Top 20 Active Directory Interview Questions and Answers

Top 20 Active Directory Interview Questions and Answers

Q1: What is Active Directory?

Ans: Active Directory is database services which contains all the information of Objective such as Users, Computers, OU, Printers and so on. It’s enable Authentication and Authorization for Client in domain. It used to manage Centralized security in network.

Q2: What is the location to store Active Directory file?

Ans: %Systemroot%/NDTS/ntds.dit or C:/Windows/ NDTS/ntds.dit

Q3: What is file name in which Active Directory file store?

Ans: Ntds.dit

Q4: Which protocol is used  by Active directory?

Ans: LDAP




Q5: How many partition in Active Directory?

Ans: Schema Partition, Domain Partition, Configuration Partition and Application Partition.

Q6: How to check FSMO Role in window server operating System?

Ans: Netdom query

Q7: How many file are create in NTDS folder? Brief describe about these.

Ans: Ntds.dit : The Active Directory database.

       Edb.chk : The checkpoint file.

       Edb*.log : The transaction logs; each 10 megabytes (MB) in size.

       Res1.log and Res2.log : Reserved transaction logs.

Q8: What is the Sysvol folder?

Ans: Sysvol stand for System volume. It contains all information and share folder copy of domain and also Group Policy security.

Q9: what is the logical/physical structure of AD environment?

Ans: Physical Structure:  Domain Controller and Site.

Logical Structure: Domain, Tree, Forest and Organization Unit.

Q10: How to take backup of Active Directory?

Ans:  System State data where all the Active Directory file and information store. Utility for backup Ntbackup and wbadmin

Q11:  What is Stand for DC, CDC, ADC and RODC?

Ans: DC Stand for Domain controller.

         CDC stand for Child domain controller

         ADC stand for Additional domain controller

         RODC stand for Read only domain controller.

Q12: What is object and example of distinguished name?

Ans: Objects are located within Active Directory domains according to a hierarchical path, which includes the labels of the Active Directory domain name and each level of container objects. The full path to the object is defined by the distinguished name (also known as a "DN"). The name of the object itself, separate from the path to the object, is defined by the relative distinguished name.

Example: CN=Smith,OU=Sales,DC=ABC,DC=COM

Q13: What is OU?

Ans: OU stand for Organization Unit. It is collection of users and group and it give us platform to apply group policy security on users and group in OU.

Q14: Why do we create OU?

Ans: OU stand for Organization Unit, It helps to mange user and group of user according to department and give us platform to apply group policy security.

Q15: What is domain?

Ans: Domain is collection of users, group, computers, printers and so on in a network. These objects share a common directory database, security policies, and security relationships with other domains. After install Active Directory domain service for using centralized security in a domain on objects.

Q16: What is distinguish between Domain and Domain controller?

Ans: Domain: Domain is collection of users, group, computers, printers and so on in a network. These objects share a common directory database, security policies, and security relationships with other domains.

Domain Controller: It is used to denote a computer within the domain that controls the rest of the computers in the domain. From the domain controller, a network administrator can access networked computers, create or delete accounts, or manage privileges and security.

Q17: What is Forest?

Ans: Forest is a collection of Tree in domain that share a common global catalog, directory schema, logical structure and directory configuration. At the top forest represents the security boundary within user, group and other object are accessible.

Q18: What is Tree?

Ans: Tree is Collection of Domain which use contiguous name hierarchal in Domain (such as abc.com>it.abc.com>South.it.abc.com).

Q19: What is different between Role transfer and Seizing?

Ans: When Primary Domain controller (DC) server is going into maintain task and another servicing then FSMO role transfer task perform with Domain Controller (DC) and Additional Domain Controller (ADC) whereas Domain Controller(DC) dead and it’s not usable for future in that case Seize task perform on Additional Domain Controller (ADC) to become Domain Controller (DC) .

Q20: How to recover deleted Active directory users?

Ans: In Window server 2012: Open Run and type “dsac.exe” then new wizard open Active Directory Administrative Center then click on Domain name(like abc.com) and then go to OU then you see deleted user now recover that.
In window server 2008: LDP used to recover deleted active directory user.