Active Directory 3 Flashcards

Windows 2000
Terms Definitions
Common Name
_____________ are typically assigned and inherited within a domain only, not from the forest.
Group Policies
_____________ is a command line tool that will open the active directory install wizard.
_______________ is when administration of an OU can be delegated to a supervisor or manager and thus can allow that person to manage the day-to-day resource access.
Delgation of administration
What contains the rules and definitions that are used for creating and modifying objects classes and attributes?
Schema Partition
Realm Trust
- Explicitly created between a non-Windows Kerberos realm and a Windows Server 2003 realm.
What are the default names of the application directory partitions createdby the DNS installation within the Active Directory Installation Wizard?
The ______________ command can be used to view the SID, group memberships, and specific permissions of the user currently logged on.
whoami /all
The domain controller that is the point of contact for domain controllers in another site.
Bridgehead Server
A _______ is defined by one or IP subnets that are connected by fast links.
To create and maintain active directory quotas, you use the _________ commands: (3)
dsadd quota
dsmod quota
dsquery quota
Application Directory Partition

- Stores __________
- Can be replicated to __________
- Stores dynamic application specific data.

- Can be replicated to administrator-specified domain controllers within a forest or can be set to replicate to all domain controllers like other directory partitions.
List five features of IntelliMirror
- Remote Installation Services
- Software Installation and Maintenance
- User Data Management
- User Settings Management
- Computer Settings Management
What is the name of the file where all the information from your Active Directory is stored?
Windows Server 2003 stores a list of permissions, called the _____________ for every Active Directory object.
Access Control List
In a Windows Server 2003 environment, Active directory provides fault tolerance using what?
A multi-master replication system, where multiple servers, installed as domain controllers, share a common database.
The major benefits of the high-powered Active Directory directory service include:
- Centralized resource and security administration- Single logon for access to global resources- Fault tolerance and redundancy- Simplified resource location
Type of trust manually created between Windows 2003 servers in different forests or between a Windows 2003 server or an NT server
External Trust

(non-transitive, one way or two way)
Change and Configuration Management
A set of Windows Server 2003 features that simplify desktop management tasks
What are the forest functional levels?
- Windows 2000 (Supports NT 4.0, 2000, and 2003)- Windows Server 2003 interim (NT 4.0 and 2003)- Windows Server 2003 (2003)
Why should you try to minimize the number of domains in your organization?
Having multiple domains adds maintenance and hardware costs.
Two modes of the Resultant Set of Policy Wizard
- Logging Mode

- Planning Mode
What is the advantage of creating your sites and subnets prior to installingsubsequent domain controllers?
When your domain controllers are installed and an IP address is assigned, they willautomatically be placed in the site associated with their network address. This willsave you the step of moving them later.
Ownership of an object can be taken by: (3)
1. Administrator

2. Users with the Take Ownership permission

3. A user who has the Restore Files and Directories right.
Order of GPO Application (4 parts)
- Local GPO
- GPO linked to sites
- GPO linked to domains
- GPO linked to OU
Which of the following are requirements for Active Directory installation?a. An IP address of a DNS serverb. Any version of DNSc. Windows Server 2003 Web Editiond. An NTFS partitione. Dynamic Host Configuration Protocol (DHCP)
a and d are correct. Answer b is incorrect since DNS must support SRV resourcerecords and not all versions do. Answer c is incorrect because the Web Editiondoes not support Active Directory. Answer e is incorrect. DHCP has nothing to dowith Active Directory, but rather is a service used to supply TCP/IP information.
Why should you define the forest root domain with caution?
Once you've named the forest root domain, you cannot change it.
In Active Directory, each object is defined in a __________.
Schema. A schema is a master database that contains definitions of all objects in the Active Directory.
What are two ways to locate Active Directory Objects?
1. Find option in the Active Directory Users and Computers Console

2. dsquery
You are a consultant working on a site plan for a medium-sized organization.The organization consists of a main office and three branch offices. Two of the locations have standard IP links to the main office, while thethird branch office is a separate do
Configure RPC over IP for the two standard link branch offices and configure SMTPfor the remote office that is part of a separate domain. This solution follows theguidelines that include using RPC over IP in most situations and SMTP when thereis an Internet-based connection from a separate domain.
