Windows Server 2008 Hyper-V Backup

I did a lot of research before providing this solution to public and I think that the combination of the script I wrote with some registry modifications and the limitation of Windows Backup Schedule to store the backup to a remote network share or external drive with automatic date creation to store the backups, inspired me to share a solution around this.

First of all make sure that you applied the registry modification to support Hyper-V VSS Writer. Instructions on how to do so you can find in this post:
To be able to enable VSS backup of Hyper-V Virtual Machines you will need to manual add a registry hack that will enable Hyper-V VSS Writer to be used with Windows Server 2008 Backup.

Be sure that you have the latest patches installed for your Windows Server before proceed.

1) Regedit
2) Browse:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
3) Select CurrentVersion and Create a New Key WindowsServerBackup
4) Select WindowsServerBackup and create a new key: Application Support
5) Select Application Support and create a new key: {66841CD4-6DED-4F4B-8F17-FD23F8DDC3DE}
6) Under {66841CD4-6DED-4F4B-8F17-FD23F8DDC3DE} create a New String Value named

Application Identifier with the value Hyper-V
Or
You could create a new file hyperv_vss_writer.reg and paste the following:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WindowsServerBackup]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WindowsServerBackup\Application Support]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WindowsServerBackup\Application Support\{66841CD4-6DED-4F4B-8F17-FD23F8DDC3DE}]
"Application Identifier"="Hyper-V"
Then execute the file to import the modifications to registry

Create a batch file with the following code:

@echo off
:: set variables
set remote=\\remoteip\remotefolder
set folder=%date:~7,2%-%date:~4,2%-%date:~10,4%
set localC=C:
set localD=D:
:: do not modify below
echo Backup Started..
mkdir “%remote%\%folder%”
wbadmin start backup -backupTarget:”%remote%\%folder%” -include:%localC%,%localD% -quiet
echo Backup Complete Succesfully
@pause

In the variables area we define: set folder=%date:~7,2%-%date:~4,2%-%date:~10,4%” which a dated folder directory will be created on the remote location in the format of d-m-Y (ex: 05-11-2008).
Then we execute the wbadmin command with -backupTarget: option to select our destination backup folder. That could be a second local drive, an external usb drive or a network share.
After that we are using the -include: option to select the local drives or paths that we want to backup, which in our case is two volumes called C: and D:. You are not limited to backup the whole volumes but you could easily decide to backup only specific folders from each volume but you will have to define them in the script above.

I had tested a full backup and restoration of Hyper-V images and they are booting succesfully.

To create a scheduled backup

1) Create a new folder on C: drive named BackupSchedule
2) Place the backup script to BackupSchedule Folder
3) Create a backup account that will run the schedule (ex: backup)
4) Create a Schedule Task to run on daily basis the time and hour you wish to backup your server. Remember while you create your task to assign the backup account and select Run whether user is logged on or not option. Also be sure to have the same account details on the remote network location to avoid asking for a password.

 

Sample Output of the batch script running:

 

Default IIS 7 Log files location

As you might notice in Internet Information Services 7 the default log location for files has been changed. In this article we are pointing out the default log files location for both IIS7 and its predecessor IIS6

IIS 7 Log files location

%SystemDrive%\inetpub\logs\LogFiles

IIS 6 Log files location

%windir%\System32\LogFiles

Backup and Restore IIS 6.0 in Windows Server 2003

This article will show how to succesfully backup and restore an IIS 6.0 configuration without any issues to a new server installation. Although it is an easy process to do there are some issues that we have to be aware of.
If we plan to backup and restore IIS 6.0 to the same server installation or repair an IIS we can create a backup without a passsword. This way we are creating a non-portable backup for IIS 6 metabase. Because the machine key is used in case we dont provide a backup we will have to restore it to the same original machine.
The trick here is that to succesfully create a backup for a new server and for us to be able to restore it without errors we MUST create a password. This approach is called a portable backup for IIS 6 metabase.
Portable Backup of IIS 6.0 Metabase
1) Open IIS Manager
2) Second Mouse Click on Local Computer -> All Tasks -> Backup/Restore Configuration

3) Under Configuration backup name type a name for your backup

4) Select Encrypt backup using password and type your password twice.

5) Start -> Run -> %systemroot%\system32\inetsrv\MetaBack
6) Copy to the new server the two ackup files created under the name you give with extensions .SC0 and MD0
7) Copy all your web folders to the new server

Restoring IIS 6.0 Metabase on new server

1) Restore all your web folders back to the new server
2) Open IIS Manager
3) Second Mouse Click on Local Computer -> All Tasks -> Backup/Restore Configuration

4) Select the file you want to restore and enter the password when prompt

After restoration is complete be sure that you have installed latest Framework 3.5 SP1 and in case you have the sites connected to an external sql database you double check your configuration changes.

1) What is Active Directory?

A central component of the Windows platform, Active Directory directory service provides the means to manage the identities and relationships that make up network environments. For example we can create, manage and administrator users, computers and printers in the network from active directory.

2) What is DNS? Why it is used? What is “forward lookup” and “reverse lookup” in DNS? What are A records and mx records?

DNS is domain naming service and is used for resolving names to IP address and IP addresses to names. The computer understands only numbers while we can easily remember names. So to make it easier for us what we do is we assign names to computers and websites. When we use these names (Like yahoo.com) the computer uses DNS to convert to IP address (number) and it executes our request.

Forward lookup: Converting names to IP address is called forward lookup.

Reverse lookup: Resolving IP address to names is called reverse lookup.

‘A’ record: Its called host record and it has the mapping of a name to IP address. This is the record in DNS with the help of which DNS can find out the IP address of a name.

‘MX’ Record: its called mail exchanger record. Its the record needed to locate the mail servers in the network. This record is also found in DNS.

3) What id DHCP? Why it is used? What are scopes and super scopes?

DHCP: Dynamic host configuration protocol. Its used to allocate IP addresses to large number of PCs in a network environment. This makes the IP management very easy.

Scope: Scope contains IP address like subnet mask, gateway IP, DNS server IP and exclusion range which a client can use to communicate with the other PCs in the network.

Superscope: When we combine two or more scopes together its called super scope.

4) What are the types of LAN cables used? What is a cross cable?

Types of LAN cables that are in use are “Cat 5″ and “Cat 6″. “Cat 5″ can support 100 Mbps of speed and “CAT 6″ can support 1Gbps of speed.

Cross cable: Its used to connect same type of devices without using a switch/hub so that they can communicate.

5) What is the difference between a normal LAN cable and cross cable? What could be the maximum length of the LAN cable?

The way the paired wires are connected to the connector (RJ45) is different

in cross cable and normal LAN cable.

The theoretical length is 100 meters but after 80 meters you may see drop in speed due to loss of signal.

6) What would you use to connect two computers without using switches?

Cross cable.

7) What is IPCONFIG command? Why it is used?

IPCONFIG command is used to display the IP information assigned to a computer. From the output we can find out the IP address, DNS IP address, gateway IP address assigned to that computer.

What is APIPA IP address? Or what IP address is assigned to the computer when the DHCP server is not available?

When DHCP server is not available the Windows client computer assigns an automatic IP address to itself so that it can communicate with the network computers. This ip address is called APIPA. ITs in the range of 169.254.X.X.

APIPA stands for Automatic private IP addressing. Its in the range of 169.254.X.X.

9) What is a DOMAIN? What is the difference between a domain and a workgroup?

Domain is created when we install Active Directory. It’s a security boundary which is used to manage computers inside the boundary. Domain can be used to centrally administrator computers and we can govern them using common policies called group policies.

We can’t do the same with workgroup.

10) Do you know how to configure outlook 2000 and outlook 2003 for a user?

Please visit the link below to find out how to configure outlook 2000 and outlook 2003. http://www.it.cmich.edu/quickguides/qg_outlook2003_server.asp

11) What is a PST file and what is the difference between a PST file and OST file? What file is used by outlook express?

PST file is used to store the mails locally when using outlook 2000 or 2003. OST file is used when we use outlook in cached exchanged mode. Outlook express used odb file.

12) What is BSOD? What do you do when you get blue screen in a computer? How do you troubleshoot it?

BSOD stands for blue screen of Death. when there is a hardware or OS fault due to which the windows OS can run it give a blue screen with a code. Best way to resolve it is to boot the computer is “Last known good configuration”.

If this doesn’t work than boot the computer in safe mode. If it boots up than the problems with one of the devices or drivers.

13) What is RIS? What is Imaging/ghosting?

RIS stands for remote installation services. You save the installed image on a windows server and then we use RIS to install the configured on in the new hardware. We can use it to deploy both server and client OS. Imaging or ghosting also does the same job of capturing an installed image and then install it on a new hardware when there is a need. We go for RIS or imaging/ghosting because installing OS every time using a CD can be a very time consuming task. So to save that time we can go for RIS/Ghosting/imaging.

14) What is VPN and how to configure it?

VPN stands for Virtual private network. VPN is used to connect to the corporate network to access the resources like mail and files in the LAN. VPN can be configured using the steps mentioned in the KB: http://support.microsoft.com/kb/305550

15) Your computer slowly drops out of network. A reboot of the computer

fixes the problem. What to do to resolve this issue?

Update the network card driver.

16) Your system is infected with Virus? How to recover the data?

Install another system. Install the OS with the lates patches, Antivirus with latest updates. Connect the infected HDD as secondary drive in the system. Once done scan and clean the secondary HDD. Once done copy the files to the new system.

17) How to join a system to the domain? What type of user can add a system to the domain?

Please visit the article below and read “Adding the Workstation to the Domain” http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologi /directory/

18) What is the difference between a switch and a hub?

Switch sends the traffic to the port to which its meant for. Hub sends the traffic to all the ports.

19) What is a router? Why we use it?

Router is a switch which uses routing protocols to process and send the traffic. It also receives the traffic and sends it across but it uses the routing protocols to do so.

20) What are manageable and non manageable switches?

Switches which can be administered are called manageable switches. For example we can create VLAN for on such switch. On no manageable switches we can’t do so.

KCC

The KCC is a built-in process that runs on all domain controllers and generates replication topology for the Active Directory forest. The KCC creates separate replication topologies depending on whether replication is occurring within a site (intrasite) or between sites (intersite). The KCC also dynamically adjusts the topology to accommodate new domain controllers, domain controllers moved to and from sites, changing costs and schedules, and domain controllers that are temporarily unavailable.

How do you view replication properties for AD?

By using Active Directory Replication Monitor.

Start--> Run--> Replmon

What are sites What are they used for?

One or more well-connected (highly reliable and fast) TCP/IP subnets. A site allows administrators to configure Active Directory access and replication topology to take advantage of the physical network.

Name some OU design considerations?

OU design requires balancing requirements for delegating administrative rights - independent of Group Policy needs - and the need to scope the application of Group Policy. The following OU design recommendations address delegation and scope issues:

Applying Group Policy An OU is the lowest-level Active Directory container to which you can assign Group Policy settings. Delegating administrative authority usually don't go more than 3 OU levels

http://technet.microsoft.com/en-us/library/cc783140.aspx

What are FMSO Roles? List them.

Fsmo roles are server roles in a Forest

There are five types of FSMO roles

1-Schema master

2-Domain naming master

3-Rid master

4-PDC Emullator

5-Infrastructure master

Logical Diagram of Active Directory ?, What is the difference between child domain & additional domain Server?

Well, if you know what a domain is then you have half the answer. Say you have the domain Microsoft.com. Now microsoft has a server named server1 in that domain, which happens to the be parent domain. So it's FQDN is server1.microsoft.com. If you add an additional domain server and name it server2, then it's FQDN is server2.microsoft.com.

Now Microsoft is big so it has offices in Europe and Asia. So they make child domains for them and their FQDN would look like this: europe.microsoft.com & asia.microsoft.com. Now lets say each of them have a server in those child domains named server1. Their FQDN would then look like this: server1.europe.microsoft.com & server1.asia.microsoft.com..

What are Active Directory Groups?

Groups are containers that contain user and computer objects within them as members. When security permissions are set for a group in the Access Control List on a resource, all members of that group receive those permissions. Domain Groups enable centralized administration in a domain. All domain groups are created on a domain controller.

In a domain, Active Directory provides support for different types of groups and group scopes. The group type determines the type of task that you manage with the group. The group scope determines whether the group can have members from multiple domains or a single domain.



Group Types

* Security groups: Use Security groups for granting permissions to gain access to resources. Sending an e-mail message to a group sends the message to all members of the group. Therefore security groups share the capabilities of distribution groups.

* Distribution groups: Distribution groups are used for sending e-main messages to groups of users. You cannot grant permissions to security groups. Even though security groups have all the capabilities of distribution groups, distribution groups still requires, because some applications can only read distribution groups.

Group Scopes

Group scope normally describe which type of users should be clubbed together in a way which is easy for there administration. Therefore, in domain, groups play an important part. One group can be a member of other group(s) which is normally known as Group nesting. One or more groups can be member of any group in the entire domain(s) within a forest.

* Domain Local Group: Use this scope to grant permissions to domain resources that are located in the same domain in which you created the domain local group. Domain local groups can exist in all mixed, native and interim functional level of domains and forests. Domain local group memberships are not limited as you can add members as user accounts, universal and global groups from any domain. Just to remember, nesting cannot be done in domain local group. A domain local group will not be a member of another Domain Local or any other groups in the same domain.

* Global Group: Users with similar function can be grouped under global scope and can be given permission to access a resource (like a printer or shared folder and files) available in local or another domain in same forest. To say in simple words, Global groups can be use to grant permissions to gain access to resources which are located in any domain but in a single forest as their memberships are limited. User accounts and global groups can be added only from the domain in which global group is created. Nesting is possible in Global groups within other groups as you can add a global group into another global group from any domain. Finally to provide permission to domain specific resources (like printers and published folder), they can be members of a Domain Local group. Global groups exist in all mixed, native and interim functional level of domains and forests.

* Universal Group Scope: these groups are precisely used for email distribution and can be granted access to resources in all trusted domain as these groups can only be used as a security principal (security group type) in a windows 2000 native or windows server 2003 domain functional level domain. Universal group memberships are not limited like global groups. All domain user accounts and groups can be a member of universal group. Universal groups can be nested under a global or Domain Local group in any domain.

What are the types of backup? Explain each?

Incremental

A "normal" incremental backup will only back up files that have been changed since the last backup of any type. This provides the quickest means of backup, since it only makes copies of files that have not yet been backed up. For instance, following our full backup on Friday, Monday’s tape will contain only those files changed since Friday. Tuesday’s tape contains only those files changed since Monday, and so on. The downside to this is obviously that in order to perform a full restore, you need to restore the last full backup first, followed by each of the subsequent incremental backups to the present day in the correct order. Should any one of these backup copies be damaged (particularly the full backup), the restore will be incomplete.

Differential

A cumulative backup of all changes made after the last full backup. The advantage to this is the quicker recovery time, requiring only a full backup and the latest differential backup to restore the system. The disadvantage is that for each day elapsed since the last full backup, more data needs to be backed up, especially if a majority of the data has been changed.

What is the SYSVOL folder?

The Windows Server 2003 System Volume (SYSVOL) is a collection of folders and reparse points in the file systems that exist on each domain controller in a domain. SYSVOL provides a standard location to store important elements of Group Policy objects (GPOs) and scripts so that the File Replication service (FRS) can distribute them to other domain controllers within that domain.

You can go to SYSVOL folder by typing : %systemroot%/sysvol

What is the ISTG Who has that role by default?

The first server in the site becomes the ISTG for the site, The domain controller holding this role may not necessarily also be a bridgehead server.

What is the order in which GPOs are applied?

Local, Site, Domain, OU

How to move Exchange databases and logs in Exchange Server 2003

If you want to move log files or database files to another drive, use the following procedures.


To move log filesStart Exchange System Manager.

Click Administrative Groups.

Note If Administrative Groups does not appear, it may not be turned on. To turn

on Administrative Groups, right-click Exchange Organization in Exchange

System Manager, and then click Properties. Click to select the Display

Administrative Groups check box.

Locate the storage group where you want to change log file paths, right-click the storage group, and then click Properties.

Click the General tab, click the Browse button next to the Transaction log location box, and then specify the new drive or folder location for the log files.

To move databasesStart Exchange System Manager.

Open the administrative group that contains the database that you want to change.

Under Storage Group, right-click the mailbox store or the public folder store that you want to change, and then click Properties.

Click the Database tab.

Next to the database that you want to change, click Browse, and then specify a new drive or folder location for the files.

Notes

With the databases, you can decide to move the Exchange Database (.edb file), the Exchange Streaming Database (.stm file), or both.

If the databases are still mounted, you receive the following message:

You are about to perform the following operation(s):

- change Exchange database location

To perform the requested operation(s), the store must be temporarily dismounted which will make it inaccessible to any user.


Do you want to continue?

Click Yes to dismount the database automatically and move the location.

When you finish moving the databases, remount the databases manually.

You can move the log files and database files to any folder that you want to create. When you move logs and database files, you may want to create the Exchsrvr\Mdbdata file structure for consistency reasons, but you are not obligated to do so.

You must grant the following default permissions to the new Mdbdata folder that contains the log files and database files:

Administrators: Full Control

Authenticated Users: Read and Execute, List Folder Contents, Read

Creator Owner: None

Server Operators: Modify, Read and Execute, List Folder Contents, Read, Write

System: Full Control

Note Only assign permissions to the Server Operators group if the Exchange server is a domain controller. Otherwise, assign permissions to the Power Users group. Only domain controllers should have permissions to the built-in Server Operators group. Stand-alone and member servers should have permissions to the built-in Power Users group.

You may also have to grant the following permissions to the root drive that contains the new Mdbdata folder:

System: Full Control

During the process of moving log files and database files, your store is temporarily dismounted. Because the store is temporarily dismounted, it is inaccessible to your users until the process is completed. Moving log files or database files invalidates all existing incremental and differential backups; therefore, make a full backup after these changes.

Do not delete or rename the Old MDBdata Folder path after you move the Exchange database. If you want to delete the old MDBdata folder, make sure that the following working directory parameter in the registry points to the new location:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\ParametersSystem

Value name: Working Directory

Value type: REG_SZ

Value data: C:\Program Files\Exchsrvr\Mdbdata

Do not move databases to the root of a drive. Instead, move databases at least one subfolder down from the root drive. For example, do not use C:\ as the path of the database or log files. Instead, you could use the C:\Subfolder path. In an organization that uses Exchange 2003 and Exchange 2007, the 2007 management tools will flag database or log files that are the root of a drive as an error.

APPLIES TOMicrosoft Exchange Server 2003 Enterprise Edition

Microsoft Exchange Server 2003 Standard Edition

Understanding of Flexible Single Master Operations (FSMO) Role / Server or Simply Operations Master for Windows 2003 and 2008 servers

What is FSMO Roles?

Microsoft designed Active Directory in such a fashion that you can perform most configuration activities from any domain controller. However, certain functions within the directory are restricted to specific domain controllers, which are known as Flexible Single Master Operations (FSMO) Role / Server or Simply Operations Master.

There are five roles in FSMO out which two roles are forest based and rest three are domain based roles.

Forest Based Roles

•Schema master

•Domain naming master

Domain Based Roles

•PDC emulator

•Infrastructure master

•RID master

In details below:-

•Schema master—holds the only writable copy of the Active Directory Schema. This is a configuration database that describes all available object and function types in the Active Directory forest. Only one domain controller in the forest holds this role.

•Domain naming master—ensures that any newly created domains are uniquely identified by names that adhere to the proper naming conventions for new trees or child domains in existing trees. Only one domain controller in the forest holds this role.

•PDC emulator—Serves as a primary domain controller (PDC) for Windows NT 4.0 client computers authenticating to the domain and processes any changes to user properties on these clients, such as password changes. This server also acts as a time synchronization master to synchronize the time on the remaining domain controllers in the domain. One domain controller in each domain holds this role.

•Infrastructure master—Updates references in its domain from objects such as domain group memberships to objects in other domains. This server processes any changes in objects in the forest received from global catalog servers and replicates these changes to other domain controllers in its domain. One domain controller in each domain holds this role.

•RID master—Assigns security identifiers (SIDs) to objects created in its domain. A SID consists of a domain identifier common to all objects in its domain and a relative identifier (RID) that is unique to each object. This server ensures that no two objects have the same RID and hands out pools of RIDs to every domain controller in its domain. One domain controller in each domain holds this role.

Exchange Server 2007 Interview Question And Answer

What is Exchange Server 2007?

Microsoft Exchange Server 2007 is the next version of Microsoft Exchange. Microsoft Exchange is the industry’s leading e-mail, calendaring, and unified messaging server. The release of Exchange Server 2007 is closely aligned with the 2007 Microsoft Office release. Together, these products deliver a best-in-class enterprise messaging and collaboration solution.

What is new in Exchange Server 2007?

Exchange 2007 provides built-in protection to keep the e-mail system up and running and protected from outside threats and lets employees work more productively from wherever they are by using a variety of clients. These clients include Microsoft Office Outlook 2007, Microsoft Office Outlook Web Access, and mobile devices. Exchange Server 2007 makes it easier for IT departments to deliver these new capabilities to their organizations by making the messaging environment easier to manage and more cost-efficient. For more information about Exchange Server 2007

How does Exchange Server 2007 integrate with Microsoft Office Outlook 2007?

Outlook 2007 provides the most complete e-mail, calendaring, contacts, and tasks functionality available in an e-mail client that is compatible with Exchange. When Outlook 2007 is used with Exchange Server 2007, users benefit from the new Scheduling Assistant that automates time-consuming meeting and resource scheduling, the ability to plan and customize out-of-office communications, and managed e-mail folders that facilitate compliance with internal and regulatory policies. Outlook 2007 and Exchange Server 2007 also combine to enhance security by offering features that are easy to use and let users confidently send and receive sensitive business communications through e-mail. By enabling the Autodiscover service, you can reduce the complexity of client configuration and reduce administrative costs that are associated with troubleshooting connectivity issues for users.

What are the different editions of Exchange Server 2007?

Exchange Server 2007 is offered in two server editions: Standard Edition and Enterprise Edition. Exchange Server 2007 Standard Edition is designed to meet the messaging and collaboration needs of small and medium organizations. It may also be appropriate for specific server roles or branch offices. Exchange Server 2007 Enterprise Edition, designed for large enterprise organizations, enables the creation of multiple storage groups and databases. For more information about Exchange Server 2007 editions and Client Access Licenses

How can I upgrade my current Exchange 2000 Server or Exchange Server 2003 environment?

When you upgrade to Exchange Server 2007, you cannot perform an in-place server upgrade on an existing Exchange server. Instead, you must install a new Exchange 2007 server into the existing organization, and then move the required data to the new Exchange server. Exchange Server 2007 supports mixed environments that include Exchange 2000 Server, Exchange Server 2003, or both. This allows for an easier and more gradual transition. For more information about how to plan and deploy Exchange Server 2007

Should I map my current routing groups to my current Active Directory sites?

Exchange 2007 is based on Active Directory sites. If your current Microsoft Exchange environment maps as closely as possible to Active Directory sites, your interoperability and migration story will be easier. Additionally, the recommended upgrade path is to upgrade all the Exchange 2000 Server or Exchange Server 2003 servers in a single routing group before you upgrade the next routing group. This lets you fully decommission a routing group as you upgrade and reduces the complexity of your current routing topology. Mapping the Exchange 2000 Server or Exchange Server 2003 routing groups to the Exchange 2007 physical topology also makes it easier to plan for an upgrade to Exchange 2007 because the two environments are similarly organized and generally correlate to Active Directory sites.

ESX interview questions

1. What is Virtualization

Ans. Virtualization is an abstraction layer that decouples the physical hardware from the operating system to deliver greater IT resource utilization and flexibility. Virtualization allows multiple virtual machines, with heterogeneous operating systems to run in isolation, side-by-side on the same physical machine. Each virtual machine has its own set of virtual hardware (e.g., RAM, CPU, NIC, etc.) upon which an operating system and applications are loaded. The operating system sees a consistent, normalized set of hardware regardless of the actual physical hardware components

2. What is Hypervisor

Ans. A hypervisor, sometimes referred to as a virtualization manager, is a program that allows multiple operating systems, which can include different operating systems or multiple instances of the same operating system, to share a single hardware processor. A hypervisor must be designed for a particular processor architecture, such as the PowerPC or Intel's x86 processor. Each operating system appears to have the processor, memory, and other resources all to itself. However, the hypervisor actually controls the real processor and its resources, allocating what is needed to each operating system in turn.

Because an operating system is often used to run a particular application or set of applications in a dedicated hardware server, the use of a hypervisor can make it possible to run multiple operating systems (and their applications) in a single server, reducing overall hardware costs. Production and test systems can run at the same time in the same hardware. In addition, with a hypervisor such as the one recently discussed by Microsoft, different operating systems such as Windows and Linux can share the same server

3. How ESX do the Virtualization

Ans. It uses hypervisor to do the virtualization

4. What is Emulation

Ans. Refers to the ability of a program or device to imitate another program or device. Emulation, is quite simply the translation of software written for a different subset of hardware or for a different operating system into software which will run on the current platform. To put it quite simply its any computer program that mimics the behavior of any other piece of computer hardware, such as an older computer or video game console.

5. What is the difference between emulation and virtualization

Emulation is providing your user with a complete model of your emulated system for their use, requiring every little thing to be translated between your host and your target environments.

Virtualization is a way of exposing the "virtualized" object for shared use, in other (very loose) words, dividing the resources of your host computer into many "virtual copies" of those resources, fooling the user of each virtual copy of the host into believing that they are running on a "real" machine and have the whole machine to themselves.

Virtualization is much faster than emulation, due to the fact that you are using the "real" components rather than a software simulation.

In emulation the virtual machine simulates the complete hardware in software. This allows an operating system for one computer architecture to be run on the architecture that the emulator is written for.

6. What is Service Console

Ans. SC often called as COS (Console Operating System) is the interface

To access the ESX base operating system. ESX will interact with the

Hardware directly and SC will access the ESX in order to get the access to the hardware.

7. Is SC can be called as ESX

Ans. No Sc is merely an access point of ESX; mainly a interface of it.

8. How SC connects to the Hardware

Ans. SC mainly uses ESX to access the physical hardware layer

9. Can you VMotion the images.

Ans. No we can only VMotion the instances not the images.

10. Can you power on a template.

Ans. No. We cannot power on a template. In VI3 and VC2 we have a option to first convert the template to a Virtual Instance and then we can Power it on and do the required modifications on it and then we can again Convert it to a modified template. In ESX 2.x and VC 1.x we did not Have this capability Virtual Center 1 did not offer the ability to power on a template once Created. Now in VirtualCenter 2.,templates can be converted to virtual machines and powered on without deploying them.

11. How a VC communicate with the ESX

Ans. mgmt-vmware is service which starts and watchdogs hostd daemon.

mgmt-vmware is just a simple script that starts up hostd and vpxa. hostd

is an app that runs in the Service Console that is responsible for

managing most of the operations on the ESX machine. It knows about all the VMs that are registered on that host, the luns/vmfs volumes visible by the host, what the VMs are doing, etc. Most all commands or operations come down from VC through it. ie, powering on a VM, vmotion'ing it, creating it, etc. vpxa also runs on the Service Console and talks to VC. I believe it acts as an intermediary between VC and hostd. I think it also does some housekeeping on the ESX host, but not as much as hostd. vpxa also runs on the Service Console and talks to VC. vpxa stands for Virtual Center Agent.

vpxalogging can be modified with vpxa.cfg/etc/vmware/vpxa.cfg

Restart required for changes to take effect. service vmware-vpxa

restart is the command to restarst the vpxa.

So VC will communicate to the hostd that is in ESX via vpxa. The

service for the VC is vpxd. So vpxd will tralk to hostd via vpxa.

12. What is vpxd

Ans.

13. WHat is vpxa Service Console

Ans. vpxa also runs on the and talks to VC. I believe it acts as an intermediary between VC and hostd. I think it also does some housekeeping on the ESX host, but not as much as hostd. vpxa also runs on the Service Console and talks to VC. vpxa stands for Virtual

Center Agent. vpxalogging can be modified with vpxa.cfg/etc/vmware/vpxa.cfg Restart required for changes to take effect. service vmware-vpxa restart is the command to restarst the vpxa.

14. What is hostd

Ans. hostd is an app that runs in the Service Console that is responsible for managing most of the operations on the ESX machine. It knows about all the VMs that are registered on that host, the luns/vmfs volumes visible by the host, what the VMs are doing, etc. Most all commands or operations come down from VC through it. ie, powering on a VM, vmotion'ing it, creating it, etc.

15. What are the ports needs to be open in order to connect a ESX to a VC

Ans. There are lot of ports needs to be open but the main port which

talks to ESX from VC is TCP 902. 27000 is the port which is used for

License server.

16. What are the log files for ESX

Ans. There are plenty log files for ESX and they can be gather using a

command called vm-support. So in order to send the log files to VMware

for further troubleshooting you need to run vm-support command and it

will generate a zip file which will contain the esx log files. Those

files are:

vmkernel - /var/log/vmkernel

vmkernel warning - /var/log/vmkwarning

vmkernel summary - /var/log/vmksummary and vmksummary.txt

Host agent logs - /var/log/vmware/hostd.log

SC log - /var/log/messages

Web Access log - /var/log/vmware/webaccess

Auth log - /var/log/secure

VC Agent - /var/log/vmware/vpx

17. How do you consolidate those log files

Ans. As mentioned earlier we need to run vm-support command to

consolidate those logs

18. How do you check what are the LUNs are available to your ESX server

Ans. You can run esxcfg-mpath -l which can show this to us. vdf -h can

also show the sizes of those LUNs. fdisk -l also can show us the sizes

of the LUNs. esxcfg-vmhbadevs can show us the available LUNs to our

box.

19. How do you check the sizes available to those LUNs

Ans. vdf -h can also show the sizes of those LUNs. fdisk -l also can

show us the sizes of the LUNs.

20. Can you create a directory under VMFS2 file systems

Ans. VMFS2 is used by ESX Server v2.x and v3.x. While ESX Server 3.x

can read from VMFS2, it will not mount it for writing. VMFS2 is a flat

filesystem with no directory structure.

VMFS3 is used by ESX Server v3.x. As a most noticeable feature, it

introduced directory structure in the filesystem. Older versions of ESX

Server cannot read or write VMFS3 volumes. Beginning from ESX 3 and VMFS3,

also virtual machine configuration files are stored in the VMFS

partition by default.

21. Is vpxa required to be in middle to communicate the ESX and VC

Ans. Yes that is required. vpxa is the VC Agent which runs on esx and

act as a intermediate between hostd and vpxd.

22. What are the prerequisites for VMOTION

Ans. A dedicated Gigabit Ethernet link. A VSwitch created and dedicated

to it. The port need to be linked to the VSwitch. A portgroup needs to

be created towards this. Also a dedicated ip and a VLAN.

23. What are the prerequisites for VC2

Ans. Enough Space on this. One databse like SQL server, Oracle or

atleast MSDE.

24. What is VMNIX ?

Ans. ESX Server Service Console (vmnix). ESX Server kernel (Vmkernel).

The console is managed by vmnix kernel.

25. What is exact file where the VM data is stored

Ans. There are lot of files stored where a VM instance stored. They are

.vmdk, .nvram, -flat.vmdk, .vmsd, .vmtx, .vmxf, vmware.log. Now from

all these files the data file is the flat file. That file also can be

opened as a regular file in VI3.

25. Can you do a VMotion when processor affinity is enabled in HA.

Ans. No. When you have the processor affinity set to a VM Instance then

you cannot do a VMtion to it. As that VM is supposed to be run on

Processor X on ESX X so it does not matter whether this is a standard box

or is in Cluster.

26. What is HA and DRS?

VMware DRS (Distributed Resource Scheduling) and

VMware HA (High Availability Options).



27. How do you take the screen shot of ESX issue and a VM Windows

Instance issue?

28. What would be the best practices in order to get your ESX up and


running

29. Will you be able to see the VM after creating a Template from it

Ans. No you cannot see the VM instance after you create the template

from it. Again what you can do is you can go ahead and make a instance

from that template.

30. What is Server Consolidation

Ans. Server consolidation is an approach to the efficient usage of computer server resources in order to reduce the total number of servers or server locations that an organization requires. The practice developed in response to the problem of server sprawl, a situation in which multiple, under-utilized servers take up more space and consume more resources than can be justified by their workload.

According to Tony Iams, Senior Analyst at D.H. Brown Associates Inc. in Port Chester, NY, servers in many companies typically run at 15-20% of their capacity, which may not be a sustainable ratio in the current economic environment. Businesses are increasingly turning to server consolidation as one means of cutting unnecessary costs and maximizing return on investment (ROI) in the data center. Of 518 respondents in a

Gartner Group research study, six percent had conducted a server consolidation project, 61% were currently conducting one, and 28% were planning to do so in the immediate future.

Although consolidation can substantially increase the efficient use of server resources, it may also result in complex configurations of data, applications, and servers that can be confusing for the average user to contend with. To alleviate this problem, server virtualization may be used to mask the details of server resources from users while

optimizing resource sharing. Another approach to server consolidation is the use of blade servers to maximize the efficient use of space.

31. What are the minimum H/W requirements to install VirtualCenter Server ?

* VirtualCenter Server hardware must meet the following requirements:

Processor : 2.0GHz or higher Intel or AMD x86 processor. Processor requirements can be larger if your database server is also run on the same hardware.

Memory : 2GB RAM minimum. RAM requirements can be larger if your database is run on the same hardware .

Disk storage :Nearly 1GB free disk space

Networking : 10/100 Ethernet adapter minimum (Gigabit recommended).

Scalability : A VirtualCenter Server configured with the hardware minimums can support 20 concurrent clients, 50 ESX Server hosts, and over 1000 virtual machines.

A dual processor VirtualCenter Server with 3GB RAM can scale to 50 concurrent client connections, 100 ESX Server hosts, and over 2000 virtual machines

32. Which softwares are supported for Virtual Infrastructure Client ?

* The Virtual Infrastructure Client is designed for the 32 it versions of these operating systems:

o Windows 2000 Pro SP4

o Windows 2000 Server SP4

o Windows XP Pro (at any SP level)

o Windows 2003 (all releases except 64bit)

Beginners: Learn Linux

A beginners guide to Linux for those with little or no computer experience.

1.What is Linux?

2.Understanding files and folders

3.Understanding users and permissions
4.Who and what is root
5.Opening a command shell / terminal
6.Your first Linux commands
◦6.1. ls - short for list
◦6.2. pwd - print name of current/working directory
◦6.3. cd - Change directory
7.The basic commands
◦7.1. chmod - Make a file executable
◦7.2. df - view filesystem disk space usage
◦7.3. du - View the space used by files and folders
◦7.4. mkdir - makes folders
◦7.5. passwd - changes your login password
■7.5.1. KDE
◦7.6. rm - delete files and folders, short for remove
◦7.7. ln - make symbolic links
◦7.8. tar archiving utility - tar.bz2 and tar.gz
■7.8.1. tar files (.tar.gz)
■7.8.2. bzip2 files (.tar.bz2)

1. What is Linux?

Linux is a free Unix-type operating system for computer devices. The operating system is what makes the hardware work together with the software. The OS is the interface that allows you to do the things you want with your computer. Linux is freely available to everyone. OS X and Windows are other widely used OS.

Linux gives you a graphical interface that makes it easy to use your computer, yet it still allows those with know-how to change settings by adjusting 0 to 1.

It is only the kernel that is named Linux, the rest of the OS are GNU tools. A package with the kernel and the needed tools make up a Linux distribution. Mandrake , SUSE Linux, Gentoo and Redhat are some of the many variants. GNU/Linux OS can be used on a large number of boxes, including i386+ , Alpha, PowerPC and Sparc.

2. Understanding files and folders

Linux is made with one thought in mind: Everything is a file.

A blank piece of paper is called a file in the world of computers. You can use this piece of paper to write a text or make a drawing. Your text or drawing is called information. A computer file is another way of storing your information.

If you make many drawings then you will eventually want to sort them in different piles or make some other system that allows you to easily locate a given drawing. Computers use folders to sort your files in a hieratic system.

A file is an element of data storage in a file system (file systems manual page). Files are usually stored on harddrives, cdroms and other media, but may also be information stored in RAM or links to devices.

To organize our files into a system we use folders. The lowest possible folder is root / where you will find the user homes called /home/.
/

/home/

/home/mom/

/home/dad/

Behind every configurable option there is a simple human-readable text file you can hand-edit to suit your needs. These days most programs come with nice GUI (graphical user interface) like Mandrakes Control Center and Suses YAST that can smoothly guide you through most configuration. Those who choose can gain full control of their system by manually adjusting the configuration files from foo=yes to foo=no in an editor.

Almost everything you do on a computer involves one or more files stored locally or on a network.

Your filesystems lowest folder root / contains the following folders:

/bin Essential user command binaries (for use by all users)

/boot Static files of the boot loader, only used at system startup

/dev Device files, links to your hardware devices like /dev/sound, /dev/input/js0 (joystick)

/etc Host-specific system configuration

/home User home directories. This is where you save your personal files

/lib Essential shared libraries and kernel modules

/mnt Mount point for a temporarily mounted filesystem like /mnt/cdrom

/opt Add-on application software packages

/usr /usr is the second major section of the filesystem. /usr is shareable, read-only data. That means that /usr should be shareable between various FHS-compliant hosts and must not be written to. Any information that is host-specific or varies with time is stored elsewhere.

/var /var contains variable data files. This includes spool directories and files, administrative and logging data, and transient and temporary files.

/proc System information stored in memory mirrored as files.

The only folder a normal user needs to use is /home/you/ - this is where you will be keeping all your documents.

/home/elvis/Documents

/home/elvis/Music

/home/elvis/Music/60s

Files are case sensitive, "myfile" and "MyFile" are two different files.

For more details, check out:

3. Understanding users and permissions

Linux is based on the idea that everyone using a system has their own username and password.

Every file belongs to a user and a group, and has a set of given attributes (read, write and executable) for users, groups and all (everybody).

A file or folder can have permissions that only allows the user it belongs to to read and write to it, allowing the group it belongs to to read it and at the same time all other users can't even read the file.

4. Who and what is root

Linux has one special user called root (this is the user name). Root is the "system administrator" and has access to all files and folders. This special user has the right to do anything.

You should never log on as this user unless you actually need to do something that requires it!

Use su - to temporary become root and do the things you need, again: never log into your sytem as root!

Root is only for system maintenance, this is not a regular user (LindowsOS don't have any user management at all and uses root for everything, this is a very bad idea!).

You can execute a command as root with:

su -c 'command done as root'
Gentoo Linux: Note that on Gentoo Linux only users that are member of the wheel group are allowed to su to root.
5. Opening a command shell / terminal

To learn Linux, you need to learn the shell command line in a terminal emulator.

In KDE: K -> System -> Konsoll to get a command shell)

Pressing CTRL-ALT-F1 to CTRL-ALT-F6 gives you the console command shell windows, while CTRL-ALT-F7 gives you XFree86 (the graphical interface).

xterm (manual page) is the standard XFree console installed on all boxes, run it with xterm (press ALT F2 in KDE and Gnome to run commands).
Terminals you probably have installed:

•xterm http://dickey.his.com/xterm/

•konsole (KDEs terminal)

•gnome-terminal (Gnomes terminal)

Non-standard terminals should install:

•rxvt http://www.rxvt.org/

•aterm http://aterm.sourceforge.net

6. Your first Linux commands

Now you should have managed to open a terminal shell and are ready to try your first Linux commands. Simply ask the computer to do the tasks you want it to using it's language and press the enter key (the big one with an arrow). You can add a & after the command to make it run in the background (your terminal will be available while the job is done). It can be practical to do things like moving big divx movies as a background process: cp movie.avi /pub &. Jobs - the basics of job control

6.1. ls - short for list

ls lists the files in the current working folder. This is probably the first command to try out. It as a number of options described on the ls manpage.

Examples:

ls

ls -al --color=yes

6.2. pwd - print name of current/working directory

pwd prints the fully resolved name of the current (working) directory. pwd manpage.

6.3. cd - Change directory

cd stands for change (working) directory and that's what it does. The folder below you (unless you are in /, where there is no lower directory) is called "..".

To go one folder down:

cd ..

Change into the folder Documents in your current working directory:

cd Documents

Change into a folder somewhere else:
cd /pub/video

The / in front of pub means that the folder pub is located in the / (lowest folder).

7. The basic commands

7.1. chmod - Make a file executable

To make a file executable and runnable by any user:

chmod a+x myfile

Refer to the chmod manual page for more information.

7.2. df - view filesystem disk space usage

df -h

Filesystem Size Used Avail Use% Mounted on

/dev/hda3 73G 67G 2.2G 97% /

tmpfs 2.0M 24K 2.0M 2% /mnt/.init.d

tmpfs 252M 0 252M 0% /dev/shm

The flags: -h, --human-readable Appends a size letter such as M for megabytes to each size.

df manpage

7.3. du - View the space used by files and folders

Use du (Disk Usage) to view how much space files and folders occupy. Read the du manual page for flags and usage.

du is a part of fileutils.

Example du usage:

du -sh Documents/

409M Documents

7.4. mkdir - makes folders

Folders are created with the command mkdir:

mkdir folder
To make a long path, use mkdir -p :
mkdir -p /use/one/command/to/make/a/long/path/

Like most programs mkdir supports -v (verbose). Practical when used in scripts.

You can make multiple folders in bash and other shells with {folder1,folder2} :

mkdir /usr/local/src/bash/{old,new,dist,bugs}

mkdir manual page

The command rmdir removes folders.

7.5. passwd - changes your login password

To change your password in Linux, type:

passwd

The root user can change the password of any user by running passwd with the user name as argument:

passwd jonny

will change jonnys password. Running passwd without arguments as root changes the root password.

If you need to add several new users and give them password you can use a handy program like Another Password Generator to generate a large set of "random" passwords.

7.5.1. KDE

From KDE you can change your password by going:

•K -> Settings -> Change Password

•K -> Settings -> Control Center -> System Administration -> User Account

7.6. rm - delete files and folders, short for remove

Files are deleted with the command rm:

rm /home/you/youfile.txt

To delete folders, use rm together with -f (Do not prompt for confirmation) and -r (Recursively remove directory trees):

rm -rf /home/you/foo/

Like most programs rm supports -v (verbose).
rm manual page

7.7. ln - make symbolic links

A symbolic link is a "file" pointing to another file.

To make a symbolic link :

ln /original/file /new/link

This makes /original/file and /new/link the same file - edit one and the other will change. The file will not be gone until both /original/file and /new/link are deleted.

You can only do this with files. For folders, you must make a "soft" link.

To make a soft symbolic link :

ln -s /original/file /new/link

Example:

ln -s /usr/src/linux-2.4.20 /usr/src/linux

Note that -s makes an "empty" file pointing to the original file/folder. So if you delete the folder a symlink points to, you will be stuck with a dead symlink (just rm it).

ln manual page

7.8. tar archiving utility - tar.bz2 and tar.gz

tar (manual page) is a very handle little program to store files and folders in archives, originally made for tapestreamer backups. Tar is usually used together with gzip (manual page) or bzip2 (manual page), comprepssion programs that make your .tar archive a much smaller .tar.gz or .tar.bz2 archive.

kde

You can use the program ark (K -> Utilities -> Ark) to handle archives in KDE. Konqueror treats file archives like normal folders, simply click on the archive to open it. The archive becomes a virtual folder that can be used to open, add or remove files just as if you were working with a normal folder.

7.8.1. tar files (.tar.gz)

To untar files:

tar xvzf file.tar.gz

To tar files:

tar cvzf file.tar.gz filedir1 filedir2 filedir2...

Note: A .tgz file is the same as a .tar.gz file. Both are also often refered to as tarballs.

The flags: z is for gzip, v is for verbose, c is for create, x is for extract, f is for file (default is to use a tape device).

7.8.2. bzip2 files (.tar.bz2)

To unpack files:

tar xjvf file.tar.bz2

To pack files:

tar cvjf file.tar.bz2 filedir1 filedir2 filedir2...

The flags: Same as above, but with j for for bzip2

You can also use bunzip2 file.tar.bz2 , will turn it into a tar.

For older versions of tar, try tar -xjvf or -xYvf or -xkvf to unpack.There's a few other options it could be, they couldn't decide which switch to use for bzip2 for a while.

How to untar an entire directory full or archives?

.tar:

for i in `ls *.tar`; do tar xvf $i; done

.tar.gz: for i in `ls *.tar.gz`; do tar xvfz $i; done

.tar.bz2: for i in `ls *.tar.bz2`; do tar xvfj $i; done





--------------------------------------------------------------------------------

What is group policy in active directory ? What are Group Policy objects (GPOs)?

Group Policy objects, other than the local Group Policy object, are virtual objects. The policy setting information of a GPO is actually stored in two locations: the Group Policy container and the Group Policy template.

The Group Policy container is an Active Directory container that stores GPO properties, including information on version, GPO status, and a list of components that have settings in the GPO.

The Group Policy template is a folder structure within the file system that stores Administrative Template-based policies, security settings, script files, and information regarding applications that are available for Group Policy Software Installation.
The Group Policy template is located in the system volume folder (Sysvol) in the \Policies subfolder for its domain.

Windows 2008

What are some of the new tools and features provided by Windows Server 2008?
Windows Server 2008 now provides a desktop environment similar to Microsoft Windows Vista and includes tools also found in Vista, such as the new backup snap-in and the BitLocker drive encryption feature. Windows Server 2008 also provides the new IIS7 web server and the Windows Deployment Service.
What are the different editions of Windows Server 2008?
The entry-level version of Windows Server 2008 is the Standard Edition. The Enterprise Edition provides a platform for large enterprisewide networks. The Datacenter Edition provides support for unlimited Hyper-V virtualization and advanced clustering services. The Web Edition is a scaled-down version of Windows Server 2008 intended for use as a dedicated web server. The Standard, Enterprise, and Datacenter Editions can be purchased with or without the Hyper-V virtualization technology.
What two hardware considerations should be an important part of the planning process for a Windows Server 2008 deployment?
Any server on which you will install Windows Server 2008 should have at least the minimum hardware requirement for running the network operating system. Server hardware should also be on the Windows Server 2008 Hardware Compatibility List to avoid the possibility of hardware and network operating system incompatibility.
What are the options for installing Windows Server 2008?
You can install Windows Server 2008 on a server not currently configured with NOS, or you can upgrade existing servers running Windows 2000 Server and Windows Server 2003.
How do you configure and manage a Windows Server 2008 core installation?
This stripped-down version of Windows Server 2008 is managed from the command line.
Which Control Panel tool enables you to automate the running of server utilities and other applications?
The Task Scheduler enables you to schedule the launching of tools such as Windows Backup and Disk Defragmenter.
What are some of the items that can be accessed via the System Properties dialog box?
You can access virtual memory settings and the Device Manager via the System Properties dialog box.
When a child domain is created in the domain tree, what type of trust relationship exists between the new child domain and the trees root domain?
Child domains and the root domain of a tree are assigned transitive trusts. This means that the root domain and child domain trust each other and allow resources in any domain in the tree to be accessed by users in any domain in the tree.
What is the primary function of domain controllers?
The primary function of domain controllers is to validate users to the network. However, domain controllers also provide the catalog of Active Directory objects to users on the network.
What are some of the other roles that a server running Windows Server 2008 could fill on the network?
A server running Windows Server 2008 can be configured as a domain controller, a file server, a print server, a web server, or an application server. Windows servers can also have roles and features that provide services such as DNS, DHCP, and Routing and Remote Access.
Which Windows Server 2008 tools make it easy to manage and configure a servers roles and features?
The Server Manager window enables you to view the roles and features installed on a server and also to quickly access the tools used to manage these various roles and features. The Server Manager can be used to add and remove roles and features as needed.
What Windows Server 2008 service is used to install client operating systems over the network?
Windows Deployment Services (WDS) enables you to install client and server operating systems over the network to any computer with a PXE-enabled network interface.
What domain services are necessary for you to deploy the Windows Deployment Services on your network?
Windows Deployment Services requires that a DHCP server and a DNS server be installed in the domain
How is WDS configured and managed on a server running Windows Server 2008?
The Windows Deployment Services snap-in enables you to configure the WDS server and add boot and install images to the server.
What is the difference between a basic and dynamic drive in the Windows Server 2008 environment?
A basic disk embraces the MS-DOS disk structure; a basic disk can be divided into partitions (simple volumes).
Dynamic disks consist of a single partition that can be divided into any number of volumes. Dynamic disks also support Windows Server 2008 RAID implementations.
What is RAID in Windows Server 2008?
RAID, or Redundant Array of Independent Disks, is a strategy for building fault tolerance into your file servers. RAID enables you to combine one or more volumes on separate drives so that they are accessed by a single drive letter. Windows Server 2008 enables you to configure RAID 0 (a striped set), RAID 1 (a mirror set), and RAID 5 (disk striping with parity).
What conceptual model helps provide an understanding of how network protocol stacks such as TCP/IP work?
The OSI model, consisting of the application, presentation, session, transport, network, data link, and physical layers, helps describe how data is sent and received on the network by protocol stacks.
What protocol stack is installed by default when you install Windows Server 2008 on a network server?
TCP/IP (v4 and v6) is the default protocol for Windows Server 2008. It is required for Active Directory implementations and provides for connectivity on heterogeneous networks.
How is a server running Windows Server 2008 configured as a domain controller, such as the domain controller for the root domain or a child domain?
Installing the Active Directory on a server running Windows Server 2008 provides you with the option of creating a root domain for a domain tree or of creating child domains in an existing tree. Installing Active Directory on the server makes the server a domain controller.
What are some of the tools used to manage Active Directory objects in a Windows Server 2008 domain?
When the Active Directory is installed on a server (making it a domain controller), a set of Active Directory snap-ins is provided. The Active Directory Users and Computers snap-in is used to manage Active Directory objects such as user accounts, computers, and groups. The Active Directory Domains and Trusts snap-in enables you to manage the trusts that are defined between domains. The Active Directory Sites and Services snap-in provides for the management of domain sites and subnets.
How are domain user accounts created and managed?
The Active Directory Users and Computers snap-in provides the tools necessary for creating user accounts and managing account properties. Properties for user accounts include settings related to logon hours, the computers to which a user can log on, and the settings related to the user’s password.
What type of Active Directory objects can be contained in a group?
A group can contain users, computers, contacts, and other nested groups.
What type of group is not available in a domain that is running at the mixed-mode functional level?
Universal groups are not available in a mixed-mode domain. The functional level must be raised to Windows 2003 or Windows 2008 to make these groups available.
What types of Active Directory objects can be contained in an Organizational Unit?
Organizational Units can hold users, groups, computers, contacts, and other OUs. The Organizational Unit provides you with a container directly below the domain level that enables you to refine the logical hierarchy of how your users and other resources are arranged in the Active Directory.
What are Active Directory sites in Windows Server 2008?
Active Directory sites are physical locations on the network’s physical topology. Each regional domain that you create is assigned to a site. Sites typically represent one or more IP subnets that are connected by IP routers. Because sites are separated from each other by a router, the domain controllers on each site periodically replicate the Active Directory to update the Global Catalog on each site segment.
Can servers running Windows Server 2008 provide services to clients when they are not part of a domain?
Servers running Windows Server 2008 can be configured to participate in a workgroup. The server can provide some services to the workgroup peers but does not provide the security and management tools provided to domain controllers.
What does the use of Group Policy provide you as a network administrator?
Group Policy provides a method of controlling user and computer configuration settings for Active Directory containers such as sites, domains, and OUs. GPOs are linked to a particular container, and then individual policies and administrative templates are enabled to control the environment for the users or computers within that particular container.
What tools are involved in managing and deploying Group Policy?
GPOs and their settings, links, and other information such as permissions can be viewed in the Group Policy Management snap-in.
How do you deal with Group Policy inheritance issues?
GPOs are inherited down through the Active Directory tree by default. You can block the inheritance of settings from upline GPOs (for a particular container such as an OU or a local computer) by selecting Block Inheritance for that particular object. If you want to enforce a higher-level GPO so that it overrides directly linked GPOs, you can use the Enforce command on the inherited (or upline) GPO.
How can you make sure that network clients have the most recent Windows updates installed and have other important security features such as the Windows Firewall enabled before they can gain full network access?
You can configure a Network Policy Server (a service available in the Network Policy and Access Services role). The Network Policy Server can be configured to compare desktop client settings with health validators to determine the level of network access afforded to the client.
What is the purpose of deploying local DNS servers?
A domain DNS server provides for the local mapping of fully qualified domain names to IP addresses. Because the DNS is a distributed database, the local DNS servers can provide record information to remote DNS servers to help resolve remote requests related to fully qualified domain names on your network.
In terms of DNS, what is a caching-only server?
A caching-only DNS server supplies information related to queries based on the data it contains in its DNS cache. Caching-only servers are often used as DNS forwarders. Because they are not configured with any zones, they do not generate network traffic related to zone transfers.
How the range of IP addresses is defined for a Windows Server 2008 DHCP server?
The IP addresses supplied by the DHCP server are held in a scope. A scope that contains more than one subnet of IP addresses is called a superscope. IP addresses in a scope that you do not want to lease can be included in an exclusion range.