Register Login
Python Photoshop SAP Java PHP Android C++ Hadoop Oracle Interview Questions Articles Other

Active Directory Interview Questions and Answers

Updated Feb 19, 2019

What is Active Directory?

The Active Directory is basically an operating system that is used to run internet based servers as well as local servers. The network administrators use this to handle the different components on a network properly. It is one of the most important components of a Windows server and is also used to develop and maintain objects and domains.

What other methods could be used to activate the active directory recycle bin? 

The active directory can be enabled using the Powershell:

  • Enter the domain controller.
  • Load the active directory powershell module.
  • Execute the cmdlet command. 
Enable-ADOptionalFeature 'Recycle Bin Feature' -Scope ForestOrConfigurationSet -Target <domain name of the forest root>

What is schema in active directory? 

The active directory schema has the definitions of all the object classes that are present in the active directory forest. The definitions of the attributes are also present here.

How to modify schema in active directory?

The active directory schema can be altered using the following steps:

  • In the active directory schema console tree, right-click on active directory schema.
  • Click on operations master.
  • In the change schema master dialog box, tick the checkbox to enable schema modifications.
  • The schema master domain controller is responsible for all modification s done to the schema.

Why use active directory?

The active directory helps us to administer the functions of the entire network components of the organization.  The IT administrators and network engineers can manage the user profiles through the active directory.

What are the two basic classes of active directory objects?

The two basic classes of active directory objects are domain and controller.

What is a forest in active directory?

In an active directory, the top level is called the forest as it contains other logical trees underneath it. A forest contains user profiles, domains, group policies etc. Each forest has its own database and security policies.

What is OU in active directory?     

The OU (Organizational Unit) is used to put several organizational units such as computers, users, and groups that are in a company. It allows the administrators to organize their units and manage the entire company structure. The attributes within an organizational unit have to be unique.

What are active directory domain services?

The active directory domain services or ADDS provides facilities like login credential authentications, storing user profile details and helping in developing a communication bridge between users and domains. It improves the security of the network.

How to add users in active directory?

The steps  to add users in active directory are as follows:

  • Inside the Tools in Server Manager, click Active Directory Users and Computers.
  • Click on the domain.
  • In the Users container, create a new user from Users.
  • Fill in the user details like name and login name.
  • Hit Next and enter the password you want.
  • Hit Next and Finish.

What is group policy in active directory?

The group policy is a special feature that allows the network administrator to modify the computers and the users. At the machine level, it can be used to define the security and networking policies for users. A group policy object consists of a different setting created by the network administrators.

Which default protocol is used in directory services?

The Lightweight Directory Access protocol is used in active directory services to manage the information related to the distributed directory.

How to change the password in active directory?   

The steps to change the password in active directory are as follows:

  • Navigate to the Active Directory Users from the Administrative Tools in the control panel.
  • Navigate to users.
  • Right click on the user account where the password needs to be changed, and click Reset Password.
  • Confirm the new password by entering it.
  • Hit OK to complete the process.

Where are active directory logs stored?

The active directory logs are stored in Windows’s Event Viewer.

What is LDAP in active directory?  

The Lightweight Directory Access Protocol (LDAP) is used in active directory services to handle the information related to distributed directory. The application protocol is used for altering querying items in the Active Directory. It helps organizations for enterprise management.

What is active directory replication?

The domain controllers in the Active Directory can receive changes made to the database. To make sure that all the other domain controllers have those changes, replication is done. The server object should have a connection object that represents replication from the other controller, for a successful replication between domain controllers.

Difference between local user and domain user accounts in active directory environments?

Local user

Domain user

A local user’s account credential like username and password are stored in the computer.

A domain user’s account credential like username and password are stored in the domain controller.

After logging in, the system analyzed whether the credentials are matching with the existing list of details.

After logging in, the system checks with the domain controller the permissions the user has.

The system provides the restrictions and permissions by itself.   

The system provides the restrictions and permissions after obtaining an appropriate response from the domain controller.

What is a tombstone in active directory?

In an Active Directory, a tombstone is a container that is composed of deleted objects. It can be considered as an object that may not have been deleted from the database but is removed from the directory. Once the lifetime of a tombstone is over, they get removed by the garbage collection process.

Explain SYSVOL in active directory?

The SYSVOL (System Volume) is a directory has the public files of the domain that can be shared across the domain that can also be used for replication. These files reside in the domain controller’s hard disk drive. These files can be replicated using the File Replication Service (FRS).

What two actions do you have to perform before you can use the active directory recycle bin?

Before accessing the active directory recycle bin, the following actions need to be performed:

  • Ensure that the functional level of the active directory forest is at least Windows Server 2008 R2.
  • Only Windows Server 2008 DCs must be present in your forest.

The steps to access the active directory recycle bin are as follows:

  • Navigate to the Active Directory Module for Windows PowerShell inside Administrative Tools.
  • Then Run as Administrator.
  • Enable the Recycle Bin from the command line.

Recommended Posts:
×