluster operations modes?

N-Node failover server pairs – applications are configured to failover only between two specified server pairs

N+I Hot-Standby Server – commonly referred to as active/passive mode, on two node cluster, one node process the client request and the second node monitors the first node. where N – Active node, I – Passive Node

Fail over Ring – Active/Active – all servers are active and process the client request, when one node fails the cluster, failover the cluster to another active node. Administrator has to define the failover

Random Failover – similar to failover ring, if a node fails the failover is randomly changed to active node. The Administrative burden of having a define failover is removed

*What is Global Address List (GAL)?

Global Address List is the Primary Address list that contains all Exchange objects in the entire organization and mail-enabled objects in the Microsoft Exchange server organization

What are the types of Exchange Backup?

• Full (Normal)

• Daily Backup

• Copy Backup

• Incremental backup

* What is Normal backup? Ans: Full backup copies both the database and transactional log files. At the completion of full backup, transactional logs that are committed to the database are deleted from the server. Perform everyday

* What is Copy backup? Ans: Copy backup same as the full Backup, except no file marling is performed. Copy backups are used to archived data that can be stored offsite

* What is Incremental backup? Ans: Incremental backup performs backup on all selected data which are modifired after last backup. It removes the archive bit, informs that backup has done on this

* What is Differential backup? Ans: Differential Backup backups all the selected data created or modified after the last backup. It does not remove the archive bit. So when you performing differential back up on the next day, if will back up the whole thing from the last backup

* What is Daily backup? Ans: Backup all the selected data, which are created or modified on daily basis.

* What is Online Backup? When performing Exchange Server 2003 online backup, all services, including the exchange store, continue to run normally throughout the backup process. This allows continuing to access their mailboxes during backup process, whether the backup process is incremental, differential or full backup.

* What is Offline Backup? Ans;Offline back up is not a recommended solution. To perform a offline backup you must dismount the mailbox and public folder stores and then backup the database and transactional logs manually. However you may to perform offline back if online backup fails.

*What is the advantage of performing an online backup?

1. No need to stop database services2. Users can access their mailbox during backup process3. The database corruption is checked during the offline backup4. The change of data loss is very less

*Name some Exchange Server 2003 clients

Outlook 2000/2003 Outlook Web Access. Outlook Mobile Access. RPC over Http/Https.

* What is Outlook Web Access (OWA)? Ans: Outlook Web Access 2003 (known as OWA 2003) allows you to gain access to your messages, calendars, contacts, tasks and public folders from any computer with internet access. OWA 2003 has many added features which allow for improved performance, better security and a fresh new look.

* What is RPC over HTTP? Ans: The RPC over HTTP protocol allows your full Outlook 2003 MAPI clients to connect to Exchange 2003 Servers using HTTP/HTTPS. This solves the problem remote Outlook 2003 users have when located behind restrictive firewalls.

By using RPC over HTTP, users no longer have to use a virtual private network (VPN) connection to connect to Exchange mailboxes. Users who are running Outlook 2003 on client computers can connect to an Exchange server in a corporate environment from the Internet. The Windows RPC over HTTP feature enables an RPC client such as Outlook 2003 to establish connections across the Internet by tunneling the RPC traffic over HTTP.

*What is Simple Mail Transfer Protocol (SMTP)? Ans: SMTP is a short for Simple Mail Transfer Protocol and it is used to transfer e-mail messages between computers. It is a text based protocol and in this, message text is specified along with the recipients of the message. Simple Mail Transfer Protocol is a ‘push’ protocol and it cannot be used to ‘pull’ the messages from the server.

* What is Network News Transport Protocol (NNTP)? Ans: NNTP (Network News Transfer Protocol) is the predominant protocol used by computer clients and servers for managing the notes posted on Usenet newsgroups. NNTP replaced the original Usenet protocol, UNIX-to-UNIX Copy Protocol (UUCP) some time ago. NNTP servers manage the global network of collected Usenet newsgroups and include the server at your

Internet access provider. An NNTP client is included as part of a Netscape, Internet Explorer, Opera, or other Web browser or you may use a separate client program called a newsreader.

* What is DMZ?

In computer networks, a DMZ (demilitarized zone) is a computer host or small network inserted as a “neutral zone” between a company’s private network and the outside public network. It prevents outside users from getting direct access to a server that has company data. (The term comes from the geographic buffer zone that was set up between North Korea and South Korea following the UN “police action” in the early 1950s.) A DMZ is an optional and more secure approach to a firewall and effectively acts as a proxy server as well.

* What is Volume Shadow Copy service? Ans:The Volume Shadow Copy Service provides the backup infrastructure for the Microsoft Windows XP and Microsoft Windows Server 2003 operating systems, as well as a mechanism for creating consistent point-in-time copies of data known as shadow copies. The Volume Shadow Copy Service has native support for creating consistent shadow copies across multiple volumes, regardless of the snapshot technology or application.

Which are the Exchange virtual servers? Ans: Windows Exchange Servers use the word ‘Virtual’ in many contexts.  To begin with, one physical machine can act as a server for several Virtual SMTP domains, for example ourcomp.com and mergecomp.net.  Moreover, in addition to SMTP, one Exchange Server can also control Virtual servers for IMAP4, NNTP and POP3.  From another point of view, you could interpret these Exchange Virtual servers as aliases for physical folders in Microsoft’s IIS. In a completely different context, the term Virtual Server is used in clustering. The Outlook clients connect not to the individual Exchange 2003 nodes, but to a Virtual server with a virtual IP address.

What is OWA? Ans: OWA is to access the mail via browser from outside the corporate network. The Outlook Web Access (OWA) client is now nearly indistinguishable from the full Outlook client. The one major component missing is offline capability, but nearly every other Outlook functionality is part of OWA.

What is POP3? Ans: The Post Office Protocol 3 (POP3) is a legacy protocol that is supported in Exchange 2007. POP3 enables simple retrieval of mail data via applications that use the POP3 protocol. Mail messages, however, cannot be sent with POP3 and must use the SMTP engine in Exchange. By default, POP3 is not turned on and must be explicitly activated.

What is IMAP4? Ans: Legacy Interactive Mail Access Protocol (IMAP) access to Exchange is also available, which can enable an Exchange server to be accessed via IMAP applications, such as some UNIX mail clients. As with the POP3 protocol, IMAP support must be explicitly turned on.

* What’s the difference between local, global and universal groups? Ans: Domain local groups assign access permissions to global domain groups for local domain resources. Global groups provide access to resources in other trusted domains. Universal groups grant access to resources in all trusted domains.

* How do you double-boot a Win 2003 server box? The Boot.ini file is set as read-only, system, and hidden to prevent unwanted editing. To change the Boot.ini timeout and default settings, use the System option in Control Panel from the Advanced tab and select Startup. * What types of classes exist in Windows Server 2003 Active Directory? 

Structural class. The structural class is important to the system administrator in that it is the only type from which new Active Directory objects are created. Structural classes are developed from either the modification of an existing structural type or the use of one or more abstract classes.

Abstract class. Abstract classes are so named because they take the form of templates that actually create other templates (abstracts) and structural and auxiliary classes. Think of abstract classes as frameworks for the defining objects.

Auxiliary class. The auxiliary class is a list of attributes. Rather than apply numerous attributes when creating a structural class, it provides a streamlined alternative by applying a combination of attributes with a single include action.

88 class. The 88 class includes object classes defined prior to 1993, when the 1988 X.500 specification was adopted. This type does not use the structural, abstract, and auxiliary definitions, nor is it in common use for the development of objects in Windows Server 2003 environments.

* How do you delete a lingering object? Ans:Windows Server 2003 provides a command called Repadmin that provides the ability to delete lingering objects in the Active Directory.  * What is a DHCP lease? Ans: A DHCP lease is the amount of time that the DHCP server grants to the DHCPclient permission to use a particular IP address. A typical server allows itsadministrator to set the lease time.

* What is the KCC? Ans:The KCC is a built-in process that runs on all domain controllers and generates replication topology for the Active Directory forest. The KCC creates separate replication topologies depending on whether replication is occurring within a site (intrasite) or between sites (intersite). The KCC also dynamically adjusts the topology to accommodate new domain controllers, domain controllers moved to and from sites, changing costs and schedules, and domain controllers that are temporarily unavailable.

*What are GPOs? Ans: Group Policy gives you administrative control over users and computers in your network. By using Group Policy, you can define the state of a user’s work environment once, and then rely on Windows Server 2003 to continually force the Group Policy settings that you apply across an entire organization or to specific groups of users and computers.

Server Types: Proxy Servers Proxy servers sit between a client program (typically a Web browser) and an external server (typically another server on the Web) to filter requests, improve performance, and share connections.

Mail ServersAlmost as ubiquitous and crucial as Web servers, mail servers move and store mail over corporate networks (via LANs and WANs) and across the Internet.

Server PlatformsA term often used synonymously with operating system, a platform is the underlying hardware or software for a system and is thus the engine that drives the server.

Web Servers At its core, a Web server serves static content to a Web browser by loading a file from a disk and serving it across the network to a user's Web browser. This entire exchange is mediated by the browser and server talking to each other using HTTP.

Application Servers Sometimes referred to as a type of middleware, application servers occupy a large chunk of computing territory between database servers and the end user, and they often connect the two.

Real-Time Communication Servers Real-time communication servers, formerly known as chat servers or IRC Servers, and still sometimes referred to as instant messaging (IM) servers, enable large numbers users to exchange information near instantaneously.

FTP Servers One of the oldest of the Internet services, File Transfer Protocol makes it possible to move one or more files securely between computers while providing file security and organization as well as transfer control.

Collaboration Servers In many ways, collaboration software, once called 'groupware,' demonstrates the original power of the Web. Collaboration software designed to enable users to collaborate, regardless of location, via the Internet or a corporate intranet and to work together in a virtual atmosphere.

List Servers List servers offer a way to better manage mailing lists, whether they be interactive discussions open to the public or one-way lists that deliver announcements, newsletters or advertising.

Telnet Servers A Telnet server enables users to log on to a host computer and perform tasks as if they're working on the remote computer itself. 

Open Source Servers From your underlying open source server operating system to the server software that help you get your job done, open source software is a critical part of many IT infrastructures.

Virtual Servers In 2009, the number of virtual servers deployed exceeded the number of physical servers. Today, server virtualization has become near ubiquitous in the data center. From hypervisors to hybrid clouds, Server Watch looks at the latest virtualization technology trends.

How to start/stop a service from command prompt?Go to the command prompt, type “Net start service name” (To start a service) “Net stop service name” (To stop a service)Ex: “net start netlogon” “Net stop netlogon”

What is a Domain controller?Domain controllers, which contain matching copies of the user accounts and other Active Directory data in a given domain.

What is a Member server?Member servers, which belong to a domain but do not contain a copy of the ActiveDirectory data.

What is standalone server? Ans: A server that belongs to a workgroup, not a domain, is called a stand-alone server.

What is a Domain?A group of computers that are part of a network and shares a common directory and security polices. In Windows 2000 a domain is a security boundary and permissions that are granted in one domain are not carried over to other domains

NTFS:Some of the features you can use when you choose NTFS are:

* Active Directory, which you can use to view and control network resources easily. * Domains, which are part of Active Directory, and which you can use to fine-tune security options while keeping administration simple. Domain controllers require NTFS. * File encryption, which greatly enhances security. * Permissions that can be set on individual files rather than just folders. * Sparse files. These are very large files created by applications in such a way that only limited disk space is needed. That is, NTFS allocates disk space only to the portions of a file that are written to. * Remote Storage, which provides an extension to your disk space by making removable media such as tapes more accessible.

* Recovery logging of disk activities, which helps you restore information quickly in the event of power failure or other system problems. * Disk quotas, which you can use to monitor and control the amount of disk space used by individual users. * Better scalability to large drives. The maximum drive size for NTFS is much greater than that for FAT, and as drive size increases, performance with NTFS doesn't degrade as it does with FAT.

Standby: Turns off your monitor and hard disks, and your computer use less power. A state, in which your computer consumes less electric power when it is idle, but remains available

for immediate use. Typically, you’d put your computer on stand by to save power instead of leaving it on for extended periods.

In stand by mode, information in computer memory is not saved on your hard disk. If the computer loses power, the information in memory will be lost.

This option appears only if your computer supports this feature and you have selected this option in Power Options. See Power Options overview in Help.

Hibernation: Turns off your monitor and hard disk, saves everything in memory on disk, and turns off your computer. When you restart your computer, your desktop is restored exactly as you left it.

A state in which your computer saves any Windows settings that you changed, writes any information that is currently stored in memory to your hard disk, and turns off your computer. Unlike shutting down, when you restart your computer, your desktop is restored exactly as it was before hibernation.

Hibernate appears only if your computer supports this feature and you have selected the Enable hibernate support option in Power Options. See Power Options overview in Help.Disconnect: A state, in which your Terminal Services session is disconnected, but remains active on the server. When you reconnect to Terminal Services, you are returned to the same session, and everything looks exactly as it did before you disconnected.

Disconnect appears only if you are connected to a Windows 2000 Server running Terminal Services.Shut down: A state in which your computer saves any Windows settings that you changed and writes any information that is currently stored in memory to your hard disk. This prepares your computer to be turned off.Restart: A state in which your computer saves any Windows settings that you changed, writes any information that is currently stored in memory to your hard disk, and then restarts your computer.Log off: A state in which your computer closes all your programs, disconnects your computer from the network, and prepares your computer to be used by someone else.

When connected to a Windows 2000 Server running Terminal Services, Log off closes all programs running in your Terminal Services session, disconnects your session, and returns you to your Windows desktop.

Differance between DNS & WINS :

DNS refers to the Domain Name System -- a widely used service in networks all over the world. DNS was created to serve the Internet Network, but also our LAN (Local Area Network).

WINS, on the other hand, refers to Windows Internet Naming Service created by Microsoft and was used in the older Windows NT4 networks as the services provided by the domain, were heavily depended on it.

Today, WINS servers are not that common except in specific applications and network conditions where they must exist. Because the majority of networks use DNS these days, Windows 2000 and 2003 have migrated away from WINS and use DNS mainly. While both services do identical jobs, that is, translate domains and hostnames into IP addresses, DNS has become the number one standard for name resolution and it surely won't change for a long time!

*How is it different than BOOTP or RARP?

DHCP is based on BOOTP and maintains some backward compatibility. The main difference is that BOOTP was designed for manual pre-configuration of the host information in a server database,

while DHCP allows for dynamic allocation of network addresses and configurations to newly attached hosts. Additionally, DHCP allows for recovery and reallocation of network addresses through a leasing mechanism. RARP is a protocol used by Sun and other vendors that allows a computer to find out its own IP number, which is one of the protocol parameters typically passed to the client system by DHCP or BOOTP. RARP doesn't support other parameters and using it, a server can only serve a single LAN. DHCP and BOOTP are designed so they can be routed.

Difference Between. Switch , Hub, Router.. Hub: 1.it is a layer1 device..used to connect various machine on Lan.2.It forwards broadcast by default.3.It supports one collision domain and one broadcast domain.4.it works on Bus topology resulting less speed.Switch: 1. A layer2 device.2. Forward broadcast first time only.3. one broadcast domain & collision domains depends on no. of ports.4.It is based on Star Topology giving 100mbps to every pc on Lan.Router: 1. Does not Broadcast by default.2. breaks up Broadcast domain.3. Also called Layer3 switch.

VPN.....VPN(Virtual Private Network )… these are basically the logical networks on the physical line… you can have many VPN over same line..Need of VPN arises when your company need to increase the network but don’t want to buy any more switches.. take an eg. your dept. your room is packed with employees and ur company need to add 4 more persons to ur deptt. what will they do.. the solution is to create VPN’s…you can configure the switch ports in other deptts. and create a specific VLAN of ur deptt. So that the persons can sit there and access to the required pcs.

ARP & RARP..... Stands for Address Resolution Protocol…whenever a request is sent by a node on one network to the node on another network the Physical address(MAC) is required and for this the IP address need to be flow over the network..whenever a router with that network (IP) gets the msg. the required MAC address is sent through the network this process of converting the IP address to MAC address is Called ARP..and the reverse that’s the conversion of the Mac address to the IP address is called RARP ( Reverse Address Resolution Protocol).

Trouble Shooting server problems

Loss of connectivity:Check all cable connections.Check media state for all wired and wireless network interfaces.Check network connectivity by pinging another computer on the network.Check internetwork connectivity by pinging a comCheck IP address and default gateway settings.Check DNS and WINSCheck proxy settings.Check security policies and authentication settings.Check whether the server’s TCP/IP settings are correct

Physical layer problems:Is the server running?Are necessary peripherals attached and running properly?Are network cables properly connected?Are NICs connectivity/power lights on?

Is recently added hardware compatible with operating system?Are correct drivers installed on server?Are New Devices causing internel BIOS conflicts on server?

Name resolution problems:Can you ping another system by both name and IP address?Check DNS settings.Check WINS settings.Check HOSTS and LMHOSTS files.Ensure that there are no obsolete host file entries.

Application Problems:Does the application interact with networking?Are all installed applications compatible with the configured network settings?Check the event log for application errors.Check the application log (Start Programs Admin.Tools Event Viewer) for application errors.

Print server problems:Is the printing device working and are all connections secure?Make sure the correct printer drivers are installed.Check the print spooler service to ensure that it is running.Check to see that there is plenty of disk space on the server for spooling.Check the permissions set on the printer.If your network is an Active Directory Domain,Check group policy settings for printers.

E-Mail server problems:Ensure that the Mail Exchange (MX) resource records in your DNS entries are correct.Ensure that the mail server has plenty of disk space for user mailboxes.If you want your mail server to receive mail from other mail servers,ensure that your mail server is configured to enable relay.

Terminal Services problems:In an Active Directory domain,check Group policy and individual users account properties if users are unable to connect to the terminal server or are unexpectedly disconnected.Ensure that Terminal Services and/or Remote Desktop are configured correctly.Ensure that you have set up a Terminal services license server and that you have sufficient licenses.

Dial-up/remote access server problems:Ensure that remote access service are installed and configured on your server.Make sure the service is started.Ensure that your dial-in, PPTP, and/or L2TP ports are enabled to accept inbound remote access calls. Ensure that the remote access server is configured to allow connections on the protocol(s) that are being used by the remote clients.

What else could the problem be?Check your server's security settings, as well as any site- ordomine-wide security policies that may be preventing connectivity.Check client licenses and licensing settings.Check the routers and the client computers to ensure that the real problem doesn't lie elsewhere.

What is Citrix?Simply put, Citrix Metaframe allows you to run applications you have at work from anywhere in the world or on your local area network (LAN).You have real time access to run your applications as fast as if you

are in the office. It does not matter if you're using a dialup modem,DSL, ISDN, or T1 to access citrix remotely.How does Citrix work?We begin with either an enhanced version of Windows NT 4.0 (TerminalServer Edition) or Windows 2000 with Terminal Services Installed.Then, we add Citrix Metaframe. This product allows multiple users torun multiple applications on the Citrix Server at the same time. Whenyou run applications on the Citrix Server the screen shots are sent toyour computer and, in return, your keyboard input and mouse movementsare sent to the Citrix Server.How much bandwidth does it take?The average connection uses 10K to 20K of bandwidth per connection.Hence, a 28K dial-up modem is enough to access a Citrix Server.What kind of operating system can I use to access Citrix?DOS, Windows 95, Windows 98, Windows CE (Thin Client), Windows NT 4.0,Windows 2000, Unix, and Macintosh.How fast of a computer do I need to access Citrix?Virtually any personal computer can access Citrix (e.g., 386 toPentium 4). In fact, it does not matter how fast your computer is,it will run with virtually the same speed on Citrix.

The following terms and definitions are used in this article:

Event   Any significant occurrence in the system or an application that requires users to be notified

or an entry to be added to a log.

Event log service   A service that records events in the System, Security, and Application logs. Event logging   The process of recording an audit entry in the audit trail whenever certain events

occur, such as services starting and stopping, or users logging on, logging off, and accessing

resources. Event Viewer   A component you can use to view and manage event logs, gather information about

hardware and software problems, and monitor security events. Event Viewer maintains logs about

program, security, and system events.

 Overview Using the event logs in Event Viewer, you can gather information about hardware, software, and system problems, and you can monitor Windows operating system security events.

 Types of Logs Found in Event Viewer Microsoft Windows Server™ 2003, Windows XP, Windows 2000 Server, and Windows NT® record events in three kinds of logs:

Application log   The Application log contains events logged by applications or programs. For

example, a database program might record a file error in the Application log. The program developer

decides which events to record.

System log   The System log contains events logged by the Windows operating system components.

For example, the failure of a driver or other system component to load during startup is recorded in

the System log. The event types logged by system components are predetermined by the Windows

operating system.

Security log   The Security log can record security events such as valid and invalid logon attempts as

well as events related to resource use, such as creating, opening, or deleting files. An administrator

can specify what events are recorded in the Security log. For example, if you have enabled logon

auditing, attempts to log on to the system are recorded in the Security log.

Servers running Windows Server 2003 and Windows 2000 Server that are domain controllers might have the following additional logs in Event Viewer:

Directory Service log   Windows Server 2003 and Windows 2000 Server directory service logs

events in the Directory Service log. This includes any information regarding the Active Directory®

directory service and Active Directory database maintenance.

File Replication Service log   File Replication Service (FRS) logs its events in this log. This service is

used for replication of files, such as domain policies, between domain controllers. DNS Server service log   This log includes events related to the Domain Name System (DNS) Server

service running on Windows Server 2003 and Windows 2000 Server. This will show only on DNS

servers running Windows Server 2003 and Windows 2000 Server.

 Types of Events Logged The icon on the left side of the Event Viewer screen describes the classification of the event by the Windows operating system. Event Viewer displays these types of events:

Error   A significant problem, such as loss of data or loss of functionality. For example, if a service

fails to load during startup, an error will be logged.

Warning   An event that is not necessarily significant, but may indicate a possible future problem.

For example, when disk space is low, a warning will be logged. Information   An event that describes the successful operation of an application, driver, or service.

For example, when a network driver loads successfully, an information event will be logged. Success Audit   An audited security access attempt that succeeds. For example, a user's successful

attempt to log on to the system will be logged as a Success Audit event. Failure Audit   An audited security access attempt that fails. For example, if a user tries to access a

network drive and fails, the attempt will be logged as a Failure Audit event.

 Event Anatomy The main event components are as follows:

Source   The software that logged the event, which can be either an application name, such as

Microsoft SQL Server™, or a component of the system or of a large application, such as MSExchangeIS,

which is the Microsoft Exchange Information Store service.

Category   A classification of the event by the event source. For example, the security categories

include Logon and Logoff, Policy Change, Privilege Use, System Event, Object Access, Detailed

Tracking, and Account Management. Event ID   A unique number for each source to identify the event.

User   The user name for the user who was logged on and working when the event occurred. N/A

indicates that the entry did not specify a user. Computer   The computer name for the computer where the event occurred. Description   This field provides the actual text of the event, or how the application that logged the

event explains what has happened. Data   Displays binary data generated by the event in hexadecimal (bytes) or DWORDS (words)

format. Not all events generate binary data. Programmers and support professionals familiar with

source application can interpret this information.

What is LMHOSTS file? It’s a file stored on a host machine that is used to resolve NetBIOS to specific IP

addresses.

Server Types Proxy ServersProxy servers sit between a client program (typically a Web browser) and an external server (typically another server on the Web) to filter requests, improve performance, and share connections.

Mail Servers Almost as ubiquitous and crucial as Web servers, mail servers move and store mail over corporate networks (via LANs and WANs) and across the Internet.

Server Platforms A term often used synonymously with operating system, a platform is the underlying hardware or software for a system and is thus the engine that drives the server.

Web Servers At its core, a Web server serves static content to a Web browser by loading a file from a disk and serving it across the network to a user's Web browser. This entire exchange is mediated by the browser and server talking to each other using HTTP.

Application Servers Sometimes referred to as a type of middleware, application servers occupy a large chunk of computing territory between database servers and the end user, and they often connect the two.

Real-Time Communication Servers Real-time communication servers, formerly known as chat servers or IRC Servers, and still sometimes referred to as instant messaging (IM) servers, enable large numbers users to exchange information near instantaneously.

FTP Servers One of the oldest of the Internet services, File Transfer Protocol makes it possible to move one or more files securely between computers while providing file security and organization as well as transfer control.

Collaboration Servers In many ways, collaboration software, once called 'groupware,' demonstrates the original power of the Web. Collaboration software designed to enable users to collaborate, regardless of location, via the Internet or a corporate intranet and to work together in a virtual atmosphere.

List Servers List servers offer a way to better manage mailing lists, whether they be interactive discussions open to the public or one-way lists that deliver announcements, newsletters or advertising.

Telnet Servers A Telnet server enables users to log on to a host computer and perform tasks as if they're working on the remote computer itself. 

Open Source Servers From your underlying open source server operating system to the server software that help you get your job done, open source software is a critical part of many IT infrastructures.

Virtual Servers In 2009, the number of virtual servers deployed exceeded the number of physical servers. Today, server virtualization has become near ubiquitous in the data center. From hypervisors to hybrid clouds, ServerWatch looks at the latest virtualization technology trends.

Table 1. Important files to back up

File name Location Comments

bookmark.nsf Notes\Data directory

Contains your saved bookmarks and Home Page information.

busytime.nsf Notes\Data directory

Contains your local free time information.

desktop6.ndk Notes\Data directory

This is your Workspace that maps to your bookmarks.

headline.nsf Notes\Data directory

Contains your Application Subscriptions information.

install.log Notes program directory

Contains the configuration information based on the options available when you install Notes. This file is used for comparison when you upgrade to new versions of Notes.

internet.nsf Notes\Data directory

Contains information from your newsgroup subscriptions (NNTP).

names.nsf Notes\Data directory

Contains your contact entries, mailing groups, connections, and locations.

notes.ini Notes program directory

Contains the information you provide when you set up Notes, including the options you select in User Preferences. May also contain information created by your administrator. This file gets deleted when you uninstall Notes.

perweb.nsf Notes\Data directory

This is your Personal Web Navigator application that contains Web browser information.

user.dic Notes\Data directory

Contains all of the words you have added to your personal dictionary through the Add to Dictionary option in the Spell Checker.

*.nsf Notes\Data directory

Applications that you create on your computer are stored in the Data directory.

<yourname>.nsf (local copy)

Notes\Data directory

Contains your Mail, Calendar, and To Do list. This only shows up in the Data directory if you have a local replica of your Mail file.

<yourname>.ID Notes\Data directory

This is your User ID file. You need this to access Notes.

Domino Messaging Server: Domino Messaging Server is used for messaging, and for calendar & scheduling. It has prebuilt e-mail and collaborative applications including discussions, team rooms, and personal journals.

Domino Messaging combines support for the latest Internet mail standards with the advanced messaging capabilities and enterprise-scale reliability and performance of Lotus Domino.Note: Domino Messaging Server is used for messaging only. Customers who want to deploy their own applications on the Domino server should consider Domino Enterprise Server or Domino Utility Server.Domino Enterprise Server: Domino Enterprise Server supports the same e-mail and collaborative applications as Messaging Server, plus the custom applications created by customers or business partners. It also includes clustering capabilities for high-availability implementations. This is the Domino server to use if your company uses Domino for messaging, and you want to deploy custom applications.

Mail Merge :The Mail Merge feature has been described here. In Ms-Word Mail Merge option is an important and every way for office set up. Many times we required sending the same content of a letter to different individuals. By using Mail Merge you can send the same letter to a number of persons without typing the content of the letter again and again.

What is the issue when system hanged on Windows Screen? Ans: It is extremely annoying to get stuck

at the welcome screen of windows Xp. One of our readers submitted such problem, that Windows Xp

hangs at welcome screen. This happens mainly due to some problem with one of the system files of

windows Xp. The file is MUP.sys.

What is MUP.sys? Ans:The process Multiple UNC(Uniform Naming Convention) Provider driver belongs to

the software Microsoft® Windows® Operating System by Microsoft Corporation. This is Microsoft system file

which is needed at the time of startup. Why computer hangs at welcome screen? Ans:When there is

something wrong with the MUP.sys the computer hangs at welcome screen. Which maybe due to a hardware

problem or a driver problem or may also be due to a virus has corrupted MUP.sys.

Microsoft outlook and Outlook express: Ans: Outlook Express is primarily an email client and newsgroup reader. It is the default email client supplied with Windows and comes free with Windows. It has all the basic facilities you expect from an email client - multiple identities, creation of folders to categories stored emails, and automated log-in and log-out. But it is just an email client.

Outlook is a full-blown contact management system. It enables you to store details on all your contacts, and to easily search and retrieve this data. It is NOT free with Windows, it is purchased as part of the Microsoft Office suite of programs. It uses the basic Outlook Express email engine as a part of its functionality. Overall it is much more powerful than the Express version. It is the sort of program a company would use to track its business contacts and their details for example. The average home user on the other hand is only likely to need to use Outlook Express, as the extra features in Outlook are all business orientated. A home user is notliekly to categories their friends for example, but a business will categories their contacts. Outlook will store electronic business cards, while Express cannot.What is Virtual Private Network Ans: A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or individual users with secure access to their organization's network. A virtual private network can be contrasted with an expensive system of owned or leased lines that can only be used by one organization. The goal of a VPN is to provide the organization with the same capabilities, but at a much lower cost.

A VPN works by using the shared public infrastructure while maintaining privacy through security procedures and tunneling protocols such as the Layer Two Tunneling Protocol (L2TP). In effect, the protocols, by encrypting data at the sending end and decrypting it at the receiving end, send the data through a "tunnel"

that cannot be "entered" by data that is not properly encrypted. An additional level of security involves encrypting not only the data, but also the originating and receiving network addresses.

Components of VPN: A VPN in servers running Windows Server 2003 is made up of a VPN server, a VPN client, a VPN connection (that portion of the connection in which the data is encrypted), and the tunnel (that portion of the connection in which the data is encapsulated). The tunneling is completed through one of the tunneling protocols included with servers running Windows Server 2003, both of which are installed with Routing and Remote Access. The Routing and Remote Access service is installed automatically during the installation of Windows Server 2003. By default, however, the Routing and Remote Access service is turned off.

The two tunneling protocols included with Windows are:Point-to-Point Tunneling Protocol (PPTP): Provides data encryption using Microsoft Point-to-Point Encryption.Layer Two Tunneling Protocol (L2TP): Provides data encryption, authentication, and integrity using IPSec.Your connection to the Internet must use a dedicated line such as T1, Fractional T1, or Frame Relay. The WAN adapter must be configured with the IP address and subnet mask assigned for your domain or supplied by an Internet service provider (ISP). The WAN adapter must also be configured as the default gateway of the ISP router.NOTE: To turn on VPN, you must be logged on using an account that has administrative rights.

How do you delete a lingering object? Windows Server 2003 provides a command called Repadmin that provides the ability to delete lingering objects in the Active Directory

What are the bootable files in Windows XP?

They are:- 1)NTLDR 2)NTDETECT.COM 3)BOOT.INI 4)BOOTSECT.DOS 5)NTBOOTDD.SYS

What are the differences between Windows 32-bit and 64-bit?

I've chosen to highlight the physical and logical differences between each version of desktop Windows as shown in Table 5. This table illustrates the progressive improvement of Windows 64-bit and indicates that Windows has a long way to go before it exhausts the capabilities of 64-bit processors.

Many of the limits in the 64-bit versions of Windows are design choices rather than limitations of the 64-bit CPUs. The number of physical processors is the most obvious as Windows Server editions support many more.

Hardware is also limited by design. For example, while 64-bit AMD and Intel CPUs use 64-bit  memory pointers, the supporting chipsets only use a 52-bit physical address space (4 Petabytes) and a 48-bit virtual memory space (256 Terabytes). This is presently more than sufficient because Windows 7 64-bit only allows 192 GB of physical memory and 16 Terabytes (44-bits) of virtual memory.

Table 5: Physical and Logical limits for Windows VersionsNumbers in parentheses indicate extended settings that are not the default and require

compatible hardware

Version: XP Vista 7

Version Bits: 32 64 32 64 32 64

System:            

Physical

Processors2 2 2 2 2 2

Logical Processors 32 64 32 64 32 256

System Cache 1 GB 1,024 GB 1 (2) GB 1,024 GB 1 (2) GB 1,024 GB

Physical Memory 4 GB 128 GB 4 GB 128 GB 4 GB 192 GB

Virtual Memory 4 GB 16,384 GB 4 GB 16,384 GB 4 GB 16,384 GB

Kernel 1 (2) GB 8 GB 2 GB 8 GB 2 GB 8 GB

User Process:            

Physical Memory 2 (3) GB 2 (4) GB 2 (3) GB 8 GB 2 (4) GB 8 GB

Virtual Memory 2 (3) GB2 (8,192)

GB2 (3) GB

2 (8,192)

GB2 (4) GB

2 (8,192)

GB

Note 1. I have used Gigabytes (GB) for consistency even though it would be convenient to convert  1,024 GB to 1 TB.

Note 2. I've excluded the first 64-bit version of Windows XP (2002) because it has a different architecture. It used Intel Itanium (IA-64) CPUs which had an x86 processor built-in for compatibility. It was replaced by AMD's 64-bit architecture (x86-64) which extended the x86 instruction set and worked so well that it has been licensed by Intel and other chip makers. The name is commonly shortened to x64 as it is the most common 64-bit CPU type today.

IIS (Internet Information Server)

IIS (Internet Information Server) is a group of Internet servers (including a Web or Hypertext Transfer Protocol server and a File Transfer Protocol server) with additional capabilities for Microsoft's Windows NT and Windows 2000 Server operating systems. IIS is Microsoft's entry to compete in the Internet server market that is also addressed by Apache, Sun Microsystems, O'Reilly, and others. With IIS, Microsoft includes a set of programs for building and administering Web sites, a search engine, and support for writing Web-based applications that access databases. Microsoft points out that IIS is tightly integrated with the Windows NT and 2000 Servers in a number of ways, resulting in faster Web page serving.

A typical company that buys IIS can create pages for Web sites using Microsoft's Front Page product (with its WYSIWYG user interface). Web developers can use Microsoft's Active Server Page (ASP)technology, which means that applications - including ActiveX controls - can be imbedded in Web pages that modify the content sent back to users. Developers can also write programs that filter requests and get the correct Web pages for different users by using Microsoft's Internet Server Application Program Interface (ISAPI) interface. ASPs and ISAPI programs run more efficiently than common gateway interface (CGI) and server-side include (SSI) programs, two current technologies. (However, there are comparable interfaces on other platforms.)

Microsoft includes special capabilities for server administrators designed to appeal to Internet service providers (ISPs). It includes a single window (or "console") from which all services and users can be administered. It's designed to be easy to add components as snap-ins that you didn't initially install. The administrative windows can be customized for access by individual customers.

What is an IIS Application?

An IIS (Internet Information Server) application is a Visual Basic application that lives on a Web server and responds to requests from the browser. An IIS application uses HTML to present its user interface and uses compiled Visual Basic code to process requests and respond to events in the browser.

To the user, an IIS application appears to be made up of a series of HTML pages. To the developer, an IIS application is made up of a special type of object called a webclass, that in turn contains a series of resources called webitems. The webclass acts as the central functional unit of the application, processing data from the browser and sending information to the users. You define a series of procedures that determine how the webclass responds to these requests. The webitems are the HTML pages and other data the webclass can send to the browser in response to a request.

IIS Applications vs. ASP Applications

IIS applications bear a superficial resemblance to Active Server Pages applications. Both types of applications present dynamic Web sites and perform their processing on the server rather than the client. However, each has its unique advantages. Active Server Pages are for script developers interested in authoring Web pages, and offer the unique capability of intermingling script with HTML. IIS applications are for Visual Basic developers building Web-based applications, rather than Web pages. IIS applications allow for complicated business processing and easy access from almost any browser or platform.

IIS Applications vs. DHTML Applications

An IIS application is also similar to another type of Internet application you can create in Visual Basic — a DHTML application. Like IIS applications, DHTML applications also allow you to

respond to events in an HTML page. However, there are several key differences between the two types of applications:

Dependency — DHTML applications are intended for use on intranets, and are dependent on Internet Explorer 4.0 or later, while IIS applications can be used on the Internet or an intranet. End users of an IIS application do not need a specific operating system or browser.

Object model — DHTML applications use a different object model than IIS applications to access and work with the elements on an HTML page. While IIS applications use the Active Server Pages object model, DHTML applications use the object model.

Location of processing — IIS applications are designed to perform most of their processing on the Web server, but DHTML applications perform most of their processing on the browser machine. You do not create any Web server components when you create a DHTML application.

=========================================================

Types of Data Backup

After you have determined what to back up and what backup storage media fits the best, you need to decide how the files will be processed. The main things to think about here are the method of backup and compression options.

Normally, file backup software doesn’t back up your PC as a whole, but allows forming tasks involving variable sets of folders and files. For each backup task, for convenience in operation, the program creates a so-called index file which contains information about all data used in it. This file is then used for comparing current and old data when doing differential or incremental backups. Let’s take a look at examples of different methods.

Full Data Backup

Full backup assumes that each time you execute the task, the entire set of data is copied to the chosen place. This type of backup takes the most disk space, time and PC resources, and often does a lot of senseless work (because unchanged, already backed up data becomes multiplied several times). On the other hand, for some types of data, e.g. when you create a complete disk image backup, full backup is the only effective option.

Incremental Data Backup

Incremental backup processes only files that appeared or changed since the previous backup. Say, you created a task for backing up My Documents folder. If you do an incremental backup immediately after a full backup, no files will be copied. But as soon as some files get modified, or new files are created, an incremental backup will process all modifications (which are calculated through comparing data in the index file with the current situation on the drive).

Incremental backups may be of two types: when files are rewritten in the same folder where the full backup is and when files are put into separate folders (which leads to creation of multiple instances of the same files). In Handy Backup, the latter option is called backup with timestamps.

Differential Data Backup

Differential backup is very much like incremental backup, with the only difference that it doesn’t update the index file with each task execution, and therefore each task execution processes all modifications since the last full backup. This approach requires more disk space, as each differential backup is of the same size or larger than the previous one, but enables faster restoration of data, as compared to incremental backup.

Note (geek talk): technically, Handy Backup managed differential backup with the use of XDelta open-source utility. At a certain moment of software evolution, there also appeared rsync working for optimization of data transfer.

Data Compression Options

Since data backups are not meant to be used as separate documents, it’s wise to enable automatic compression, in order to save storage space and transferring time (may be important if you back up online, or back up to FTP locations). Here you need to decide, if you want to compress the backup set as a whole, or compress each individual file. The first variant gives the best results in terms of saving space, while the second one requires less PC resources and allows you to perform backups and restoration faster.

SYSVOL Folder Structure About each folder under the SYSVOL share in Domain Controller

SYSVOL folder used to store a copy of the domain’s public files like system policies, Group Policy settings and logon/logoff scripts, which are replicated to all other domain controllers in the Active Directory domain through File Replication Services (FRS), You can find many folders inside the SYSVOL share, I would like to explore and explain each folder by how it’s used in the process of SYSVOL replication.

SYSVOL Folder Structure \Sysvol |____| |____Policies| |____Scripts| |____ DO_NOT_REMOVE_NtFrs_PreInstall_Directory| |____ NtFrs_PreExisting___See EventLog ||____Enterprise| |____Policies| |____Scripts||____Staging| |____Domain| |____Enterprise||____Staging Areas| |____Enterprise (junction> = Sysvol\Staging\Enterprise)| |____Your Domain Name (junction> = Sysvol\Staging\Domain)

| |____Sysvol| |____Enterprise (junction> = Sysvol\Enterprise)| |____Your Domain Name (junction> = Sysvol\Domain)

Before I discuss about the SYSVOL folder structure, we should know about the junction points,

Junction point: is a physical location on a hard disk that points to data that is located elsewhere on the hard disk or on another storage device. Junction points look like folders and behave like folders but they are not folders. A junction point contains a link to another folder. When a program opens it, the junction point automatically redirects the program to the folder to which the junction point is linked

If you open a \\%systemroot%\SYSVOL\sysvol, it actually opens the content in %systemroot%\SYSVOL\domain, you can also see this in command prompt, go to SYSVOL folder in command prompt and type DIR you can notice some of folder are shown as all are junction points

%systemroot%\SYSVOL\staging areas\domainnam pointing to %systemroot%\SYSVOL\staging\domain

%systemroot%\SYSVOL\sysvol pointing to %systemroot%\SYSVOL\domain

Staging Folder When ever you change the GPO settings the corresponding policy folder in SYSVOL get updated and this change needs to be replicated to other replication members (Domain controller) how it’s happens? Staging folder acts like a queue for changed files and folders to be replicated to downstream partners.

FRS creates a file in staging folder by using APIs (backup application programming interfaces) based on the change and replicates to the downstream partners, downstream partners use restore APIs to reconstruct the staging files in the preinstall folder, full file get copied from staging folder to preinstall folder.

Preinstall folder Preinstall folder is nothing but the DO_NOT_REMOVE_NtFrs_PreInstall_Directory. Folder located under the replica root (Domain folder). Files and folders are replicated from the upstream partner staging folder. After the file or folder is completely replicated, it is renamed to its target location in the replica tree. So that partially constructed files are not visible in the replica tree

Pre-existing folder The pre-existing folder, named NtFrs_PreExisting___See EventLog, is an optional folder that is located under the replica root (Domain folder). It may not be available by default like others folders, If pre-existing folder is present on a replica member then mostly one of the below reasons.

• Active Directory Restore: • SYSVOL Non-authoritative restore (also called D2):• Server was pre-staged before it was added to the replica set

Mostly FRS moves existing data in the replica tree to the pre-existing folder and then receives the updated replica tree from one of the upstream partners and deletes the files inside the pre-existing folder after the successful completion of replication.

Policies Folder Policy folder contains the list of folders for each policy, if you create a new Group Policy it will create a Group policy templates folder on SYSVOL share under policy, it will contain the group policy setting related to that policy, GPT folder name would be Globally Unique Identifier (GUID) of the GPO that you created.

Scripts Folder Script Folder contains all the logon/logoff scripts which is used by the various policiesSysvol Replication change in Windows 2008

Group Policy replication change

Before I start the SYSVOL replication changes in windows server 2008, I would like to explain how the GPO has been replicated in windows server 2003 and earlier versions

Understanding SYSVOL/GPO replication

Group policy template (GPT) and group policy container (GPC) are two types of Group policy settings, Its stored in two different locations and uses different replication technology to replicate the changes, however both should be available up-to-date on domain controller to function properly

Group policy templates are stored in SYSVOL, it’s a folder structure in SYSVOL share on a domain controller, if you create a new Group Policy it will create a Group policy templates folder on SYSVOL share for the new policy that contain the group policy setting related to this policy, GPT folder name would be Globally Unique Identifier (GUID) of the GPO that you created, you can view all the GPT folders from the below Path (it’s a default GPT path)

C:\Windows\Sysvol\Sysvol\DomainName\Policies

Group Policy template (GPT) is replicated by SYSVOL through FRS, FRS uses state-based replication. As soon as there is a change to any file under the Sysvol folder structure, replication is triggered and entire file get replicated

Group policy containers are stored in Active Directory, mostly all the GPO setting are stored in GPT (Group policy templates), GPC only have the reference information of the corresponding GPO, like GPT path, GUID of the GPO, version information, WMI filter information, and a list of components that have settings in the GPO, you can view the GPC from Active Directory Users and Computers (ADUC)

\System\Policies

Group policy container (GPC) is replicated through Active Directory replication

Note: By default the Group Policy Management Editor console (GPME) uses the PDC Emulator so that all administrators can work on the same domain controller, if you want a different Domain controller you can change through Group Policy Management console (GPMC)

File Replication Services (FRS)

I will try to explain step by step, let say you modify the Policy A from Server001 and how this change get replicated to Server002 (Server002 is a downstream replication partner for server001)

Once you modify the Policy A from server001, the corresponding GPT folder on SYSVOL gets updated on the server001 (also updates the Group policy containers in Active Directory on server001)

NTFS will change the USN journal according to the file and folder change.

FRS monitors the USN journal for changes on the SYSVOL folder

FRS updates the inbound log on server001, FRS not only updates the local changes on inbound log, also updates the inbound log for the changes from entire upstream replication partner (all inbound partners)

FRS creates a file in staging folder on server001 by using APIs (backup application programming interfaces) based on the change.

This change has been updated on outbound log on server001 by FRS. And also send change notification to entire downstream replication partner about the change (all outbound partners)

Server002 get the change notification from Server001 and store the change order in inbound log,

Server002 copies the staging file from Server001 to the staging folder on Server002. Server002 then update outbound log so other outbound partners can pick up the change

Using Restore APIs, Server002 reconstructs the file and folder in the preinstall folder, and then FRS renames the file or folder into the replica tree

In FRS replication process the entire changed file and folder get replicate to source to destination server

What is NTFS USN journal?

Logs all the changes to an NTFS volume, including file creations, deletions, and changes, Separate log on each NTFS volume and it has a size limit (Windows server 2003 SP2 & Windows server 2008 is 128 MB) if require you can increase the size up to 2 TB, however MS Recommends increasing by 128 MB for every 100,000 files/folders

What happens when the NTFS USN change journal fills up?

If the USN journal log fills up then NTFS will be overwrite the old entry’s, that’s why in some scenarios before the change get updated, NTFS delete the entries in USN journal log, it’s called journal_wrap

USN journal wrap Error

An error that occurs when large numbers of files change so quickly that the USN journal must remove the oldest changes (before FRS has a chance to detect the changes) to stay within the specified size limit, to resolve this issue you have to perform a non-authoritative restore also called D2

Morphed folder

Replication conflict will occur if identically named directories are created in different servers, to resolve this conflict FRS create a folder and this folder called morphed folder

Let’s say two identical directories are created in different replication members, FRS identifies the conflict during replication, and the receiving member protects the original copy of the folder and renames (morphs) the later inbound copy of the folder. The morphed folder names have a suffix of “_NTFRS_xxxxxxxx,” where “xxxxxxxx” represents eight random hexadecimal digits.

Version vector join (vvjoin)

Till now we are discussing about the SYSVOL replication, how the SYSVOL replication works for the newly added replication partner, newly added replication member doesn’t have any updates, and it should build the folder structure from the beginning, this process is called vvjoin, in which a downstream partner joins with an upstream partner for the first time.

Vvjoin is a CPU-intensive operation that can affect the performance of the server and increase the replication traffic

Distributed File System (DFS)

Now we are coming to the point, how the SYSVOL replicating using DFS and how it’s been improved to provide better replication performance, to use this feature you should have Windows Server 2008 domain functional level that means all the domain controller has to be Windows Server 2008

SYSVOL replication using DFS is called DFS-Replicated SYSVOL (DFSR)

DFSR is a multimaster replication engine and changes that occur on one of the replication member are then replicated to all of the other servers in the replication group

DFSR also monitors the NTFS for the update sequence number (USN) journal to detects changes on the volume, and then DFSR replicate the changes only after the file closed

And before sending or receiving a file, DFSR uses a staging folder to stage the file

If any changes in SYSVOL share, FRS replicate the entire file unlike the DFSR, DFSR replicates only the changes blocks and not the entire file, sounds like a attribute level Active Directory replication, it compare the source and destination file using remote differential compression (RDC), it reduce the SYSVOL replication traffic

Other Difference between DFRS and FRS

DFSR and Journal Wraps, DFSR also monitors the NTFS change journal, but DFSR always heals itself hence no Journal Wrap error

Morphed files and folders automatically taken care of

FRS silently fails if the volume SYSVOL resides on < 1GB of free space

Copies the changes on files and folder not entire files and folder

Uses Version Vector tables to confirm the changes, also to resolve the conflicts

Support read-only replication on a particular members in which users cannot add or change files

You can also make the changes to the SYSVOL folder of an RODC

DFSR does not require the version vector join (vvjoin) operationWhat is Active Directory ? Active Directory is a Meta Data. Active Directory is a data base which store a data base like your user information, computer information and also other network object info. It has capabilities to manage and administor the complite Network which connect with AD.

What is domain ? Windows NT and Windows 2000, a domain is a set of network resources (applications, printers, and so forth) for a group of users. The user need only to log in to the domain to gain access to the resources, which may be located on a number of different servers in the network. The 'domain' is simply your computer address not to confused with an URL. A domain address might look something like 211.170.469.

What is domain controller ? A Domain controller (DC) is a server that responds to security authentication requests (logging in, checking permissions, etc.) within the Windows Server domain. A domain is a concept introduced in Windows NT whereby a user may be granted access to a number of computer resources with the use of a single username and password combination.

What is LDAP ? Lightweight Directory Access Protocol LDAP is the industry standard directory access protocol, making Active Directory widely accessible to management and query applications. Active Directory supports LDAPv3 and LDAPv2.

What is KCC ? KCC ( knowledge consistency checker ) is used to generate replication topology for inter site replication and for intrasite replication.with in a site replication

traffic is done via remote procedure calls over ip, while between site it is done through either RPC or SMTP.

Where is the AD database held? What other folders are related to AD?The AD data base is store in c:\windows\ntds\NTDS.DIT.

What is the SYSVOL folder?The sysVOL folder stores the server's copy of the domain's public files. The contents such as group policy, users etc of the sysvol folder are replicated to all domain controllers in the domain.

What are the Windows Server 2003 keyboard shortcuts ? Winkey opens or closes the Start menu. Winkey + BREAK displays the System Properties dialog box. Winkey + TAB moves the focus to the next application in the taskbar. Winkey + SHIFT + TAB moves the focus to the previous application in the taskbar. Winkey + B moves the focus to the notification area. Winkey + D shows the desktop. Winkey + E opens Windows Explorer showing My Computer. Winkey + F opens the Search panel. Winkey + CTRL + F opens the Search panel with Search for Computers module selected. Winkey + F1 opens Help. Winkey + M minimizes all. Winkey + SHIFT+ M undoes minimization. Winkey + R opens Run dialog. Winkey + U opens the Utility Manager. Winkey + L locks the computer.

Where are the Windows NT Primary Domain Controller (PDC) and its Backup Domain Controller (BDC) in Server 2003 ? The Active Directory replaces them. Now all domain controllers share a multimaster peer-to-peer read and write relationship that hosts copies of the Active Directory.

I am trying to create a new universal user group. Why can’t I ?Universal groups are allowed only in native-mode Windows Server 2003 environments. Native mode requires that all domain controllers be promoted to Windows Server 2003 Active Directory.

What is LSDOU ?It’s group policy inheritance model, where the policies are applied toLocal machines, Sites, Domains and Organizational Units.

Why doesn’t LSDOU work under Windows NT ? If the NTConfig.pol file exist, it has the highest priority among the numerous policies.

What’s the number of permitted unsuccessful logons on Administrator account? Unlimited. Remember, though, that it’s the Administrator account, not any account that’s part of the Administrators group.

What’s the difference between guest accounts in Server 2003 and other editions?More restrictive in Windows Server 2003.

How many passwords by default are remembered when you check "Enforce Password History Remembered"? User’s last 6 passwords.

Can GC Server and Infrastructure place in single server If not explain why ? No, As Infrastructure master does the same job as the GC. It does not work together.

Which is service in your windows is responsible for replication of Domain controller to another domain controller.KCC generates the replication topology.Use SMTP / RPC to replicate changes.

What Intrasite and Intersite Replication ? Intrasite is the replication with in the same site & intersite the replication between sites.

What is lost & found folder in ADS ? It’s the folder where you can find the objects missed due to conflict.Ex: you created a user in OU which is deleted in other DC & when replication happed ADS didn’t find the OU then it will put that in Lost & Found Folder.

What is Garbage collection ? Garbage collection is the process of the online defragmentation of active directory. It happens every 12 Hours.

What System State data contains ? Contains Startup files,RegistryCom + Registration DatabaseMemory Page fileSystem filesAD informationCluster Service informationSYSVOL Folder

What is the difference between Windows 2000 Active Directory and Windows 2003 Active Directory? Is there any difference in 2000 Group Polices and 2003 Group Polices? What is meant by ADS and ADS services in Windows 2003?Windows 2003 Active Directory introduced a number of new security features, as well as convenience features such as the ability to rename a domain controller and even an entire domain Windows Server 2003 also introduced numerous changes to the default settings that can be affected by Group Policy - you can see a detailed list of each

available setting and which OS is required to support it by downloading the Group Policy Settings Reference.

ADS stands for Automated Deployment Services, and is used to quickly roll out identically-configured servers in large-scale enterprise environments. You can get more information from the ADS homepage.

I want to setup a DNS server and Active Directory domain. What do I do first? If I install the DNS service first and name the zone 'name.org' can I name the AD domain 'name.org' too?Not only can you have a DNS zone and an Active Directory domain with the same name, it's actually the preferred way to go if at all possible. You can install and configure DNS before installing Active Directory, or you can allow the Active Directory Installation Wizard (dcpromo) itself install DNS on your server in the background.

How do I determine if user accounts have local administrative access?You can use the net localgroup administrators command on each workstation (probably in a login script so that it records its information to a central file for later review). This command will enumerate the members of the Administrators group on each machine you run it on. Alternately, you can use the Restricted Groups feature of Group Policy to restrict the membership of Administrators to only those users you want to belong.