Sunteți pe pagina 1din 11

DHCP

Q1, What is DHCP?


Ans, Dynamic host configuration protocol (DHCP) is a network protocol that enables
a server to automatically assign an IP address to a computer from a defined range
of numbers (e, a scope) configured for a given network.
Q2, what is DHCP scope?
Ans, DHCP scopes are used to define ranges of addresses from from which a DHCP
server can assign IP addresses to clients.
Q3, Types of scope in windows DHCP ?
Ans, Normal scope allow A, B and C class IP address ranges to be specified
including subnet masks, exclusion and reservations. Each normal scope defined
must exit within its own subnet.
Multicast Scope used to assign IP address ranges for class D networks. Multicast
scope do not have do not have subnet mask, reservation or other TCP/IP options.
Multicast scopes address range reqire that a time to live (TTL) value be specified
( essentially the number of router a packet can pass through on the way to its
destination).
Superscopes, Essentially a collection of scopes grouped toghather such that they
can be enabled and dishable as a single entity.
Q4, what is Authorizing DHCP servers in Active Directory?
Ans, if dhcp server is to operate within an active directory domain (and is not
running on a domain controller) it must first be authorized. This can be achived
either as part of the dhcp server role installation, or suvsequntly using DHCP
console or at the cmd prompt using the netsh tool. If DHCP server was not
authorized during installation, invoke the dhcp console (start<all program <
administrative tools < dhcp < right click and select authorized)
Q5, what ports are used by DHCP server and DHCP clients ?
Ans, Requested are on UDP port 68, and server replies on UDP 67.
Q6, how many DHCP packets are exchange between a client and a server before
client receive an IP address?
Ans, 4DHCP packets are exchanged between the client and server. They are DHCP
discover, DHCP offer, DHCP request and DHCP ack.
And DHCP discover is a layer 3 broadcast packet with destination IP addresses
255.255.255.255.
Q7, What is an IP helper address feature and why is required in a DHCP
environment?

Ans, DHCP discover packets are broadcast packets, this mean that a dhcp discover
packet which is sent from the client would not reach the dhcp server, if the server
reside on a different network. This is because, router are required for
communication between different network and router do not forward broadcast
packets, the IP helper address feature is configured on the router. The feature
inform the router the dhcp server IP address for the network. So , routers receive
the dhcp discover packet, it would convert it from broadcast to unicoast packet and
then send it to the dhcp server.
Q8, What is DHCP INORM?

Ans, DHCPInform is a DHCP message used by DHCP clients to obtain DHCP options.
While PPP remote access clients do not use DHCP to obtain IP addresses for the
remote access connection, Windows 2000 and Windows 98 remote access clients
use the DHCPInform message to obtain DNS server IP addresses, WINS server IP
addresses, and a DNS domain name.
The DHCPInform message is sent after the IPCP negotiation is concluded. The
DHCPInform message received by the remote access server is then forwarded to a
DHCP server. The remote access server forwards DHCPInform messages only if it
has been configured with the DHCP Relay Agent.

DNS
Q1. What is DNS?
Ans. Domain Name System is a service that can be installed on any windows server
operating system to resolve the Name to IPAddress and vice-versa. TCP/IP networks,
such as the Internet, use DNS to locate computers and services through userfriendly names
Q2. What is DDNS?
Ans. Dynamic DNS or DDNS is a method of updating, in real time, a Domain Name
Systemto point to a changing IP address on the Internet. This is used to provide a
persistent domain name for a resource that may change location on the network.
Q3. What are the resource records in DNS?

A (Address) Maps a host name to an IP address. When a computer has


multiple adapter cards and IP addresses, it should have multiple address
records.

CNAME (Canonical Name) Sets an alias for a host name. For example,
using this record, zeta.tvpress.com can have an alias as www.tvpress.com.

MX (Mail Exchange) Specifies a mail exchange server for the domain, which
allows mail to be delivered to the correct mail servers in the domain.

NS (Name Server) Specifies a name server for the domain, which allows
DNS lookups within various zones. Each primary and secondary name
server should bedeclared through this record.

PTR (Pointer) Creates a pointer that maps an IP address to a host name for
reverse lookups.

SOA (Start of Authority) Declares the host that is the most authoritative
for the zone and, as such, is the best source of DNS information for the zone.
Each zone file must have an SOA record (which is created automatically when
you add a zone).

Q4. What are a Forward and Reverse Lookup?

Forward Lookup: When a name query is send to the DNS server against to
IP address, it is generally said a forward lookup.

Reverse Lookup: DNS also provides a reverse lookup process, enabling


clients to use a known IP address during a name query and look up a computer
name based on its address.

Q5. What is Primary zone?


Ans. This is the read and writable copy of a zone file in the DNS namespace. This is
primary source for information about the zone and it stores the master copy of zone
data in a local file or in AD DS. Dy default the primary zone file is named as
zone_name.dns in %windir%System32DNS folder on the server.
Q6. What id Secondary zone?
Ans. This is the read only copy of a zone file in the DNS namespace. This is
secondary source for information about the zone and it get the updated information
from the master copy of primary zone. The network access must be available to
connect with primary server. As secondary zone is merely a copy of a primary zone
that is hosted on another server, it cannot be stored in AD DS.
Q7. What is stub Zone?
Ans.A stub zone is a read only copy of a zone that contains only those resource
records which are necessary to identify the authoritative DNS servers for that
particular zone. A stub zone is practically used to resolve names between separate
DNS namespaces. This type of zone is generally created when a corporate merger
or acquire and DNS servers for two separate DNS namespaces resolve names for
clients in both namespaces.

A stub zone contains:


The start of authority (SOA) resource record, name server (NS) resource records,
and the glue A resource records for the delegated zone.
The IP address of one or more master servers that can be used to update the stub
zone.
Q8. What is Caching Only Server?
Ans. Caching-only servers are those DNS servers that only perform name resolution
queries, cache the answers, and return the results to the client. Once the query is
stored in cache, next time the query in resolved locally from cached instead of
going to the actual site.
Q9. What is Aging and Scavenging?
Ans. DNS servers running Windows Server support aging and scavenging features.
These features are provided as a mechanism to perform cleanup and removal of
stale resource records from the server and zone. This feature removes the
dynamically created records when they are stamped as stale.
By default, the aging and scavenging mechanism for the DNS Server service is
disabled.
Scavenging and aging must be enabled both at the DNS server and on the zone
Q10. What is SRV record in DNS?
Ans. The SRV record is a resource record in DNS that is used to identify or point to a
computer that host specific services i.e Active directory.
Q11. What is Forwarding in DNS?
Ans. A forwarder is a feature in DNS server that is used to forward DNS queries for
external DNS names to DNS servers outside of that network. We ca configure a DNS
server as a forwarder to forward the name query to other DNS servers in the
network when they cannot resolve locally to that DNS server.
Q12. What is Conditional Forwarding in DNS?
Ans. We can configure the DNS server to forward queries according to
specific domain names using conditional forwarders. In this case query is forward to
an IP address against a DNS domain name.
Q13. What are Queries types in DNS?

Recursive Query: This name queries are generally made by a DNS client to
a DNS server or by a DNS server that is configured to pass unresolved name
queries to another DNS server, in the case of a DNS server configured to use a
forwarder.

Iterative Query: An iterative name query is one in which a DNS client allows
theDNS server to return the best answer it can give based on its cache or zone
data. If the queried DNS server does not have an exact match for the queried
name, the best possible information it can return is a referral. The DNS client can
then query the DNS server for which it obtained a referral. It continues this

process until it locates a DNS server that is authoritative for the queried name,
or until an error or time-out condition is met.
Q14. What are Tools for troubleshooting of DNS?
Ans. DNS Console, NSLOOKUP, DNSCMD, IPCONFIG, DNS Logs.
Q15. How to check DNS health?
Using the DCdiag.
i.e. (dcdiag /test:dns /v /e)
Q15. What is port of DNS?
Ans. DNS port number is 53.

WSUS

https://sites.google.com/a/com-networks.com/networks/windowsnetworking/free-download-networking-e-books
Windows server update services 3.0 SP2:- Windows Server Update
Services (WSUS), previously known as Software Update Services (SUS), is a
computer program developed by Microsoft Corporation that enables administrators
to manage the distribution of updates and hotfixes released for Microsoft products
to computers in a corporate environment.
the wsus server connects to Microsoft update to download updates. this is known as
synchronization. during synchronization, wsus determines if new updates have been
made available since the last time you shynchronized. if it is your first time
synchronizing wsis, all updates are made avalable for dowload.

By default, the wsus server uses port 80 for http and 443 for https protocols to
obtain from microsoft. you will be open these port for communicate with microsft
website if you are using corporate firewall.
if you are to pllaning for custum port then you will be require to open those port
insteade.
you can configure multiple wsus server to shynchronize with a parent wsus server.
your wuss server direct connect to microsoft website via firewall and client connect
to wsus server for microsft update, client not required to download update from
microsft server website, it will be directly update from wsus server in offline mode.
thats benifit becouse your internet bandwidth will not be disturb for each machine
update.
Automatic Updates must use the port assigned to the WSUS Web site in Microsoft
Internet Information Services (IIS). If there are no
Web sites running on the server where you install WSUS, you can use the default
Web site or a custom Web site. If you set up WSUS on the default Web site, WSUS
listens for Automatic Updates on port 80. If you use a custom Web site, WSUS can
listen on port 8530 or 8531. Alternate port numbers cannot be specified at setup
time.
Autonomous mode: An upstream WSUS server shares updates with its downstream
server or servers during synchronization, but not update approval status or
computer group information.
Important
Confirm that the system time on the upstream and downstream servers is the
same. Downstream servers roll up information to their upstream server immediately
after they synchronize. If there is difference in the system time between servers
that is greater than one minute, the rollup will fail and the downstream server
results will not be rolled up to the upstream server.
Configure the downstream servers to synchronize at different times of day. If you
have multiple downstream servers, you should not configure them to synchronize
updates and roll up results at the same time of day. This may cause a high load on
the upstream server, resulting in rollup failures.
Branch Cache is a new feature in Windows 7 and Windows Server 2008 R2 that
reduces WAN link utilization and improves application responsiveness.
Network load balancing increases the reliability and performance of your WSUS
network. You can set up multiple WSUS servers that share a single SQL Server 2005
or 2008 failover cluster, as in the "Network Load Balancing with a SQL Server
Failover Cluster" illustration below. (Note that for this configuration you must use a
full SQL Server installation, not the Windows Internal Database installation provided
by WSUS.

wsus option requires enough disk space to store the updates you intend to
download. There is a minimum requirement of 20 GB of hard disk space to store
updates locally, but 30 GB is recommended.
WSUS enables you to download update metadata before downloading the update
itself. With deferred download, updates are downloaded only after the update has
been approved, which saves bandwidth and WSUS server disk space. You can test
the files prior to deploying them on your network, and client computers download
the updates from the intranet.
WSUS uses the Background Intelligent Transfer Service 2.0 (BITS) protocol for all its
file-transfer tasks, including downloads to clients and server synchronizations. BITS
is a Microsoft technology that allows programs to download files by using spare
bandwidth.
WSUS administration console software prerequestes:Windows server 2008r2,2008, 2003 SP3, 7,8,10, vista
Microsoft .net framework 2.0 latter
Microsft management consol 3.0
Microsoft report viewer redistributable 2008
Configure the WSUS 3.0 SP2 Server
Using the WSUS 3.0 SP2 Configuration Wizard
Access the WSUS 3.0 SP2 Administration Console
Synchronize the WSUS 3.0 SP2 Server
Advanced Synchronization Options
Set Up E-Mail Notifications
Personalize the WSUS Display
Set Up a Hierarchy of WSUS Servers
Create Replica Servers
Create the Computer Groups
Approve WSUS 3.0 SP2 Updates
Verify Deployment of Updates
Secure WSUS 3.0 SP2 Deployment
When you configure the Group Policy settings for WSUS, you should use a Group
Policy object
(GPO) linked to an Active Directory container appropriate for your environment.
Microsoft does
not recommend editing the Default Domain or Default Domain Controller GPOs to
add WSUS
settings.
In a simple environment, you link the GPO with the WSUS settings to the domain. In
more
complex environments, you might have multiple GPOs linked to several
organizational units
(OUs), so that you can set different WSUS policy settings on different types of
computer.
After you set up a client computer, it will take a few minutes before it appears on
the Computers

page in the WSUS console. For client computers configured with an Active Directorybased GPO,
it will take about 20 minutes after Group Policy refreshes (that is, applies any new
settings to the
client computer). By default, Group Policy refreshes in the background every 90
minutes, with a
random offset of 030 minutes.
gpupdate /force
To enable WSUS through a domain GPO:- Go to in group policy management
console (GPMC) then edit >computer configuration > policies > administrator
templates > windows update > in the details pane, double click on configuration
updates and enables
Type http://servername in both boxes (where servername is the name of the
WSUS server).
WSUS content must have Read permission for either users account or the NT
Authority\Network Service.

ACTIVE DIRECTORY DATABASE AND FLODERS


Ntds.dit:- (New technology directory services. Directory information tree)
This is the physical active directory database firl. This is where all the directory data
stored. It holds domain info, schema info and configuration info. Mainly it contain 3
tables.
1, link table
2, data table,
3, security depositor table.
Edb.log:- in here we can see the few log files starts with edb*. Each of them are 10
mb or less in size. It is the transaction log maintain by system to store the directory
transaction before write in to database file.
Edb.chk:- it is the file to keep track of data transaction command in to database
from log file (Edb*.log).
Temp.edb:- this is used during the active directory database maintains to hold data
and also to store info about large in-progress AD data transactions.
Res1.log and Res2.log:- even can not see it in this example this is a file type
which will store log entires if edb.log file full.
Sysvol:- Sysvol is an important component of active directory. The sysvol folder is
shared on an NTFS volume on all domain cotroller in particular domain. Sysvol is
used to deliver the policy and logon scripts to domain members.
Group policy:- Group policies will use to manage user and computers based on
company requirements. It can be to control computer application, security, network

behaviors etc. those will apply to computer accounts when those are restored and
connect to domain. Users policies will apply when the log in to domain computer.
Staging folder: - this is used to sync data and files between domain controllers.
System State: - system state includes these file and when you are taking backup
system state that time system state include these files..
1, Active Directory DC Database file (ntds.dit)
2, SYSVOL folder and its files
3, Certificate Store
4, User Profiles
5, IIS metabase
6, Boot files
7, DLL cache folder
8, Registry info
9, COM+ and WMI info
10, Cluster service info
11, Windows Resource Protection system files
OU: - An organizational unit (OU) is a container within a Microsoft Active
Directory domain which can hold users, groups and computers. It is the smallest
unit to which an administrator can assign Group Policy settings or account
permissions.
SAM: - The Security Account Manager (SAM) is a database file
in WindowsXP, Windows Vista and Windows 7 that stores users' passwords. It
can be used to authenticate local and remote users. It located in
c:\windows\system32\sam
Net logon: - Netlogon is a Windows Server process that authenticates users and
other services within a domain. Since it is a service and not an
application, Netlogon continuously runs in the background, unless it is stopped
manually or by a runtime error.
Memory pagefile :- In storage, a pagefile is a reserved portion of a hard disk that
is used as an extension of random access memory (RAM) for data in RAM that
hasn't been used recently. A pagefile can be read from the hard disk as one
contiguous chunk of data and thus faster than re-reading data from many different
original locations.
RODC: - Read-only domain controllers (RODCs) are a new feature of
Active Directory Domain Services (AD DS) in Windows Server 2008. RODCs are
additional domain controllers for a domain that host complete, read-only copies of
the partitions of the Active Directory database and a read-only copy of the SYSVOL
folder contents. By selectively caching credentials, RODCs address some of the
challenges that enterprises can encounter in branch offices and perimeter networks
(also known as DMZs) that may lack the physical security that is commonly found in
datacenters and hub sites. RODCs also offer a number of manageability
improvements that are described in this guide. This section describes how RODCs
work with the rest of the Active Directory environment, the main differences

between RODCs and writable domain controllers, and the RODC features that can
help resolve a number of security or manageability issues.
BACKUP TYPES
1, Full backups :- Full backup is a method of backup where all the files and folder
selected for the backup will be backed up. When subsequence backups are run, the
entire list of files and will be backed up again. The advantage of this backup is
restores are the fast and easy as the complete list of files are stored each time. The
disadvantage is that each backup run is time consuming as the entire list of files is
copied again. Also, full backups take up a lot more storage space when compared to
incremental or differential backups.
2, Incremental backup :- incremental backups is backup of all changes made
since the last backup. With incremental backups, one full backup is done first
subsequent backup runs are just the changes made since the last backup. The
result is a much faster backup then a full backup for each backup run. Storage
space used is much less than a full backup and less then wit deferential backup.
Restore are slower than with a full and differential backups.
3, Differential backups :- differential backup is backup of all changes made since
the last full backup. With differential backups, one full backups is done first and
subsequent backup run are the changes made since the last full backup.

WDS
WINDOWS DEPLOYMENT SERVICES: - windows deployment services enable to
deploy windows operating system. You can use it to set up new computer by using a
network-based installation. This means that you do not have to install each
operating system directly from installation media, for example a DVD or USB Drive.
Deployment server and Transport server with integrated with active
directory:1, AD DS: - a windows deployment services server must be either a member of an
AD DS domain or a domain controller for an AD DS domain.
2, DHCP: - you must have a working DHCP server with an active scope on the
network because windows deployment services uses PXE, which relies in DHCP for
ip addressing.
3, DNS: - you must have a working DNS server on the network before you can run
windows deployment services.
4, NTFS volume: - the server running windows deployment services requires an
NTFS file system for the image store.
5, Credentials; - to install the role, you must be a member of local administrator
group on the server. To initialize the server, you must be member of domain admins
group.

Transport Server. This option provides a subset of the functionality of Windows


Deployment Services. It contains only the core networking parts. You can use
Transport Server to create multicast namespaces that transmit data (including
operating system images) from a standalone server. You can also use it if you want
to have a PXE server that allows clients to PXE boot and download your own custom
setup application. You should use this option if you want to use either of these
scenarios, but you do not want to incorporate all of Windows Deployment Services.
Deployment Server. This option provides the full functionality of Windows
Deployment Services, which you can use to configure and remotely install Windows
operating systems. Note that Deployment Server is dependent on the core parts of
Transport Server.

The following UDP ports need to be open for WDS to work across a firewall: 67, 69,
and 4011 for DHCP and TFTP; 64001 through 65000(random ports from this range
are used by TFTP and for multicasting); and 68 if DHCP authorization is required on
the server.