Active Directory Configuration and Installation

Questions and Answers

Which type of DNS record is used to map a domain name to an IP address?

MX Record

CNAME Record

PTR Record

A Record (correct)

What does the TTL (Time to Live) value in a DNS record represent?

The frequency of DNS record updates

The maximum lifespan of a domain name

The duration a DNS query is cached by a resolver (correct)

The time it takes for changes to propagate across DNS servers

Which statement is true regarding the global catalog?

It contains information about all objects in the forest (correct)

It holds a full replica of all objects in the domain

It is used exclusively for group policy application

It can only be accessed by domain administrators

Which zone file is responsible for resolving names to IP addresses?

Forward Lookup Zone (A)

Which resource record stores zone transfer settings?

SOA Record (A)

What defines the objects that a Group Policy Object affects?

The organizational unit structure (A)

Which PowerShell cmdlet should be used to remove the DNS Server role from a server?

Uninstall-WindowsFeature (B)

Under what circumstances would a multi-domain structure not be an ideal choice?

When a single organization wishes to centralize management (D)

What is the primary container object for organizing and managing resources in a domain?

Organizational Unit (B)

Which of the following is not one of the three user account types defined in Windows Server 2019?

Remote User Accounts (A)

What operation master role provides backward compatibility with Windows NT servers?

PDC Emulator (D)

Which command syntax can rename a computer from Pittsburgh to Chicago?

Rename-Computer -Name Pittsburgh -NewName Chicago (A)

What type of Active Directory replication occurs between domain controllers in the same site?

Intra-site replication (A)

What is the purpose of schema attributes in Active Directory?

To identify the types of information stored in objects (D)

Which command is preferred for installing Active Directory on a Server Core installation?

dcpromo.exe (B)

Which Windows Server edition is ideal for a Server Core installation?

The first server in a Windows domain network (B)

What role does the Knowledge Consistency Checker (KCC) serve in Active Directory?

It determines the replication topology among domain controllers (D)

Which of the following configurations is NOT mentioned as a benefit of using Group Policy for Server Core?

Installing Active Directory roles (D)

What happens when the Active Directory Recycle Bin is disabled?

Deleted objects are permanently lost (A)

What is the default TCP/IP setting for Windows Server 2019 installations?

Only TCP/IPv4 is installed (D)

Which built-in user accounts does Windows create automatically during installation?

Administrator and User (B)

Which of the following choices is not an example of a typical post installation task?

Installing new network cables (B)

How long does it usually take for a change made on a domain controller to trigger intrasite replication?

5 to 15 minutes (B)

What should be installed in remote locations to allow clients to locate authoritative DNS servers efficiently over slow connections?

Secondary DNS servers (D)

To install a new forest, which prerequisite is necessary?

A pre-existing DNS setup is required (B)

What is the purpose of the boot mode used for restoring Active Directory when it is corrupted?

To allow restoration from a previous backup (D)

Which partition in Active Directory contains information about object definitions and their attributes across all domains?

Schema partition (B)

What is the main benefit of multimaster replication in Active Directory?

It ensures all domain controllers maintain a consistent state. (A)

Which command is used to install Active Directory on a Server Core installation?

dcpromo.exe (B)

What type of user account has the highest level of permissions in a Windows Server environment?

Administrator account (D)

What tool runs on every domain controller to assess the replication topology?

Knowledge Consistency Checker (KCC) (A)

Which of the following best describes the Active Directory Recycle Bin feature?

It allows deleted objects to be restored for a limited time. (C)

What does the term 'forest-wide FSMO roles' refer to in Active Directory?

Roles that handle unique data management tasks across the forest (B)

What is the recommended method for managing updates in Server Core and Windows domain computers?

Using group policy settings (B)

Which server role is installed along with Active Directory Domain Services if no other servers with this role are available?

DNS Server (A)

Which type of Windows Server 2019 OS installation is specifically not an upgrade from any previous version?

Clean installation (B)

Which operations master role ensures compatibility with Windows NT servers configured as backup domain controllers?

PDC Emulator (A)

Which folder under Policies within the Computer Configuration Node of a GPO contains the Control Panel, Network, Printers, System, and Windows Component folders?

Windows Settings (C)

Which cmdlet would an administrator use to join a computer to a domain?

Add-Computer (C)

What boot mode can be utilized to restore deleted critical parts of Active Directory?

Directory Services Restore Mode (B)

What type of application can be made available via Group Policy for user installation through Programs and Features in Control Panel?

Traditional desktop applications (C)

Which Windows folder contains file-based information that is replicated to other domain controllers?

SYSVOL (B)

What information is contained within the directory partition that affects the entire forest?

Replication details for domain controllers (B)

Which command can be used to enable the Active Directory Recycle Bin feature?

Enable-ADRecycleBin (C)

Which attribute is NOT defined by schema attributes in Active Directory?

Object creation date (D)

What happens by default to the Windows Server 2019 firewall regarding ICMP Echo Request packets?

It allows incoming requests. (D)

What role does the second domain controller in a Windows domain typically serve?

Global Catalog Server (B)

Which installation type should be used if a server will run without the Windows GUI?

Server Core (B)

What is the role of the Knowledge Consistency Checker (KCC) in Active Directory?

To determine the replication topology (D)

When configuring a new domain controller, which option allows the server to join the domain without running Active Directory?

Member Server (A)

Which server role must be installed along with Active Directory Domain Services if no other servers with this role are available?

DNS Server (D)

What boot mode should be used to perform restoration after several critical parts of Active Directory have been deleted?

Directory Services Restore Mode (A)

What type of application is specifically made available via Group Policy for a user to install through Programs and Features in Control Panel?

Client applications (D)

Which Active Directory replication type occurs between domain controllers located within the same site?

Intra-site replication (A)

Which operations master role is responsible for ensuring backward compatibility with Windows NT servers?

PDC Emulator (D)

Which cmdlet would an administrator use to install the Active Directory Domain Services role?

Install-WindowsFeature (A)

What type of DNS servers should be installed in remote locations connected by slow satellite links?

Caching DNS servers (A)

Which type of record in DNS is responsible for determining where updates can be transferred from one DNS zone to another?

SOA record (C)

What is the primary purpose of the Knowledge Consistency Checker (KCC) in Active Directory?

To assess the replication topology dynamically (B)

Which of the following attributes is essential for the schema partition in Active Directory?

Object definitions and their attributes (B)

In what context would using multi-domain structures be disadvantageous?

When extensive resource sharing is essential among users (B)

What is the primary reason for installing a read-only domain controller (RODC)?

To enhance security by preventing unauthorized access (B)

Which of the following is a characteristic of adding a child domain to an existing forest?

It shares at least the top-level and second-level domain name structure (C)

What functionality does the Active Directory Administrative Center (ADAC) provide?

It facilitates the connection to other domain controllers (A)

What is one of the capabilities of PowerShell commands issued through ADAC?

They allow for automated management of Active Directory tasks (C)

When determining the functional level of a domain, what is the primary consequence of increasing it?

It allows the introduction of newer Active Directory features (B)

What is the appropriate action to take if this server is the first domain controller in the network?

Add a new forest (B)

Which functional level options must be selected in the Domain Controller Options window?

Forest and Domain functional levels (C)

What is the purpose of the NetBIOS domain name specified in the Additional Options window?

It is used for backward compatibility with non-DNS systems. (C)

What is the necessary action to create DNS records for a new domain?

Create the DNS delegation (C)

Which option is recommended when installing additional domain controllers in a domain?

Add a domain controller to an existing domain (D)

What is the essential prerequisite before starting the Active Directory installation?

Perform a prerequisite check (A)

Which of the following tasks must be performed in the Paths window during Active Directory configuration?

Specify the locations of Active Directory database and SYSVOL folder (C)

Why does Microsoft recommend having at least two domain controllers in every domain?

For fault tolerance and load balancing (B)

What is the primary purpose of a domain controller in an Active Directory environment?

To provide authentication and authorization services for users (A)

Which component of Active Directory represents the core structural unit that contains organizational units?

Domain (C)

How does Active Directory enhance scalability in network management?

By using a centralized but distributed database (A)

What role does the Lightweight Directory Access Protocol (LDAP) serve in an Active Directory environment?

It facilitates communication with clients using non-Windows operating systems (A)

Which of the following best defines a tree in the context of Active Directory?

A hierarchy of multiple domains that share a naming structure (A)

What requirement must be fulfilled before installing Active Directory Domain Services (ADDS) if DNS is not already in place?

Install the DNS Server Role (B)

Which of the following statements about Organizational Units (OUs) in Active Directory is correct?

OUs serve as containers for organizing various Active Directory objects (D)

What does the logical structure of Active Directory allow organizations to do?

Pattern the directory service’s organization according to the business structure (C)

What is the function of a forest in Active Directory?

It is comprised of multiple Active Directory trees allowing shared resources (B)

What is the primary function of schema classes in Active Directory?

To specify the structures of data stored in the AD database (C)

Which statement accurately describes a leaf object in Active Directory?

It cannot contain other objects and typically represents a single security account. (B)

How does nesting Organizational Units (OUs) benefit Active Directory structure?

It mimics the corporate structure for more effective object management. (B)

What role do folder objects play within Active Directory?

They organize and store user accounts and default groups. (A)

What type of Active Directory object typically represents a computer or network resource?

Leaf object (D)

How does the Active Directory schema help maintain the integrity of data?

By defining and enforcing structure for stored object data (D)

What is a key characteristic of the domain object in Active Directory?

It serves as the main organizational structure in a directory. (B)

Which of the following best explains the relationship between organizational units and security boundaries in Active Directory?

OUs can act as administrative boundaries helping to define security policies. (A)

Which of the following statements is true regarding the default folders created by Active Directory?

The 'Builtin' folder contains essential groups created by Windows. (D)

What does the attribute value refer to in the context of Active Directory schema attributes?

The specific information stored in each attribute of an object (D)

Which statement accurately describes the application of Group Policy Objects (GPOs) in a domain environment?

GPOs are applied in the order of Local Computer, Site, Domain, and Organizational Unit. (D)

Which component of the User Configuration Node specifies settings for application packages?

Software Settings (C)

What is the role of the Administrative Templates folder in the User Configuration Node?

It allows control over users’ computer and network environments. (C)

What is indicated by a GPO that is linked to the Computer Configuration node?

It affects all computers within the container to which it is linked. (B)

Which statement about the Active Directory Recycle Bin is true?

It allows recovery of deleted user accounts and groups. (A)

How is data within Active Directory typically organized?

As objects with a hierarchical structure. (A)

What role does the forest serve in Active Directory architecture?

It acts as the broadest logical component that contains multiple domains. (C)

Which of the following does NOT correctly describe the types of Active Directory objects?

All object types can be individually modified. (C)

In what scenario would policies configured in the Computer Configuration node not apply?

When the policies are not defined or configured. (C)

What is the primary function of a computer account object in Active Directory?

To identify, authenticate, and manage computers in the domain (C)

Which type of Active Directory zone contains a read-only copy of all resource records for a zone and is considered authoritative?

Secondary zone (A)

What is true regarding trust relationships in Active Directory?

Trust relationships define how security principals access resources in another domain. (B)

Which statement accurately describes the Global Catalog in Active Directory?

It facilitates searches across domains and holds universal group membership information. (B)

What tool is utilized to manage Group Policy settings and configurations?

Group Policy Management Console (GPMC) (D)

What are the main nodes contained within each Group Policy Object in GPMC?

Computer Configuration and User Configuration (D)

Which Active Directory function defines the structure and permissible attributes for objects and their attributes?

Schema directory partition (C)

What is the purpose of intrasite replication in Active Directory?

To synchronize data between domain controllers within the same site (B)

Which of the following describes the function of the Knowledge Consistency Checker (KCC)?

To determine replication topology and manage replication paths (A)

Which of the following is NOT a role associated with the Flexible Single Master Operations (FSMO)?

Resource Manager (D)

What type of user account is limited to access resources only on the local computer?

Local user account (B)

Which of the following statements regarding Group Policy Objects (GPOs) is true?

GPOs allow for remote configuration of operating environments for users and computers. (A)

What defines the specific characteristics shared among all domains within a forest?

Common Schema (C)

Flashcards

Active Directory Directory Partition

Holds configuration information, such as replication details for domain controllers.

Server Core Installation

A Windows Server installation without the graphical user interface (GUI).

Schema Attributes

Define the types of data stored in Active Directory objects (e.g., first name, last name).

Multimaster Replication

A method of Active Directory replication where changes are replicated to all domain controllers.

Group Policy

A method for configuring updates on multiple computers in a Windows domain.

Knowledge Consistency Checker (KCC)

A utility on every domain controller that determines the replication topology in Active Directory.

Read-Only Domain Controller (RODC)

A domain controller that doesn't process directory service modifications.

Windows Server Update

The process of applying bug fixes and security patches to Windows Server.

What is DNS?

DNS stands for Domain Name System. It's like a phone book for the internet, translating human-readable domain names (like google.com) into computer-friendly IP addresses.

What is a DNS record?

A DNS record is an entry in a DNS database that maps a domain name to an IP address or other information about the domain.

What is a TTL (Time to Live) value?

The TTL (Time to Live) value in a DNS record tells other servers how long to cache the record information before checking for updates.

What does the Global Catalog do?

The Global Catalog is a special directory service in Active Directory that stores a copy of all objects in the forest, allowing you to find any user or computer across domains.

What is a 'forest' in Active Directory?

A forest is the highest level in the Active Directory hierarchy, containing multiple domains. It represents a collection of independent AD domains that trust each other.

What do GPOs target?

Group Policy Objects (GPOs) target specific objects in Active Directory, such as users, computers, or organizational units (OUs).

Required AD DS Role

If no other server has the Active Directory Domain Services (AD DS) role, it's automatically installed on the server where you initially install the role.

Single Domain Drawback

A single domain structure can become inefficient and difficult to manage when the number of users, computers, and resources grows significantly.

Removing DNS Server Role

Use the 'Remove-WindowsFeature' PowerShell cmdlet to remove the DNS Server role from a server.

Non-Standard User Account Type

Windows Server 2019 doesn't define a 'Power User' account type.

Clean Installation

A 'Clean Installation' of Windows Server 2019 is a fresh install on a new disk partition, without upgrading from a previous Windows version.

Active Directory Restoration

The 'Directory Services Restore Mode' (DSRM) allows restoring deleted Active Directory components by booting the server in a special mode.

GPO Control Panel Settings

The 'Administrative Templates' folder under Policies in Computer Configuration contains settings for Control Panel, Network, Printers, System, and Windows Components.

What is a Server Core installation?

A Windows Server installation without the graphical user interface (GUI), offering a lightweight, command-line-based experience.

What are Schema attributes?

They define the types of data stored in Active Directory objects, like first name, last name, or password.

What is Multimaster Replication?

Active Directory's method of ensuring changes to objects are automatically copied to all domain controllers, maintaining consistency.

What is the KCC?

The Knowledge Consistency Checker (KCC) runs on every domain controller, determining the best replication paths to maintain a healthy Active Directory.

What is an RODC?

A Read-Only Domain Controller (RODC) is a domain controller that cannot process modifications to the directory, ideal for remote or sensitive locations.

What is the 'Directory Partition'?

A container within Active Directory that holds configuration information affecting an entire forest, like domain controller replication settings.

How can I change the Server Edition?

Use the 'DISM /online /Set-Edition:' command to switch to a different edition after installation.

What is the 'Schema' partition?

This partition holds the definitions for all object types within the Active Directory forest, defining their attributes.

What are the default path to the DNS files in your server?

The default path for DNS files in a server is usually %systemroot%\System32\dns. The %systemroot% directory itself is usually C:\Windows, making the full location C:\Windows\System32\dns.

What is the function of TTL (Time to Live) in a DNS record?

The TTL (Time to Live) value in a DNS record determines how long other DNS servers should cache the record's information before requesting an update from the authoritative server. This helps optimize DNS resolution by reducing unnecessary requests.

What is the purpose of a global catalog?

The Global Catalog is a special directory service in Active Directory. It stores a copy of all objects in the forest, allowing you to search across domains for any user, computer, or group, regardless of their location.

What is the purpose of a SRV record?

An SRV (Service Location) record is used to locate servers that offer specific services. It maps a service name (like _ldap._tcp) to an IP address and port number. This allows applications to find the correct server to access the required service.

Which type of DNS record is used to map a domain name to an IP address?

A type A record is used to map a domain name to an IP address, which allows computers to find the server hosting a website or service.

What defines a GPO's scope?

Group Policy Objects (GPOs) target specific objects in Active Directory like Users, Computers, or Organizational Units (OUs) to determine which devices and users they'll apply to.

What role installs with AD DS?

If no other server has the Active Directory Domain Services (AD DS) role, it's automatically installed on the server where you first install the role.

Primary Organizational Container

The primary container object for organizing and managing resources in a domain is an Organizational Unit (OU).

Backward Compatibility Role

The 'Infrastructure Master' operations master role is responsible for maintaining compatibility with older Windows NT servers.

What is a Global Catalog?

The Global Catalog is a special directory service in Active Directory that stores a copy of all objects in the forest, allowing you to search across domains for any user, computer, or group, regardless of their location.

What are typical post-installation tasks?

These are tasks performed after the initial installation of a software, operating system, or application, ensuring its proper functioning and integration with other systems within an organization. They are typically involved with configuring the new environment, testing functionalities, and setting up necessary user accounts and permissions.

How long does intrasite replication take?

Intrasite replication is the process of replicating changes between domain controllers within the same site. The time it takes depends on several factors, including the size of the Active Directory environment, network bandwidth, and the amount of data being replicated. In general, intrasite replication is relatively quick, typically completing in a matter of minutes or hours.

What is the order for applying Group Policy settings?

Group Policy settings are applied in a specific order to ensure consistency and prevent conflicting configurations. The order is as follows: 1. Local machine policy. 2. Site policy. 3. Domain policy. 4. Organizational Unit (OU) policy. If a setting is defined in multiple policies, the last one applied takes precedence.

Domain Controller Install

If you're installing Active Directory Domain Services (AD DS) and no other server has the role already, it will be automatically installed on the server where you begin the installation process.

Single Domain Limit

A single domain structure can be less effective for large companies as it gets harder to manage many users, computers, and resources in a single location.

Remove DNS Role

To remove the DNS server role from a server, use the Remove-WindowsFeature PowerShell command.

GPO Control Panel

The 'Administrative Templates' folder inside 'Policies' under the Computer Configuration node of a GPO holds settings for things like the Control Panel, Network, Printers, System, and Windows components.

Domain Controller's Responsibility

Domain controllers in a domain that handle universal group membership information are the only Domain Controllers in the entire forest.

Computer Rename

To rename a computer, you'll need to use the 'Rename-Computer' command. If you need to rename the computer from 'Pittsburgh' to 'Chicago,' you'd run: Rename-Computer -NewName Chicago -oldname Pittsburgh.

Multi-Domain Structure Drawback

A multi-domain structure can introduce complexity and potentially slow down communication between domains in certain scenarios.

Organizing Resources

The Organizational Unit (OU) is the main container object for arranging and managing resources within a domain. This makes it easier to apply policies and control access.

FQDN in AD Installation

The fully qualified domain name (FQDN) for the new forest root is required during Active Directory installation. It includes all parts of the name, like 'example.com'.

Forest & Domain Functional Levels

These settings determine which Active Directory features are available for users and computers. They also define the compatibility level of the domain controllers in the forest.

DNS Delegation in AD Install

During Active Directory installation, DNS delegation allows Windows to create the necessary records on the DNS server to support the new domain.

NetBIOS Domain Name

A NetBIOS domain name is needed for backward compatibility with older systems that don't use DNS.

Active Directory Database, Logs, and SYSVOL

These important folders contain Active Directory data, installation logs, and shared files for the network.

Purpose of Multiple DCs

Having at least two domain controllers in a domain is recommended for fault tolerance (backup in case of failure) and load balancing (sharing work).

Installing Additional DCs

The process of adding a new domain controller to an existing domain is similar to the initial installation. The key change is selecting 'Add a domain controller to an existing domain' instead of 'Add a new forest'.

DNS Install During Additional DC Installation

When installing an additional domain controller, you need to decide whether to install a DNS server role on it or not. The decision is based on the specific needs and design of the Active Directory environment.

Directory Service

A system that stores information about a network and provides tools for retrieving and managing it.

Active Directory

Microsoft's directory service that manages users, computers, and other network resources.

Domain Controller (DC)

A computer running Windows Server that manages a specific domain within Active Directory.

Organizational Unit (OU)

A container within Active Directory for grouping users, computers, and resources.

Domain

A core part of Active Directory, it represents a boundary for administration, security, and policies.

Tree

A collection of domains that share a common naming structure.

Forest

A collection of multiple Active Directory trees, providing a unified environment.

Active Directory Domain Services (ADDS)

The Windows service that implements Active Directory.

Site

A physical location where domain controllers communicate and replicate information.

LDAP

Lightweight Directory Access Protocol, a standard for communicating with directory services.

Child Domain

A domain added to an existing forest that shares the same top-level and second-level domain name structure as a domain already within the forest.

New Tree Domain

A domain added to an existing forest with a completely separate naming structure from any other domains in the forest.

Active Directory Administrative Center (ADAC)

A tool used to manage Active Directory tasks like creating users, groups, computer accounts, and managing organizational units.

Domain Controller Location

The site where a new domain controller should be placed.

Active Directory Schema

A blueprint defining the structure and types of data stored in the Active Directory database. It dictates the organization and what information is stored about each object.

Schema Classes

Define the types of objects that can be stored in Active Directory, like users, computers, groups, or printers.

Container Object

An object that houses other objects, used to organize and manage resources in Active Directory.

Domain Object

The core logical structure in Active Directory, containing other container objects like OUs and leaf objects, representing the administrative boundary for a specific group of users and computers.

Leaf Object

An object that doesn't contain other objects, representing individual entities like users, computers, or groups.

Folder Object

A special container object in Active Directory used for default locations of specific types of objects, like user accounts or computer accounts.

What makes a Folder object different from an OU?

A Folder object is a pre-defined container with specific purposes, like 'Computers' or 'Users.' OUs are more flexible, designed for custom organization within a domain.

What are the benefits of organizing resources with OUs?

OUs allow granular control over policies and permissions for different groups of users and computers, making management more efficient and secure.

What is the difference between User and Computer Configuration?

User Configuration policies apply to individual users within the GPO's scope, while Computer Configuration policies affect all computers in the container where the GPO is linked.

What are the key folders within the User Configuration node?

The User Configuration node contains three folders similar to Computer Configuration: Software Settings, Windows Settings, and Administrative Templates. These folders provide settings for managing applications, user environments, and security, respectively.

What is the order of Group Policy application?

Group Policy Objects (GPOs) are applied in a hierarchical order: 1. Local Computer, 2. Site, 3. Domain, and 4. Organizational Unit (OU). Policies not explicitly defined are ignored, and the last policy defined takes precedence.

What does a directory service do?

A directory service is a database that stores information about network resources, users, and computers, making it easier to manage them across the network.

What's the key advantage of using a directory service?

Directory services allow central management of network resources, users, and computers, making it much easier to administer a network.

What is Active Directory based on?

Active Directory is based on the X.500 standard and Lightweight Directory Access Protocol (LDAP), which allow communication with directory services.

What is a forest root domain?

The first domain created in a network when you install Active Directory Domain Services (ADDS) becomes the forest root domain, the foundation of your Active Directory infrastructure.

What is the difference between container objects and leaf objects?

Container objects organize and hold other objects, like users, computers, and groups. Leaf objects represent actual accounts, resources, or settings.

How does the AD Recycle Bin work?

The AD Recycle Bin is a feature you enable in Active Directory Administrative Center (ADAC) to recover deleted objects, but once enabled, it can't be disabled.

What are the key components of a large Active Directory environment?

Large organizations might require multiple domains, trees, and forests to manage their resources. These components help organize the directory service for better administration and scalability.

What is a GPO?

A Group Policy Object (GPO) is a set of rules that administrators use to control settings on computers and users within a domain. Think of it as a set of instructions that determine how users and computers should behave.

What is a User Account?

A user account in Active Directory represents a person or service that can access network resources. It stores information like their username, password, and group memberships.

What is a Computer Account?

A computer account in Active Directory represents a computer that's part of the domain. It's used to identify, authenticate, and manage the computer.

Primary Zone

This zone holds the main, writable copy of all information about a domain. It's considered authoritative for the data.

Secondary Zone

A read-only copy of the Primary Zone's data, used to distribute the information across multiple locations.

What are Groups?

A group is a collection of user accounts that share common permissions or rights. They help simplify administration by applying settings to multiple users at once.

What are Permissions?

Permissions define what specific resources users can access and what actions they can perform, such as reading, writing, or deleting.

What are Rights?

Rights specify what higher-level actions a user can perform on a computer or network, such as logging in, shutting down the system, or installing software.

What is Replication?

Replication ensures that all domain controllers have a consistent copy of the Active Directory database. Changes are automatically copied between them.

What are Directory Partitions?

Directory partitions divide the Active Directory database into different sections, each holding specific types of data.

What is the Domain Partition?

This partition stores information about all objects within a particular domain, including user accounts, groups, and computers.

What is a Trust Relationship?

A trust relationship defines how security principals from one domain can access resources in another domain.

Study Notes

Active Directory Configuration and Installation

• Directory partition holds configuration affecting the entire forest, including domain controller replication.
• Server Core installation (Windows Server 2019) preferred when GUI is unnecessary.
• Schema attributes define object information (e.g., user names, passwords).
• Security principals determine user access levels.
• Administrator and User are built-in Windows accounts.
• Active Directory uses multimaster replication for automatic updates across domain controllers.
• Group Policy is the best method for configuring updates on a Windows domain.
• Knowledge Consistency Checker (KCC) runs on every domain controller to determine replication topology.
• Second domain controller is typically a global catalog server.
• Initial server in a Windows domain is ideal for a Server Core installation.
• Active Directory Recycle Bin can be enabled or disabled.
• dcpromo.exe is the preferred method for installing Active Directory on Server Core.
• Windows Server 2019 installs TCP/IPv4 by default.
• Incoming ICMP Echo Requests are not blocked by default.
• Changing Server Editions
• Active Directory partition containing forest-wide object information.
• Two forest-wide Flexible Single Master Operations (FSMO) roles.
• "Service Pack" is the term for bug fixes and security update collections.
• Active Directory folders during installation.
• Server joining a domain without Active Directory or directory services.
• Role of a Read-Only Domain Controller (RODC).
• Group Policy Object (GPO) object scope.
• Domain Services installation if other servers with the role are unavailable.
• Domain structure deployment considerations.
• PowerShell cmdlet for removing the DNS Server role.

Active Directory User Accounts

• Three user account types in Windows Server 2019.
• Installing a new OS installation on a new partition.
• Restoring Active Directory using boot mode.

Active Directory Configuration and Management

• Restoring Active Directory using boot mode.
• GPO folder for Control Panel, Network, Printers, System, and Windows Components.
• Domain controllers holding universal group membership information.
• Renaming a computer (specific command).
• Circumstances where a multi-domain structure isn't optimal.
• Primary container managing domain resources.
• Operations master role for Windows NT compatibility.
• Software for computer network information retrieval.
• PowerShell cmdlet for joining a computer to a domain.
• PowerShell cmdlet for installing Active Directory Role.
• Primary identifying and administrative unit in Active Directory.
• Applications deployable via Group Policy.
• Replication in Active Directory.

Windows Server 2019 Installation and Configuration

• Installing a new forest.
• Active directory restore operations.

Description

Test your knowledge on the installation and configuration of Active Directory, focusing on essential components like directory partitions, replication, and server roles. This quiz covers concepts for Windows Server 2019, including Server Core setup and Group Policy management.