Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
53 Cards in this Set
- Front
- Back
What command is used to remove domains?
|
dcpromo.exe
|
|
What do domain controllers use to manage accounts when Active Directory is removed?
|
Security Accounts Manager (SAM)
|
|
What is Active Directory Migration Tool used for?
|
migrating data between forests and domains
|
|
What tool is used to migrate AD data between domains?
|
Active Directory Migration Tool
|
|
What 3 tools can be used to raise the functional level of domains?
|
AD Users and Computers, AD Sites and Services, and AD Domains and Trusts
|
|
What application normally makes use of the Active Directory Migration Tool?
|
Exchange
|
|
What snap-in is used to raise the forest functional level?
|
AD Domains and Trusts
|
|
What is the default functional level for Active Directory?
|
Windows 2000 Native Mode
|
|
What is Forestprep used for?
|
Preparing a forest for new applications like Exchange
|
|
What tool is used to prepare a forest for an Exchange installation?
|
forestprep
|
|
Where must forestprep be run?
|
on a DC within the forest root domain
|
|
What is domainprep used for?
|
prepping a domain for a new application that uses AD
|
|
Where must domainprep be run?
|
on a DC within each domain to receive the new application
|
|
What do trusts do?
|
allow authentication by one domain or forest to be accepted by another
|
|
What is a transitive trust?
|
a trust that allows an entity to trust any entity that another entity trusts
|
|
What is an external trust?
|
a trust with a domain or forest which is not part of the same forest
|
|
What is a shortcut trust used for?
|
improving logon times between domains in a forest. It is useful to define between domains in different trees.
|
|
How does a domain know that a request from an external trust is coming from a trusted source?
|
the domain's SID is included with the security principal's SID
|
|
Why does a domain include its own SID with the security principal's SID when authenticating via an external trust?
|
so the receiving domain knows that the request is coming from a trusted source
|
|
What snap-in is used to create subnets?
|
AD Sites and Services
|
|
What are site links for?
|
defining a replication path
|
|
What is site link cost used for?
|
determining what type and frequency of traffic that uses the link
|
|
What does a higher cost in a site link cost indicate?
|
less probability of usage
|
|
What are the 3 steps in configuring a site infrastructure?
|
configure subnets, connect subnets to sites, and create site links between sites
|
|
What are the 2 types of DFS?
|
domain-based DFS and standalone DFS
|
|
What is one-way replication?
|
data is replicated to a Read-Only Domain Controller, but data from the RODC is not replicated to other DC's
|
|
What is a bridgehead server?
|
a server chosen to manage replication for its site
|
|
How are bridgehead servers chosen?
|
they are chosen automatically when a site is created
|
|
What 2 protocols can be used for AD replication?
|
Remote Procedure Call (RPC) and Simple Mail Transfer Protocol (SMTP)
|
|
What is the primary protocol for AD replication?
|
RPC
|
|
When is SMTP used for AD replication?
|
when links between sites are unreliable
|
|
What does Universal Group Membership Caching (UGMC) do?
|
caches a user's universal group membership the first time the user logs onto the domain
|
|
Where is Universal Group Membership Caching (UGMC) useful?
|
in sites without a global catalog server
|
|
Where is Universal Group Membership Caching configured?
|
in site settings
|
|
Where are bridgehead servers configured?
|
in server settings
|
|
Why is it important to have more than one global catalog per site?
|
users need either global catalogs or UGMC to logon due to universal group membership
|
|
What are the 5 FSMO roles?
|
Schema Master, Domain Naming Master, PDC Emulator, Infrastructure Master, and RID Master
|
|
What 2 FSMO roles are located in the forest root?
|
Schema Master and Domain Naming Master
|
|
Where are the Schema Master and Domain Naming Master FSMO's located?
|
in the forest root
|
|
Where are the Infrastructure Master, PDC Emulator, and RID Master FSMO roles located?
|
within each domain
|
|
What 3 FSMO roles are located in each domain?
|
Infrastructure Master, PDC Emulator, and RID Master
|
|
What 2 FSMO roles should not be moved unless necessarily?
|
Schema Master and Domain Naming Master
|
|
What 2 FSMO roles should be located on different servers?
|
PDC Emulator and Infrastructure Master
|
|
Where is the Schema Master FSMO role installed by default?
|
on the 1st DC in the forest root domain
|
|
Why would the schema be extended?
|
to support new applications
|
|
What FSMO role controls Time Service for a domain?
|
the PDC Emulator
|
|
What two FSMO roles should be transferred in order to transfer all forest-wide operation master roles to another domain?
|
Schema master and domain naming master
|
|
What does the schema master do?
|
controls all updates and modifications to the schema
|
|
What does the domain naming master do?
|
controls the addition or removal of domains in the forest
|
|
What three steps should be performed to move an AD LDS partition?
|
use net stop to stop the service, use ntdsutil to move the database files, and use net start to start the service
|
|
What tool is used to move or seize FSMO roles?
|
ntdsutil
|
|
What does a RODC do when it receives a user or computer logon request?
|
forwards the request to Password Replication Policy to determine if the password should be cached
|
|
Where is the RODC Filtered Attribute Set configured?
|
on the Schema Master
|