Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
13 Cards in this Set
- Front
- Back
|
This object is created when an object is deleted within AD. |
h
|
|
|
AD changes are written here before they are committed to disk.
f - LDP g - system volume h - tombstone i - transaction buffer j - windows powershell |
i
|
|
|
This is a new advanced command-line and scripting interface included in windows server 08.
f - LDP g - system volume h - tombstone i - transaction buffer j - windows powershell |
j
|
|
|
This volume houses the boot files for a windows server 08 computer.
f - LDP g - system volume h - tombstone i - transaction buffer j - windows powershell |
g
|
|
|
This describes the process of removing tomstoned objects from the ntds.dit file
a - authoritative name b - checkpoint file c - directory services restore mode (DSRM) d - fragmentation e - garbage collection |
e
|
|
|
This is a GUI for querying AD as part of the troubleshooting process.
d - fragmentation e - garbage collection f - LDP g - system volume h - tombstone |
f
|
|
|
This is used as a reference file in case the AD database needs to be recovered from a system failure to ensure that no transactions are lost.
a - authoritative name b - checkpoint file c - directory services restore mode (DSRM) d - fragmentation e - garbage collection |
b
|
|
|
To perform many AD maintenance operations, you will need to restart your domain controller in this startup mode.
a - authoritative name b - checkpoint file c - directory services restore mode (DSRM) d - fragmentation e - garbage collection |
c
|
|
|
This can decrease performance because updates are made to the AD over time.
a - authoritative name b - checkpoint file c - directory services restore mode (DSRM) d - fragmentation e - garbage collection |
d
|
|
|
(practice exam) You need to perform a system state* recovery for your AD DS domain, which consists of 5 DCs. What 2 recovery approaches could you take (choose 2):
a - Launch the recovery wizard in windows server backup b - run ntdsutil c - run wbadmin start systemstaterecovery d - execute the recover-ADObject cmdlet e - run wbadmin start recovery
* the system state is a collection of system components that depend on each other and therefore must be backed up and restored together. Components that comprise the system state on a DC include the system start-up (boot) files, registry, SYSVOL, Active Directory (ntds.dit, et. al.) - ms technet |
a, c - recovery wizard only available in Server 08 R2 - wbadmin start recovery used to recover specified volumes, applications, files, and folders. - recover-ADDObject cmdlet recovers objects from AD recycle bin - ntdsutil can be used as an authoritative restore to mark objects needed for recovery |
|
|
(practice exam) You manage a domain that has one DC running Server 08 and 4 DCs running Server 08R2. A script which creates a snapshot of AD runs weekly. One that backs up AD runs nightly. An OU exists for each department, one of which is Sales, whose users report they can't log in. You discover that their OU has been deleted, though you're not sure if other objects were affected.
You need to recover all accidentally deleted objects and your solution should maximize network availability. What should you do first?
a - perform an authoritative restore b - use get-adobject c - perform a nonauthoritative restore d - run ldp.exe e - run dsamain.exe |
e - You should run dsamain.exe, which allows you to mount a snapshop or backup of an LDAP server, such as an AD LDS instance. You can then examine the directory using ldp.exe to determine which objects were disabled and which attributes need to be set. You can then use tombstone reanimation to recover the objects and use the information you obtained by viewing the snapshot to configure the attributes and back-links of the objects.
- ldp.exe should be run after the snapshot has been mounted. It is a GUI that allows you to browse and manage an AD LDS instance. It can also allow you to enable the AD recycle bin. The gotcha here is that the recycle bin is available only in server 08R2. Since you have a non-R2 server in the domain, you would not be able to activate the recycle bin.
- An authoritative restore would allow the recovery of deleted objects, but it would necessitate that the DC be put in directory services restore mode, which would negatively impact network availability.
- A nonauthoritative restore can't recover deleted objects and would also necessitate that the DC be put in directory services restore mode. |
|
|
(ms technet) An authoritative restore process returns a designated, deleted AD object or container of objects to its pre-deleted state. This process consists of 2 parts:
1. A ______a__________ restore from backup, followed by 2. an _____b______ restore of the deleted objects. This last step must be performed before replication occurs, as it marks the deleted objects as "_____b______" which tells the DC to replicate those changes to the domain.
Alternatives: 1. If you can isolate a global catalog server in the domain before it receives replication of the deletion, you can use rep__(c)___ /showrepl to determine the date and time of the latest inbound replication of the domain directory partition where the deletions occurred.
G___(d)___ ___(d)____ servers often have greater replication latency than ordinary DCs, and they are better restore candidates because they store universal group memberships. If you catch the replication before it happens, you can perform an authoritative restore on it to recover deleted memberships for all groups in the domain and for all universal groups in other domains. But you must be quick - replication must be stopped immediately! - Use the _____e_____ snap-in to stop AD DS - Take the global catalog service offline by restarting it in ______f_____ (DSRM). - Use ____c____ to stop inbound replication |
a - nonauthoritative b - authoritative c - repadmin d - Global catalog e - services f - directory services restore mode
|
|
|
(practice exam) You need to move the AD database on your Server 08R2 DC while having a minimal impact on the other services running. What should you do first? a - restart the DC in DSRM (directory services restore mode) b - run net stop to stop the AD DS service c - run ntdsutil to compact the database d - run dcpromo to force removal of the AD DS role. |
b - You should first run net stop in an elevated command prompt like so: net stop ntds, and confirming "y" at the prompt describing which services will be stopped. (This is possible because Windows Server 2008 and later supports restartable AD DS).
Once this is done you can use ntdsutil to compact and then move the database and log files. When this process is finished, you'd verify everything was done as you intended (the files are where you sent them) and restart AD (net start ntds). |
