|
Steps |
Windows Server 2003 Boot Process |
Windows Server 2008 Boot Process |
|
1 |
Power On -> BOIS Loaded -> POST |
Power On -> BOIS Loaded -> POST |
|
2 |
BIOS Looks for the MBR on the bootable device |
BIOS Looks for the MBR on the bootable device |
|
3 |
Through the MBR the boot sector is located and the NTLDR is loaded |
Through the MBR the boot sector is located and the BOOTMGR is loaded |
|
4 |
NTLDR reads BOOT.INI from the system volume to determine the boot drive |
BOOTMGR reads the BCD (boot configuration database) file from the \boot directory |
|
5 |
NTLDR loads and executes NTDETECT.COM from the system volume to perform BIOS hardware detection |
BOOTMGR transfer control to the Windows Loader (winload.exe) or winresume.exe in case the system
|
|
6 |
NTLDR reads the registry files, selects a hardware profile, control set, and loads drivers flagged as "boot" defined in the system hive, then passes control to NTOSKRNL.EXE |
Windows Loader loads drivers that are set to start at boot and then passes control to NTOSKRNL.EXE |
What is the difference between Windows Server 2003 and Windows Server 2008 boot process?
What's the difference between a site link's schedule and interval?
Schedule enables you to list weekdays or hours when the site link is available for replication to happen in the give interval. Interval is the re occurrence of the inter site replication in given minutes. It ranges from 15 - 10,080 mins. The default interval is 180 mins.
What are sites? What are they used for?
Sites in Active Directory represent the physical structure, or topology, of your network. Active Directory uses topology information, stored as site and site link objects in the directory, to build the most efficient replication topology. You use Active Directory Sites and Services to define sites and site links. A site is a set of well-connected subnets. Sites differ from domains; sites represent the physical structure of your network, while domains represent the logical structure of your organization.
What is REPADMIN?
REPADMIN.EXE is a command line tool used to monitor and troubleshoot replication on a computer running Windows. This is a command line tool that allows you to view the replication topology as seen from the perspective of each domain controller. It performs the following actions:
What is NETDOM?
NETDOM is a command-line tool that allows management of Windows domains and trust relationships. It is used for batch management of trusts, joining computers to domains, verifying trusts, and secure channels.
What is ADSIEDIT?
Active Directory Service Interfaces Editor (ADSI Edit) is a Lightweight Directory Access Protocol (LDAP) editor that you can use to manage objects and attributes in Active Directory. ADSI Edit (adsiedit.msc) provides a view of every object and attribute in an Active Directory forest. You can use ADSI Edit to query, view, and edit attributes that are not exposed through other Active Directory Microsoft Management Console (MMC) snap-ins: Active Directory Users and Computers, Active Directory Sites and Services, Active Directory Domains and Trusts, and Active Directory Schema.
What is REPLMON?
REPLMON is a GUI tool that enables administrators to view the low-level status of Active Directory replication, force synchronization between domain controllers, view the topology in a graphical format, and monitor the status and performance of domain controller replication.
What are the Support Tools? Why do I need them?
The Windows 2003 support tools are a collection of resources with the aim of assisting administrators to simplify management tasks. These include: troubleshooting operating systems, configuring networking and security features, managing Active Directory, and automating application deployment. With the use of these tools, the user is able to pin-point problematic issues with the system and will therefore be able to find a solution more easily.
Trying to look at the Schema, how can I do that?
When existing class and attribute definitions in the Active Directory schema do not meet the needs of your organization, you can use schema-based administrative tools to modify or add schema objects. You can modify an existing attribute or add a new class or attribute to the schema to store a new type of information in the directory. The process of modifying or updating the schema is often referred to as “extending the schema.” In addition to using schema tools to extend the schema, you can perform most schema extensions by using customized applications or Active Directory Service Interfaces (ADSI) scripts.
Why not make all DCs in a large forest as GCs?
Unless you have some really bad connections that may not be able to handle the extra traffic there is no reason not to make every DC a GC. In ANY single domain forest, it is recommended and beneficial to make all DCs GCs since it has no replication impact and serves to better distribute query load.
How do you view all the GCs in the forest?
DSQUERY server can be used to locate global catalogs
What is the Global Catalog?
The global catalog is a distributed data repository that contains a searchable, partial representation of every object in every domain in a multidomain Active Directory Domain Services (AD DS) forest. The global catalog is stored on domain controllers that have been designated as global catalog servers and is distributed through multimaster replication. Searches that are directed to the global catalog are faster because they do not involve referrals to different domain controllers.
How do you view replication properties for AD partitions and DCs?
Install Replication Monitor from Support tools, run from command line with "replmon" command, and add DC and it will show you all partitions that DC holds and all replication partners for each partition.
How do you create a new application partition?
You can create an application directory partition by using the create nc option in the domain management (partition management in windows 2008) menu of Ntdsutil. When creating an application directory partition using LDP or ADSI, provide a description in the description attribute of the domain DNS object that indicates the specific application that will use the partition. For example, if the application directory partition will be used to store data for a Microsoft accounting program, the description could be Microsoft accounting application. Ntdsutil does not facilitate the creation of a description.
What are application partitions? When do I use them?
An application directory partition is a directory partition that is replicated only to specific domain controllers. A domain controller that participates in the replication of a particular application directory partition hosts a replica of that partition. Only domain controllers running Windows Server 2003 can host a replica of an application directory partition.
Name the AD NCs and replication issues for each NC
There are three predefined Naming Contexts (NC)
1. Domain Naming Context
2. Configuration Naming Context
3. Schema Naming Context
What is the SYSVOL folder?
System Volume (SYSVOL) is a shared directory that stores the server copy of the domain public files (Policies and scripts) that must be shared for common access and replication throughout a domain. It must be located in NTFS volume (because junctions are used within the SYSVOL folder structure)
Where is the AD database held? What other folders are related to AD?
The Active Directory Database is Stored in %SYSTEM ROOT%\NDTS folder. Main database file for active directory is ntds.dit. Along with this file there are other files also present in this folder. These files are created when you run dcpromo.
Can you connect Active Directory to other 3rd-party Directory Services? Name a few options.
Active Directory is a LDAP compatible directory service and supported by various third party applications like Novell DirXML, and Atlassian Crowd.
Microsoft Identity Integration Server (MIIS) is one of the options you can use to act as an intermediary between two directories (including directories used by SAP, Domino, etc).
What is LDAP?
LDAP (Lightweight Directory Access Protocol) is a software protocol for enabling anyone to locate organizations, individuals, and other resources such as files and devices in a network. LDAP is a "lightweight" (smaller amount of code) version of Directory Access Protocol (DAP), which is part of X.500, a standard for directory services in a network. LDAP is called lighter because in its initial version it did not include security features.
What is Active Directory?
The Active Directory is the central repository in which all objects in an enterprise and their respective attributes are stored.
Active Directory provides a variety of network services, including Lightweight Directory Access Protocol. LDAP is the industry standard directory access protocol, making Active Directory widely accessible to management and query applications.