1.    What is a Hub?

 Hub:

A common connection point for devices in a network. Hubs are commonly used to connect segments of a LAN. A hub contains multiple ports. When a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets.

Difference: 

Additionally, a 10/100Mbps hub must share its bandwidth with each and every one of its ports. So when only one PC is broadcasting, it will have access to the maximum available bandwidth. If, however, multiple PCs are broadcasting, then that bandwidth will need to be divided among all of those systems, which will degrade performance

What is a  Switch?

·         Switch

In networks, a device that filters and forwards packets between LAN segments. Switches operate at the data link layer (layer 2) and sometimes the network layer (layer 3) of the OSI Reference Model and therefore support any packet protocol. LANs that use switches to join segments are called switched LANs or, in the case of Ethernet networks, switched Ethernet LANs.

Difference:

A switch, however, keeps a record of the MAC addresses of all the devices connected to it. With this information, a switch can identify which system is sitting on which port. So when a frame is received, it knows exactly which port to send it to, without significantly increasing network response times. And, unlike a hub, a 10/100Mbps switch will allocate a full 10/100Mbps to each of its ports. So regardless of the number of PCs transmitting, users will always have access to the maximum amount of bandwidth. It's for these reasons why a switch is considered to be a much better choice then a hub.

Router:

A device that forwards data packets along networks. A router is connected to at least two networks, commonly two LANs or WANsor a LAN and its ISP.s network. Routers are located at gateways, the places where two or more networks connect. Routers useheaders and forwarding tables to determine the best path for forwarding the packets, and they use protocols such as ICMP to communicate with each other and configure the best route between any two hosts.

 What is a network?

A network consists of two or more computers that are linked in order to share resources (such as printers and CDs), exchange files, or allow electronic communications. The computers on a network may be linked through cables, telephone lines, radio waves, satellites, or infrared light beams.

Two very common types of networks include:

• Local Area Network (LAN)
• Wide Area Network (WAN)

What is a A Local Area Network (LAN)?

A Local Area Network (LAN) is a network that is confined to a relatively small area. It is generally limited to a geographic area such as a writing lab, school, or building.

Computers connected to a network are broadly categorized as servers or workstations. Servers are generally not used by humans directly, but rather run continuously to provide "services" to the other computers (and their human users) on the network. Services provided can include printing and faxing, software hosting, file storage and sharing, messaging, data storage and retrieval, complete access control (security) for the network's resources, and many others.

Workstations are called such because they typically do have a human user which interacts with the network through them. Workstations were traditionally considered a desktop, consisting of a computer, keyboard, display, and mouse, or a laptop, with with integrated keyboard, display, and touchpad. With the advent of the tablet computer, and the touch screen devices such as iPad and iPhone, our definition of workstation is quickly evolving to include those devices, because of their ability to interact with the network and utilize network services.

Servers tend to be more powerful than workstations, although configurations are guided by needs. For example, a group of servers might be located in a secure area, away from humans, and only accessed through the network. In such cases, it would be common for the servers to operate without a dedicated display or keyboard. However, the size and speed of the server's processor(s), hard drive, and main memory might add dramatically to the cost of the system. On the other hand, a workstation might not need as much storage or working memory, but might require an expensive display to accommodate the needs of its user. Every computer on a network should be appropriately configured for its use.

On a single LAN, computers and servers may be connected by cables or wirelessly. Wireless access to a wired network is made possible by wireless access points (WAPs). These WAP devices provide a bridge between computers and networks. A typical WAP might have the theoretical capacity to connect hundreds or even thousands of wireless users to a network, although practical capacity might be far less.

Nearly always servers will be connected by cables to the network, because the cable connections remain the fastest. Workstations which are stationary (desktops) are also usually connected by a cable to the network, although the cost of wireless adapters has dropped to the point that, when installing workstations in an existing facility with inadequate wiring, it can be easier and less expensive to use wireless for a desktop.

What is a Wide Area Networks (WANs)?

Wide Area Networks (WANs) connect networks in larger geographic areas, such as Florida, the United States, or the world. Dedicated transoceanic cabling or satellite uplinks may be used to connect this type of global network.

Using a WAN, schools in Florida can communicate with places like Tokyo in a matter of seconds, without paying enormous phone bills. Two users a half-world apart with workstations equipped with microphones and a webcams might teleconference in real time. A WAN is complicated. It uses multiplexers, bridges, and routers to connect local and metropolitan networks to global communications networks like the Internet. To users, however, a WAN will not appear to be much different than a LAN.

What is TCP/IP and what does it stand for?

·         TCP/IP (Transmission Control Protocol/Internet Protocol) is the basic communication language or protocol of the Internet. It can also be used as a communications protocol in a private network (either an intranet or an extranet). When you are set up with direct access to the Internet, your computer is provided with a copy of the TCP/IP program just as every other computer that you may send messages to or get information from also has a copy of TCP/IP.

What is a default gateway?

A default gateway is the node on the computer network that the network software uses when an IP address does not match any other routes in the routing table. It is usually the IP address of the router to which your PC network is connected.

 What does DHCP stand for?

DHCP (Dynamic Host Configuration Protocol) is a communications protocol that lets network administrators centrally manage and automate the assignment of Internet Protocol (IP) addresses in an organization's network. Using the Internet Protocol, each machine that can connect to the Internet needs a unique IP address, which is assigned when an Internet connection is created for a specific computer. Without DHCP, the IP address must be entered manually at each computer in an organization and a new IP address must be entered each time a computer moves to a new location on the network. DHCP lets a network administrator supervise and distribute IP addresses from a central point and automatically sends a new IP address when a computer is plugged into a different place in the network. DHCP allows a computer to join an IP-based network without having a pre-configured IP address. DHCP is a protocol that assigns unique IP addresses to devices, then releases and renews these addresses as devices leave and re-join the network.

What is an IP Address?

"IP" stands for Internet Protocol, so an IP address is an Internet Protocol address. What does that mean? An Internet Protocol is a set of rules that govern Internet activity and facilitate completion of a variety of actions on the World Wide Web. Therefore an Internet Protocol address is part of the systematically laid out interconnected grid that governs online communication by identifying both initiating devices and various Internet destinations, thereby making two-way communication possible. Each of the four numbers can range from 0 to 255. Here's an example of what an IP address might look like: 78.125.0.209. This innocuous-looking group of four numbers is the key that empowers you and me to send and retrieve data over our Internet connections, ensuring that our messages, as well as our requests for data and the data we've requested, will reach their correct Internet destinations. Without this numeric protocol, sending and receiving data over the World Wide Web would be impossible.

  What is the significance of the IP address 255.255.255.255?

The IPv4 address space can be subdivided into 5 classes - Class A, B, C, D and E. Each class consists of a contiguous subset of the overall IPv4 address range.  A special definition exists for the IP broadcast address 255.255.255.255. It is the broadcast address of the zero network or 0.0.0.0, which in Internet Protocol standards stands for this network, i.e. the local network. Transmission to this address is limited by definition, in that it is never forwarded by the routers connecting the local network to other networks.

What are the 3 major classes of an IP network?

The 3 major classes of an IP network are Class A, Class B and Class C. Each class indicates a number of bits per address. For example Class A are the first 8 bits, Class B are the first 16 bits while Class C are the first 24 bits.

Class A

Class A addresses are assigned to networks with a very large number of hosts. The high-order bit in a class A address is always set to zero. The next seven bits (completing the first octet) complete the network ID. The remaining 24 bits (the last three octets) represent the host ID. This allows for 126 networks and 16,777,214 hosts per network. Figure 1.4 illustrates the structure of class A addresses.

Class B

Class B addresses are assigned to medium-sized to large-sized networks. The two high-order bits in a class B address are always set to binary 1 0. The next 14 bits (completing the first two octets) complete the network ID. The remaining 16 bits (last two octets) represent the host ID. This allows for 16,384 networks and 65,534 hosts per network. Figure 1.5 illustrates the structure of class B addresses.

Class C

Class C addresses are used for small networks. The three high-order bits in a class C address are always set to binary 1 1 0. The next 21 bits (completing the first three octets) complete the network ID. The remaining 8 bits (last octet) represent the host ID. This allows for 2,097,152 networks and 254 hosts per network. Figure 1.6 illustrates the structure of class C addresses.

Class D

Class D addresses are reserved for IP multicast addresses. The four high-order bits in a class D address are always set to binary 1 1 1 0. The remaining bits are for the address that interested hosts recognize. Microsoft supports class D addresses for applications to multicast data to multicast-capable hosts on an internetwork.

What is a Class D IP address?

Class D addresses are reserved for IP multicast addresses. The four high-order bits in a class D address are always set to binary 1 1 1 0. The remaining bits are for the address that interested hosts recognize. Microsoft supports class D addresses for applications to multicast data to multicast-capable hosts on an internetwork.

Class D 224.0.0.0 to 239.255.255.255 

The IPv4 networking standard defines Class D addresses as reserved for multicast. Multicast is a mechanism for defining groups of nodes and sending IP messages to that group rather than to every node on the LAN (broadcast) or just one other node (unicast). 

Multicast is mainly used on research networks. As with Class E, Class D addresses should not be used by ordinary nodes on the Internet.

What is OSPF?

OSPF (Open Shortest Path First) is a router protocol used within larger autonomous systemnetworks in preference to the Routing Information Protocol (RIP), an older routing protocol that is installed in many of today's corporate networks. Like RIP, OSPF is designated by the Internet Engineering Task Force (IETF) as one of several Interior Gateway Protocols (IGPs).

Using OSPF, a host that obtains a change to a routing table or detects a change in the network immediately multicasts the information to all other hosts in the network so that all will have the same routing table information. Unlike the RIP in which the entire routing table is sent, the host using OSPF sends only the part that has changed. With RIP, the routing table is sent to a neighbor host every 30 seconds. OSPF multicasts the updated information only when a change has taken place.

issues due to think time and respond time.
if the delay time is more, tester should ensure that on what basis and situation made for  this delay. Identify the Peak time and the scenerios and resolve the issues through Performance Tuning. I'd first try to get the user to identify what network resource is slow (email, external web browsing, intranet, network file access, etc.) I'd probably also have the user swap locations with another coworker to identify if the problem lies in the hardware (computer, network cable, switch port, etc.) that is specific to that location. 

What is a MAC address?

MAC address

A media access control address (MAC address) is a unique identifier assigned to network interfaces for communications on the physical network segment. MAC addresses are used as a network address for most IEEE 802 network technologies, including Ethernet.

What is the difference between layer 2 and layer 3 in the OSI model?

Layer 2 and Layer 3 refer to different parts of IT network communications. The layers’ refer to how you configure an IT network, and the standard for network communications called the OSI model.

Layer 2 Data Link: Responsible for physical addressing, error correction, and preparing the information for the media
Layer 3 Network: Responsible for logical addressing and routing IP, ICMP, ARP, RIP, IGRP, and routers

The traffic goes through your local router, your Internet service provider’s routers, onto larger networks, and so on.

Trace route shows us the path traffic takes to reach the website. It also displays the delays that occur at each stop. If you’re having issues reaching a website and that website is working properly, it’s possible there’s a problem somewhere on the path between your computer and the website’s servers. Trace route would show you where that problem is.

The format of each line is as follows:

Hop RTT1 RTT2 RTT3 Domain Name [IP Address]

·         Hop: Whenever a packet is passed between a routers this is referred to as a “hop.” For example, in the output above, we can see that it takes 14 hops to reach How-To Geek’s servers from my current location.

·         RTT1, RTT2, RTT3: This is the round-trip time that it takes for a packet to get to a hop and back to your computer (in milliseconds). This is often referred to as latency, and is the same number you see when using ping. Trace route sends three packets to each hop and displays each time, so you have some idea of how consistent (or inconsistent) the latency is. If you see a * in some columns, you didn’t receive a response – which could indicate packet loss.

·         Domain Name [IP Address]: The domain name, if available, can often help you see the location of a router. If this isn’t available, only the IP address of the router is displayed.

·         Hop: Whenever a packet is passed between a routers this is referred to as a “hop.” For example, in the output above, we can see that it takes 14 hops to reach How-To Geek’s servers from my current location.

Refering to a Trace Route. What are RTT1, RTT2, RTT3:

·         RTT1, RTT2, RTT3: This is the round-trip time that it takes for a packet to get to a hop and back to your computer (in milliseconds). This is often referred to as latency, and is the same number you see when using ping. Trace route sends three packets to each hop and displays each time, so you have some idea of how consistent (or inconsistent) the latency is. If you see a * in some columns, you didn’t receive a response – which could indicate packet loss.

·         Domain Name [IP Address]: The domain name, if available, can often help you see the location of a router. If this isn’t available, only the IP address of the router is displayed.

A VLAN is a group of devices on one or more LANs that are configured to communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are extremely flexible.

As I said, a VLAN is a virtual LAN. In technical terms, a VLAN is a broadcast domain created by switches. Normally, it is a router creating that broadcast domain. With VLAN’s, a switch can create the broadcast domain.

This works by, you, the administrator, putting some switch ports in a VLAN other than 1, the default VLAN. All ports in a single VLAN are in a single broadcast domain.

Because switches can talk to each other, some ports on switch A can be in VLAN 10 and other ports on switch B can be in VLAN 10. Broadcasts between these devices will not be seen on any other port in any other VLAN, other than 10. However, these devices can all communicate because they are on the same VLAN. Without additional configuration, they would not be able to communicate with any other devices, not in their VLAN.

TCP (Transmission Control Protocol) is the most commonly used protocol on the Internet. The reason for this is because TCP offers error correction. When the TCP protocol is used there is a "guaranteed delivery." This is due largely in part to a method called "flow control." Flow control determines when data needs to be re-sent, and stops the flow of data until previous packets are successfully transferred. This works because if a packet of data is sent, a collision may occur. When this happens, the client re-requests the packet from the server until the whole packet is complete and is identical to its original.

UDP (User Datagram Protocol) is anther commonly used protocol on the Internet. However, UDP is never used to send important data such as webpages, database information, etc; UDP is commonly used for streaming audio and video. Streaming media such as Windows Media audio files (.WMA) , Real Player (.RM), and others use UDP because it offers speed! The reason UDP is faster than TCP is because there is no form of flow control or error correction. The data sent over the Internet is affected by collisions, and errors will be present. Remember that UDP is only concerned with speed. This is the main reason why streaming media is not high quality.

1) TCP is connection oriented and reliable where as UDP is connection less and unreliable.

2) TCP needs more processing at network interface level where as in UDP it’s not.

3) TCP uses, 3 way handshake, congestion control, flow control and other mechanism to make sure the reliable transmission.

4) UDP is mostly used in cases where the packet delay is more serious than packet loss.

How do you distinguish a DNS problem from a network problem?

Name 10 Trouble shooting steps

If you are truly experiencing a DNS issue, your system will not be able to resolve host names (Google.com) into IP address (74.125.225.78) which is what your computer really uses to communicate with the internet. A simple test to verify that this is the case is to go to your terminal and ping a host name (TRACERT) and then try to ping an IP address and not the FQDN then you’ve got yourself a DNS issue, because your DNS provider translating that name into an IP is not working.  Nslookup for a domain such as Google it should return an IP address if it does not it is most likely a DNS issue to check for network issues use the ping command to ping the default gateway (your router) and a host name such as Google.com. If the ping to the router fails or to a host name such as Google, it is probably a network issue. 

1: Verify network connectivity

When DNS problems occur, one of the first things you should do is verify that the DNS server still has network connectivity. After all, if the problem ends up being something as simple as a NIC failure, you can save yourself a lot of time by checking for the problem up front.

The easiest way to verify connectivity is to log on to the DNS server and try to ping a few machines. You should also try to ping the DNS server from a few random machines. Remember that ping will work only if you allow ICMP packets through the firewall on the machine you are pinging.

2: Determine the scope of the problem

After you have determined that basic connectivity still exists, the next step is to determine the scope of the problem. Are Internet name resolutions failing or are local name resolutions failing too? The answer is going to make a difference in how you will have to troubleshoot the problem. For example, if local name resolution works but Internet name resolution does not, the problem may lie with one of your ISP's DNS servers.

3: Find out whether all users are affected

Another thing to look at is whether the problem affects all of the users on the network or it's limited to a subset of users. If you determine that only some users are affected, check to see whether all those users are located on a common network segment. If so, the problem could be related to a router failure or a DHCP configuration error.

4: See whether the DNS server is performing load balancing

Organizations hosting high demand Web servers sometimes try to distribute the workload across multiple identical Web servers by using a load balancing technique called DNS Round Robin. The problem with this technique is that the DNS server has no way of knowing when one of the servers has failed. As a result, inbound traffic is still directed to all the servers in round robin fashion, even if one of those servers is offline. The result is intermittent connectivity problems to the load-balanced resource.

5: Check the DNS server's forwarders

If you determine that local name resolution requests are working but Internet requests are failing, check to see whether your DNS server uses forwarders. Even though many DNS servers use root hints for Internet name resolution, some use forwarders to link to an ISP's DNS server. And if the ISP's DNS server goes down, Internet name resolution will cease to function as the entries in the resolver cache expire. If your DNS server does use forwarders, you can try pinging the server to see whether it's online. You might also have to call the ISP to see whether it's having any DNS issues and to make sure that the IP address you are using in your forwarder is still valid.

6: Try pinging a host

If name resolutions are failing on your local network, try pinging some of the servers on your network. Start out by pinging the server's IP address. This will confirm that connectivity to the server is working. Next, try pinging by computer name and by the server's fully qualified domain name.

If you can ping the host by IP address but not by name, check your DNS server to make sure that a Host (A) record exists for the host. Without a Host (A) record, the DNS server will be unable to resolve the host's name.

7: Use NSLookup

One of the handiest tools for troubleshooting DNS failures is the NSLOOKUP command, which you can access from a Windows Command Prompt window. Simply type NSLOOKUP followed by the name of the host for which you want to test the name resolution. Windows will return the name and IP address of the DNS server that resolved the name (although the DNS server's name is often listed as Unknown). It will also provide you with the fully qualified domain name and the IP address of the host you specified.

NSLOOKUP is useful for two things. First, it allows you to verify that name resolution is working. Second, if name resolution isn't working, it allows you to confirm which DNS server is being used. Keep in mind that NSLOOKUP will list only the DNS server it initially connects to. If the name resolution request is forwarded to other DNS servers, those servers are not listed.

8: Try an alternate DNS server

Most organizations have at least two DNS servers. If your primary DNS server is having problems, try using an alternate. If name resolution begins working after you switch DNS servers, you have confirmed that the problem is indeed related to the DNS server and not to some external factor.

9: Scan for viruses

About a week ago, someone called me because every time they would try to visit certain Web sites they were redirected to a malicious Web site instead. I initially suspected a DNS poisoning attack, but ruled out such an attack because only one computer was affected.

The problem was that a virus had integrated itself into the TCP/IP stack and was intercepting all name resolution requests. Even though this initially appeared to be a DNS problem, the virus was ultimately to blame.

10: Reboot the DNS server

I know that it sounds like a cliché, but when all else fails, reboot the DNS server. I have seen several situations over the years in which name resolution stopped for an unknown reason but rebooting the DNS server fixed the problem.

Likewise, I have seen at least two examples of consumer-grade routers that have stopped forwarding DNS requests even though other types of traffic continue to flow. In one of these situations, resetting the router fixed the problem. In the other situation, the router had to be replaced. It was thought that the router might have been damaged by a power surge that had occurred a day before the problems started.

What is nslookup:

nslookup is a network administration command-line tool available for many computer operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record.

A default route of a computer that is participating in computer networking is the packet forwarding rule (route) taking effect when no other route can be determined for a given Internet Protocol (IP) destination address. All packets for destinations not established in the routing table are sent via the default route. This route generally points to another router, which treats the packet the same way: If a route matches, the packet is forwarded accordingly, otherwise the packet is forwarded to the default route of that router. The process repeats until a packet is delivered to the destination. Each router traversal counts as one hop in the distance calculation for the transmission path.

What does DNS Stand for? And what is it? 

Definition: The DNS translates Internet domain and host names to IP addresses. DNS automatically converts the names we type in our Web browser address bar to the IP addresses of Web servers hosting those sites.

DNS implements a distributed database to store this name and address information for all public hosts on the Internet. DNS assumes IP addresses do not change (are statically assigned rather than dynamically assigned).

A maximum transmission unit (MTU) is the largest size packet or frame, specified in octets (eight-bit bytes), that can be sent in a packet- or frame-based network such as the Internet. The Internet's Transmission Control Protocol (TCP) uses the MTU to determine the maximum size of each packet in any transmission. Too large an MTU size may mean retransmissions if the packet encounters a router that can't handle that large a packet. Too small an MTU size means relatively more header overhead and more acknowledgements that have to be sent and handled. Most computer operating systems provide a default MTU value that is suitable for most users. In general, Internet users should follow the advice of their Internet service provider (ISP) about whether to change the default value and what to change it to.

What is Active Directory schema?

1. The Microsoft Active Directory schema contains formal definitions of every object class that can be created in an Active Directory forest. The schema also contains formal definitions of every attribute that can exist in an Active Directory object.

Long Definition:

Active Directory uses objects to store information. Objects are data structures that consist of multiple attributes that store both data and its related metadata. Metadata is data that describes the properties of other data. For example, an object that stores a user account has many attributes, including attributes that contain the user’s logon name, first name, last name, and password. Each of those attributes has additional attributes that contain metadata about the information that the attribute stores. The logon name attribute, for example, has multiple attributes of its own. One attribute that is associated with the logon name specifies that the logon name is a required attribute, which means that the user object is not valid unless it contains the logon name attribute. Another attribute that is associated with the logon name specifies the syntax of the value that is stored in the logon name attribute. This ensures that the value that the logon name attribute contains is in a valid format. Both of these attributes contain metadata for the logon name attribute; that is, they define the characteristics of the logon name attribute.

The object definitions in the schema list all the object attributes and define how these attributes relate to each other. Some objects are simple and contain only a few attributes, while other objects are quite complex and contain hundreds of attributes. Attributes themselves are objects, and the schema contains a definition for each one. To define new objects, smaller objects are associated with one another to define the necessary attributes of the new objects.

he Active Directory installation process that creates the forest also generates the default schema. Thereafter, the default schema replicates to each new domain controller during the installation of the directory on that new domain controller. The default schema contains all the standard object definitions that are necessary for Active Directory to function in a standard deployment.

Active Directory uses a multimaster replication topology, which means that any domain controller in a forest can write a change to the directory database and then replicate that change to other domain controllers in the same forest. For a domain controller to create a new object and write it to the directory, the domain controller must have access to the object definition that is needed to create the new object. Every domain controller in a forest maintains a copy of the schema, which makes it possible for domain controllers to have access to the object definitions that they need to store and retrieve information in the directory.

In some situations, the default attributes and object definitions in the schema are insufficient to create new object types that are required by some applications or services that interoperate with the directory. In these situations, it is possible to customize the schema by adding new object definitions to it. The process of adding definitions to the schema is referred to as “extending the schema.”

It is important to plan the deployment of schema extensions carefully. The directory stores the schema and replicates schema changes to every domain controller throughout the forest. Therefore, extending the schema creates replication traffic, which can briefly affect network traffic. For more information about extending the schema, see “How the Active Directory Schema Works.”

 Each element of the logical structure of Active Directory is defined below:

Domain – a domain in Windows 2000 is very similar to a domain is Windows NT. It is still a logical group of users and computers that share the characteristics of centralized security and administration. A domain is still a boundary for security – this means that an administrator of a domain is an administrator for only that domain, and no others, by default. A domain is also a boundary for replication – all domain controllers that are part of the same domain must replicate with one another. Domains in the same forest automatically have trust relationships configured.

Tree – a tree is a collection of Active Directory domains that share a contiguous namespace. In this configuration, domains fall into a parent-child relationship, which the child domain taking on the name of the parent.

Forest – a forest is the largest unit in Active Directory and is a collection of trees that share a common Schema, the definition of objects that can be created. In a forest all trees are connected by transitive two-way trust relationships, thus allowing users in any tree access to resources in another for which they have been given appropriate permissions and rights. By default the first domain created in a forest is referred to as the root domain. Amongst other things, this is where the Schema is stored by default.
There are two types of active directory forest :-
I) Single Forest
2) Multiple forest

Organizational Unit – An organizational unit (OU) is a container object that helps to organize objects for the purpose of administration or group policy application. An OU exists within a domain and can only contain objects from that domain. OU can be nested, which allows for more flexibility in terms of administration. Different methods for designing OU structures exist including according to administration (most common), geography, or organizational structure. One popular use of OUs is to delegate administrative authority – this allows you to give a user a degree of administrative control over just the OU, and not the entire domain.

Global Catalogs – Global Catalogs are listings of every object that exists within an Active Directory forest. By default, a domain controller only contains information about objects in that domain. A Global Catalog server is a domain controller that contains information about every object (though not every attribute for each) stored in the entire forest. This facilitates and speeds up the search for information in Active Directory. By default only the first domain controller created in a forest has a copy of the global catalog – others much be designated manually.

The physical structure of Active Directory helps to manage the communication between servers with respect to the directory. The two physical elements of Active Directory are domain controllers and sites. Each is described below.

Domain Controllers – domain controllers are Windows 2000 Server-based systems that store the Active Directory database. Every Windows 2000 domain controller has a writable copy of the directory. This is different that in NT 4, where only the PDC had this capability. Domain controllers in the same domain contain replicas of the directory that must be synchronized periodically.

Site – a site is a concept that did not exist in an NT directory service structure. In Active Directory, sites are groups of IP subnets that are connected at high speed. Although the definition of ‘high speed’ is open, it is generally considered to be subnets that are connected at LAN speeds (say 10 Mb) or higher. The purpose of defining sites in Active Directory is to control network traffic relating to directory synchronization, as well as to help ensure that users connect to local resources. For example, domain controllers located in the same site replicate with one another on a 5-minute change notification interval similar to in NT 4. However, replication between domain controllers in different sites can be scheduled according to your needs. This allows a much greater degree of flexibility that in NT 4. For example, you could set things up such that replication between sites could only happen between midnight and 6am – thus ensuring that replication traffic would not interfere with normal data transfer during business hours. Sites also help ensure that users avoid accessing resources over the WAN by having client systems access servers (such as domain controllers) that are in the same physical site first.

What is multimaster replication?

True multi master replication can be contrasted with other directory services that use a master-slave approach to updates wherein all updates must be made to the master copy of the directory and then be replicated to the slave copies.

DCPROMO

1. RAID stands for Redundant Array of Independent Disks. RAID is a method of combining several hard drives into one unit. It offers fault tolerance and higher throughput levels than a single hard drive or group of independent hard drives. RAID levels 0,1, 10 and 5 are the most popular.
2. Following are the key points to remember for RAID level 0.
3. • Minimum 2 disks.
   • Excellent performance ( as blocks are striped ).
   • No redundancy ( no mirror, no parity ).
   • Don’t use this for any critical system.

4. Following are the key points to remember for RAID level 1.

   • Minimum 2 disks.
   • Good performance ( no striping. no parity ).
   • Excellent redundancy ( as blocks are mirrored ).

5. Following are the key points to remember for RAID level 5.

   • Minimum 3 disks.
   • Good performance ( as blocks are striped ).
   • Good redundancy ( distributed parity ).
   • Best cost effective option providing both performance and redundancy. Use this for DB that is heavily read oriented. Write operations will be slow.
6. Following are the key points to remember for RAID level 10.

• Minimum 4 disks.

• This is also called as “stripe of mirrors”
• Excellent redundancy ( as blocks are mirrored )
• Excellent performance ( as blocks are striped )
• If you can afford the dollar, this is the BEST option for any mission critical applications (especially databases).

What is the file that’s responsible for keeping all Active Directory databases?

%SystemRoot%\ntds\NTDS.DIT. 

Windows 2000 Active Directory data store, the actual database file, is %SystemRoot%\ntds\NTDS.DIT. The ntds.dit file is the heart of Active Directory including user accounts. Active Directory's database engine is the Extensible Storage Engine ( ESE ) which is based on the Jet database used by Exchange 5.5 and WINS. The ESE has the capability to grow to 16 terabytes which would be large enough for 10 million objects. Back to the real world. Only the Jet database can maniuplate information within the AD datastore.

For information on domain controller configuration to optimize Active Directory, see Optimize Active Directory Disk Performance

What tables does the Active Directory ESE database, NTDS.DIT, consists of?

The Active Directory ESE database, NTDS.DIT, consists of the following tables:

·         Schema table 
the types of objects that can be created in the Active Directory, relationships between them, and the optional and mandatory attributes on each type of object. This table is fairly static and much smaller than the data table.

·         Link table 
contains linked attributes, which contain values referring to other objects in the Active Directory. Take the MemberOf attribute on a user object. That attribute contains values that reference groups to which the user belongs. This is also far smaller than the data table.

·         Data table 
users, groups, application-specific data, and any other data stored in the Active Directory. The data table can be thought of as having rows where each row represents an instance of an object such as a user, and columns where each column represents an attribute in the schema such as GivenName.

From a different perspective, Active Directory has three types of data

·         Schema information 
definitional details about objects and attributes that one CAN store in the AD. Replicates to all domain controllers. Static in nature.

·         Configuration information 
configuration data about forest and trees. Replicates to all domain controllers. Static as your forest is.

·         Domain information 
object information for a domain. Replicates to all domain controllers within a domain. The object portion becomes part of Global Catalog. The attribute values (the actual bulk of data) only replicates within the domain.

1. NFS stands for Network File System, a file system developed by Sun Microsystems, Inc. It is a client/server system that allows users to access files across a network and treat them as if they resided in a local file directory.
2. The Network File System (NFS) is a client/server application that lets a computer user view and optionally store and update file on a remote computer as though they were on the user's own computer. The user's system needs to have an NFS client and the other computer needs the NFS server. Both of them require that you also have TCP/IP installed since the NFS server and client use TCP/IP as the program that sends the files and updates back and forth. (However, the User Datagram Protocol, UDP, which comes with TCP/IP, is used instead of TCP with earlier versions of NFS.)

The following figure shows the TCP/IP protocol architecture: Fill in the following table

[image]

TCP/IP Protocol Architecture

[image]

[image]

What is the IP Class of the binary IP address? 

Command prompt Ipcofing/all

check network adapter settings 

Domain control IP address is the same as the DNS server

Ping the domain control make sure it is on the network

To add computer to domain 

What Is the Active Directory Replication Model?

Active Directory replication is the means by which changes to directory data are transferred between domain controllers in an Active Directory forest. The Active Directory replication model defines the mechanisms that allow directory updates to be transferred automatically between domain controllers to provide a seamless replication solution for the Active Directory distributed directory service. 

What do Group Policy Preferences do?

Group Policy Preferences let you manage drive mappings, registry settings, local users and groups, services, files, and folders without the need to learn a scripting language. You can use preference items to reduce scripting and the number of custom system images needed, standardize management, and help secure your networks. By using preference item-level targeting, you can streamline desktop management by reducing the number of Group Policy Objects needed. 

You start the GPMC from the Start menu: Click Start, All Programs, Administrative Tools, Group Policy Management. You can also click Start, type Group Policy Management, and then click Group Policy Management in the Programs section of the Start menu. Windows Server 2008 and Windows Server 2008 R2 include the GPMC when they are running the AD DS role. Otherwise, you can install the GPMC on Windows Server 2008, Windows Server 2008 R2, or Windows 7 as described in the section “Installing the GPMC in Windows 7,” later in this white paper.

[image]

Group Policy objects

How to creat a GPO (Group Policy Object) and How to edit a GPO 

Creating a GPO

How to Install the GPMC in Windows 7

Conclusion

STEP BY STEP GUIDE TO SETUP ACTIVE DIRECTORY ON WINDOWS SERVER 2008

STEP BY STEP GUIDE TO SETUP ACTIVE DIRECTORY ON WINDOWS SERVER 2008

How to create a GPO

Creating a GPO is the initial step in ultimately applying Group Policy settings to user objects, and computer objects in Active Directory. When you create a new GPO, it is by default linked to the site, domain, or OU which was selected, when the GPO was created. The Group Policy settings stored in the GPO are applied to that particular site, domain or OU. You can though, at a later stage, link the GPO to other sites, domains, or OUs.

To create a GPO,

1. You need to open the Active Directory Sites And Services console if you want to create a GPO for a site. To open the console, click Start, Administrative Tools, and click Active Directory Sites And Services. You have to use the Active Directory Users And Computers console if you want to create a GPO for a domain or OU. To open the console, click Start, Administrative Tools, and click Active Directory Users And Computers.
2. In the console which you opened, locate and right-click the site, domain or OU that you want to create a GPO for, and then click Properties on the shortcut menu.
3. When the Properties dialog box for the site, domain or OU opens, click the Group Policy tab.
4. Click New. 
5. Provide a name for the GPO.
6. Click Close.
7. The new GPO is linked to the site, domain, or OU which you chose in the MMC, by default. The Group Policy settings contained in the GPO are applied for objects in that particular site, domain, or OU.

To use the Active Directory Users and Computers snap-in to publish non-Windows 2000-based printers:

1. Click Start, click Run, type dsa.msc, and then click OK.
2. Double-click the domain name, right-click the organizational unit, point to New, and then click Printer.
3. In the UNC Path box, type the path to the printer (such as \\servername\printername).

Searching for Printers in Active Directory

Active Directory client users can browse for printers published in Active Directory, submit jobs to those printers, and even install the printer drivers directly from the server.

1. Click Start point to Search, and then click either For Printers in Windows 2000 or in Windows XP.
2. In the In box, click Entire Directory.
3. Type the parameters on which you want to search.
4. Click Find Now.
5. Right-click a printer, and then click Connect to install it. Or, click Open to view the current printer queue.

1: Open Command prompt and type Get-ExchangeServer

2: Get-ExchangeServer | fl

Where is the Windows Host File located?

Host file Location:

Windows NT/2000: c:\winnt\system32\drivers\etc\hosts
Windows XP (Home OR Pro): c:\windows\system32\drivers\etc\hosts

notepad c:\windows\system32\drivers\etc\hosts

 Ubuntu’s hosts file is located in the /etc/ folder

The 127.0.0.1 is considered the location of your computer, so when an entry listed in the MVPS HOSTS file is requested on a page you are viewing, your computer thinks 127.0.0.1 is the location of the file.

You can use a HOSTS file to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers. This is accomplished by blocking the connection(s) that supplies these little gems. The Hosts file is loaded into memory (cache) at startup, so there is no need to turn on, adjust or change any settings with the exception of the DNS Client service (see below). Windows automatically looks for the existence of a HOSTS file and if found, checks the HOSTS file first for entries to the web page you just requested. 

1. A VLAN is a group of devices on one or more LANs that are configured to communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are extremely flexible.

2. As I said, a VLAN is a virtual LAN. In technical terms, a VLAN is a broadcast domain created by switches. Normally, it is a router creating that broadcast domain. With VLAN’s, a switch can create the broadcast domain.

   This works by, you, the administrator, putting some switch ports in a VLAN other than 1, the default VLAN. All ports in a single VLAN are in a single broadcast domain.

   Because switches can talk to each other, some ports on switch A can be in VLAN 10 and other ports on switch B can be in VLAN 10. Broadcasts between these devices will not be seen on any other port in any other VLAN, other than 10. However, these devices can all communicate because they are on the same VLAN. Without additional configuration, they would not be able to communicate with any other devices, not in their VLAN.

The hosts file is a computer file used by an operating system to map hostnames to IP addresses. The hosts file is a plain text file, and is conventionally named hosts. 

C:\Windows\system32\drivers\etc\hosts

The Microsoft Deployment Toolkit (MDT) provides a unified collection of tools, processes, and guidance for automating desktop and server deployments.

https://www.youtube.com/watch?v=AiX-WIQf7Js

https://www.youtube.com/watch?v=VcCHTVp0FAA

What does it mean to sysprep a computer?

Made by microsoft for customized OS deployment

1. Install all the software, drivers, This involves installing windows on the box, drivers, and put all the short cuts in the all users folder desk top favorites. You can use a locol group policy. Install all the software that the users will need on the machine.
2. Break out the windows cd, go to the support folder, and extract  deploy.cab (right click and choose extract) and put in the sysprep folder on the C: drive. 
3. Use the setup manager in the sysprep file. this will be used to create a answer file. Creat a new sysprep answer file using the setup manger.  This will have the computer name, time zone, put in the local admin and encrypt the password, you can also have a automatic admin login too.  Configure TCP/IP settings, and you can add it to the domain.  Run once will allow you to run scripts or batch files. It will save it as an INF file. 
4. Run sysprep, it will allow you to repackage the computer and capture the image. Once you click reseal it will delete all usernames. After you hit repackage you will need to plug in an external hard drive, and extract the image. 

http://www.symantec.com/business/support/index?page=content&id=TECH107324

To roll out the image to the client computers

1. If you use Ghost Console to roll out the image, create a new Task. Do not check the SID Change option in the Task.
2. If you use Ghost Multicast Server to roll out the image, do not use Ghost Walker after rolling out the image.
3. If you use Norton Ghost 2003, use Ghost.exe to write the image to the destination computer.
4. If you use Norton Ghost 2002 or earlier, use Ghostpe.exe to write the image to the destination computer.
5. Restart the computers. Windows 2000 Professional, Windows XP and Windows Vista will detect the hardware, install the new drivers as appropriate, and assign new SIDs.

To create a new Sysprep configuration

1. Create a new folder. This folder will contain the Sysprep files. Ghost 7.5 and later does not require this folder to be on the root of the C drive. If you run Sysprep manually, Windows might require this folder to be on the root of the C drive.
2. Follow the Microsoft instructions for creating a Sysprep.inf file and copy that file into the new folder. The options available for configuring Sysprep.inf depend on the version of Windows with which you will use Sysprep.inf file.
3. Copy the Sysprep files into the new folder. For an image of a Windows 2000 installation, use Sysprep version 1.1 or later for Windows 2000. For an image of a Windows XP installation, use a version of Sysprep that is for Windows XP (See the previous section Sysprep versions).

[image]

[image]

1. Active Directory (AD) is a directory service that Microsoft developed for Windows domain networks and included in most Windows Server operating systems as a set of processes and services.

There are  Five different FSMO (Flexable Single Master Operation) roles.

Two of these roles exist at the forest level, and three of the roles exist at the domain level. What are the 5 roles and which level does each assoicate with? 

 Five different FSMO (Flexable Single Master Operation) roles.

Two of these roles exist at the forest level, and three of the roles exist at the domain level. The Forest level roles include the Schema Master and the Domain Naming master, while the domain level FSMO roles include the Relative Identifier Master, Primary Domain Controller (PDC) Emulator, and Infrastructure Master.