Active Directory Interview Questions & Answers: 2021

By | June 27, 2021

Hey! are you searching for active directory interview questions & answers? Then this article best for you because in this article we will discuss the top 30 questions and answers.

Active Directory Interview Questions & Answers
  1. What is an Active Directory?

Ans. Active Directory is a centralized database of Users and Groups, Computers, Resources, and Services. In other words, Active Directory is a centralized collection of objects like Users, Groups. Computers and Resources.

2. Explain the benefits of Active Directory?

Ans. some of the benefits of active directory are followings-

  • Hierarchical Organisational Structure.
  • Multi-Master Authentications and Multi-master Replication.
  • A Single Point of Access to Network Resources.
  • Ability to create Trust Relationship with External Networks.

3. What is a Fine-grained password policy in Active Directory?

Ans. A Fine-grained password is an active directory password policy where we can define the password and lockout policy on different types of users and groups. Before Windows Server 2008, if you want to set a password and lockout policy differently then you had to set up another domain.

4. What is RODC?

Ans. RODC stands for Read-Only Domain Controller is a feature of an active directory where you can create RODC server. These features only available from Microsoft Windows server 2008.

5. What are Active Directory Components?

Ans. Active directory components are collections of Objects like Forest, Tree, OU, and network resources. Active Directory objects divided into two types-

Container Objects

Container Objects can contain other objects like Forest, Tree, Domain, and OU.

Leaf Objects

Leaf Objects can not contain other objects like User, Computer, Printer, etc.

6. What is Active Directory Domain?

Ans. Active Directory domain or Windows Server Domain is container objects that contain a logical group of computers, Users, Printers, etc. The domain share centre directory of the database to communicate Microsoft Windows Operating system or another Operating Systems.

7. What is Tree in AD?

Ans. Active Directory Tree is a logical group of network resources that contain one or more Domains. Active Directory follows the Parent-child relationship to communications between two Domains. Active Directory Domain Tree used the same namespace to communicate to another Domain.

8. Define Active Directory Forest?

Ans. Forest is the largest container object of Active Directory. It Contains two or more trees. Forest is the main fundamental security boundary within Active Directory. A user can access resources across of entire Active Directory Forest from Single Login Password Combination.

9. What is an Active Directory OU?

Ans. An OU is the smallest container Object that represents a logical grouping of resources that have similar security or Administrative guidelines. The main benefits of OU are Delegation of control and applying separate security policies on Different OUs.

10. Explain the term Active Directory Schema?

Ans. The Schema is the main component of the Active Directory that defines objects and attributed. Schema is a collection of objects and defined the attributes of Objects like OU, Printers, Users, Computers, etc.

In other words, Schema is a collection of object classes and objects attribute In the Active Directory Schema works like Master documents because all the objects saved in Active Directory as Unit as storage, and Schema defines the attributes of objects.

11. What is SYSVOL?

Ans. SYSVOL is the Default folder of any Domain that keeps all the information like Users, computers, and Network Resources.

12. Which access protocol is primarily used in Active Directory?

Ans. Active Directory used LDAP (Lightweight Directory Access Protocol) protocol primarily.

13. What port does LDAP use?

Ans. The port number of LDAP is 389. For SSL port number of LDAP is 636.

14. What is FSMO stand for?

Ans. FSMO stand for- Flexible Single Master Operations.

15. How many types of FSMO Roles?

Ans. There are five types of FSMO roles-

  • Schema Master
  • Domain Naming Master
  • RID Master
  • PDC Emulator
  • Infrastructure Master

16. What is Schema Master Role in Active Directory?

Ans. Schema Master role is a collection of objects and attributes that defined the creations of objects and attributes.

17. Define Domain Naming Master Role?

Ans. Domain Naming Master responsible for changes the configuration naming context such as adding, removing domain, adding and removing cross-references to the domain in externals directory, after update replicates to other DCs.

18. What is a RID in Active Directory?

Ans. RID master role use to allocates each DC a pool of RIDs via each domain that can create the objects.

19. What is the main task of the PDC Emulator?

Ans. If any password changes replicated preferentially to PDC emulator.

20. What is seizing in Active Directory?

Ans. Seizing is the process of restoring the backup of the active directory when the role holder has failed irrecoverably will not be restored from backup. in other words, seizing is a forced way to transfer AD.

21. What is Delegation of control?

Ans. Delegation of control is a feature of Active Directory objects that grant users to given permissions of Active Directory objects. Like Users, Groups, OU, etc.

22. How many partitions in Active Directory?

Ans. There are four types partitions in Active Directory-

  • Schema Partition
  • Domain Partition
  • Configuration Partition
  • Application Partition

23. What is Kerberos Authentication?

Ans. The Kerberos authentication protocols provide a mechanism for mutual authentication between entities before a secure network connection established.

24. What is Tombstone Lifetime?

Ans. Tombstone lifetime is process of active directory that use to define that how long deleted object can be restored.

25. What is the port number of Kerberos?

Ans. The Kerberos uses port number 88 to communicate.

26. What are Stands for GPT & GPC?

Ans. GPT stands for -Group Policy Template and GPC stands for Group Policy Container.

27. What is REPLMON?

Ans. REPLMON is a tool for troubleshooting active directory replication issues.

Active Directory Interview Questions & Answers PDF

Leave a Reply

Your email address will not be published. Required fields are marked *