Windows server 2008 Interview Questions and Answers, windows server interview questions and answers, windows 2008 server questions and answers, windows 2008 server interview questions and answers Page 7 -- Infibee

General Knowledge
General Aptitude
General English
Networking
Interview Questions
- .NET
- Java
- ASP.NET
- C++
- Perl
- Python
- Ruby and Rails
- Struts
- Core Java
- Hibernate
- DB2
- MS SQL Server
- MySQL
- Oracle
- SQL
- DBMS
- Data Warehousing
- Data structures and Algorithms
- CCNA
- CCNP Routing
- CCNP Switching
- Internetworking
- Border Gateway Protocol
- MCSE
- Exchange Server
- Windows Server 2008
- DNS & Active Directory
- Firewall Questions
- Unix
- Linux Server Administrator
- Linux System Administrator
- Linux File Manipulation
Database

Home
Interview Questions
Windows Server 2008

31.

How can you forcibly remove AD from a server, and what do you do later?

Demote the server using dcpromo /forceremoval, then remove the metadata from Active directory using ndtsutil. There is no way to get user passwords from AD that I am aware of, but you should still be able to change them.
Another way out too
Restart the DC is DSRM mode
a. Locate the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions
b. In the right-pane, double-click ProductType.
c. Type ServerNT in the Value data box, and then click OK.
Restart the server in normal mode
its a member server now but AD entries are still there. Promote the server to a fake domain say ABC.com and then remove gracefully using DCpromo. after you use the dcpromo /forceremoval command, all the remaining metadata for the demoted DC is not deleted on the surviving domain controllers, and therefore you must manually remove it by using the NTDSUTIL command .

32.

Can I get user passwords from the AD database?

The passwords in AD are not stored encrypted by default, so they cannot be decrypted. They are hashed. The only way to recover the data from a hash is with some sort of a hacking algorithm that attempts to crack the hash (such tools exist).

33.

What's NTDSUTIL? When do you use it?

NTDSutil is a Windows utility for configuring the heart of Active Directory. Ntdsutil.exe is a command-line tool that provides management facilities for Active Directory .Use Ntdsutil to perform database maintenance of Active Directory, to manage and control single master operations, and to remove metadata left behind by domain controllers that were removed from the network without being properly uninstalled. By default, Ntdsutil is installed in the Winnt\System32 folder.

34.

What are RODCs?

RODCs are additional domain controllers for a domain that host complete, read-only copies of the partitions of the Active Directory database and a read-only copy of the SYSVOL folder contents. By selectively caching credentials, RODCs address some of the challenges that enterprises can encounter in branch offices and perimeter networks (also known as DMZs) that may lack the physical security that is commonly found in datacenters and hub sites. RODCs also offer a number of manageability improvements that are described in this guide. This section describes how RODCs work with the rest of the Active Directory environment, the main differences between RODCs and writable domain controllers, and the RODC features that can help resolve a number of security or manageability issues.

35.

What are the major benefits of using RODCs?

The following benefits:

Improved security
Faster logon times
More efficient access to resources

Pages
1
2
3
4
5
6
7

Sitemap