Section 5 - Chapter 13

Question 1

ADSI Edit

Answer 1

Query, view and edit directory objects and attributes

Question 2

DCDiag

Answer 2

diagnose AD DS directories and AD LDS instances

Question 3

DFSRadmin

Answer 3

Manage DFS-R

Question 4

DSACL

Answer 4

control access control lists on directory objects

Question 5

Dsamain

Answer 5

Mount AD store (.dit) backups or snapshots

New in 2008 r2

Question 6

DSdbutil

Answer 6

Maintenance AD DS store

Config AD LDS ports

View AD LDS instances

Question 7

dsmgmt

Answer 7

manage application partitions and operations master roles

Question 8

GPfixup

Answer 8

repair domain name dependencies in GPOs, relink GPOs after a domain rename operation

Question 9

Ksetup

Answer 9

Config client to use Kerberos v5 realm instead of AD DS domain

Question 10

ktpass

Answer 10

config a non Windows Kerberos service as a security principal in AD DS

Question 11

ldp

Answer 11

perform LDAP operations against the directory

Question 12

movetree

Answer 12

moves objects between domains in a forest

Question 13

nltest

Answer 13

query rep status or verify trust relationships

Question 14

nslookup

Answer 14

view info on name servers to diagnose DNS infrastructure problems

Question 15

Ultrasound

Answer 15

troubleshoot and diagnose reps between DCs that use FRS, relies on WMI

Question 16

W32tm

Answer 16

View settings, manage config, or diagnose problems with Windows Time

Question 17

Offline Maintenance 2008 r2

Answer 17

Can now start and stop AD DS service to perform maintenance, no longer need to shut down and restart the DC in DSRM

Can now script defragmentation and compaction operations

Question 18

AD Recycle Bin

Answer 18

2008 r2 Forest Functional Level

Enable-ADOptionalFeature -Identity ‘Cn=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT, CN=Services,CN=Configuration,DC=contoso,DC=com’ -scope ForestOrConfigurationSet -Target ‘contoso.com’

Question 19

Win PS Set Forest Functional Level

Answer 19

Set-ADForestMode -Identity DNSForestName -ForestMode Windows2008R2Forest

Question 20

Recovering AD Recycle Bin Objects

Answer 20

recoverable 180 days

ldp.exe, connect to server, bind current logged on user, Return Deleted Objects, cn=Deleted Objects,dc=contoso,dc=com, double click object

Edit entry value = isDeleted
DistinguishedName
Replace

make sure Extended check box is selected

Question 21

Recovering Objects pre 2008 r2

Answer 21

can use ldp - make sure to check synchronous and extended check boxes

Question 22

Win PS to Recover Objects

Answer 22

Get-AdOject and Restore-ADObject

Question 23

System State Data

Answer 23

AD DS Role on Server
Registry
COM+ Class Registration database
System Files under Windows Resource Protection
AD DS database
Sysvol directory

Other Roles
AD CS database
Cluster service info
IIS config files

Question 24

Critical Volumes

Answer 24

System volume
Boot volume
Volume hosting sysvol share
Volume hosting AD DS database
Volume hosting AD DS logs

Question 25

Restore Downed Server

Answer 25

Windows Recovery Environment (WinRE)

To install on DCs access to Windows Automated Installation Kit (WAIK) needed

Question 26

Restore Options

Answer 26

Full server, system state only, individual files or folders

Question 27

Backup Catalog File

Answer 27

Backups go to the same file, each time a new catalog file created, catalog file used to locate data for a particular backup

Question 28

Installation From Media

Answer 28

IFM - ntdsutil

Options:
Create Full destination
Create RODC destination
Create Sysvol Full destination
Create Sysvol RODC destination

Question 29

Windows Server Backup

Answer 29

In Admin Tools, launches Backup Once Wizard, chose options, choose destination

Question 30

wbadmin.exe

Answer 30

wbadmin start backup -allcritical -backuptarget:location -quiet

Question 31

Scheduling a backup

Windows Server Backup

Answer 31

Admin Tools, backup schedule, full server, specify backup time, specify destination type, select destination disk

Formats disk when backup done

Question 32

Scheduling a backup

wbadmin

Answer 32

wbadmin enable backup -addtarget:diskid -schedule:times -include:sourcedrives

Task in Microsoft\Windows\Backup of Task Scheduler

Target drive reformatted each time it runs

Question 33

Restore Modes

Answer 33

Restoring nonauthoritative data
Restoring authoritative data
Restoring complete DC from backup

Question 34

Restart to Restore

Answer 34

Restart and:
Run WinRE
In DSRM

Question 35

Launch DSRM

Answer 35

F8 during startup

Change boot
bcdedit /set safeboot dsrepair

When done
bdcedit /deletevalue safeboot

Question 36

Create snapshots

Answer 36

Creates a snapshot of the same volume as the database:

ntdsutil “activate instance ntds” snapshot create quit quit

Question 37

View Backup Data or Snapshot Contents

Answer 37

ntdsutil “activate instance NTDS” snapshot “list all” quit quit >snapshot.txt

Look into file:
notepad snapshot.txt

Locate and copy GUID needed

Mount Snapshot:
ntdsutil, activate instance ntds, snapshot, mount GUID, quit, quit

Load the snapshot as LDAP server
dsmain -dbpath c:$SNAP_datetime_VolumeC$\windows\ntds\ntds.dit -ldapport portnumber

Use all caps for -dbpath value and any number beyond 40,000 for port

Use ldp or AD U&C to access instance

Question 38

Unmount snapshot

Answer 38

ntdsutil, activate instance ntds, snapshot, unmount GUID, quit, quit

Question 39

wbadmin restore - non authoritative

Answer 39

Start in DSRM

wbadmin get versions -backuptarget:drive -machine:servername

wbadmin start systemstaterecovery -version:datetime -backuptarget:drive -machine:servername -quiet

Restart in normal operating mode

Question 40

Authoritative restore

Answer 40

Perform non authoritative restore

Do not let rep

Stop AD DS service

ntdsutil, activate instance ntds, authoritative restore, restore object database, quit, quit

Restart AD DS service

Question 41

To restore only a portion of the directory

Answer 41

subcommand ntdsutil

restore subtree ou=name,dc=dcname,dc=dcname

Question 42

Full Server Recover

Answer 42

2008 r2 installation DVD
Repair Your Computer Link
System Recovery Options - clear any OS
Choose a Recovery Tool - System Image Recovery
Select A System Image
Select the lcoation of the Backup
Select date and time of image to restore
Choose Additional Restore Options, Format and Repartition Disks
Exclude Disks
Finish

Question 43

Command Line Full Server Recovery

Answer 43

2008 r2 installation DVD

wbadmin start sysrecovery -version:datetime -backuptarget:drive -machine:servername -quiet

Restart server

Question 44

Compact ntds.dit

Answer 44

Stop AD DS service
ntdsutil
activate instance ntds
files
compact to drive:\temp
quit
quit

copy files to c:\windows\ntds\ntds.dit (first move old one to new location in case needed again)

del c:\windows\ntds*.log

Restart AD DS service

Verify integrity

Question 45

Moving ntds.dit

Answer 45

Stop AD DS service

ntdsutil
activate instance ntds
files
info - look where they are now - optional
move db to location
move logs to location

Restart AD DS

Question 46

Task Manager

Answer 46

Real time system status shows running: applications, processes and services, performance, networking and currently logged on users

Question 47

Resource Manager

Answer 47

Graphs - single view, expandable components

CPU
Disk
Memory
Network Usage

Question 48

Event Viewer

Answer 48

Apps, security, set up, system and forwarded events logs

Question 49

Server Manager Logs

Answer 49

Provides custom log views that percolate all events related to a specific server role

Question 50

Event logs

Answer 50

Shows info, warnings, and errors

Question 51

Windows Reliability Monitor

Answer 51

tracks changes make to system

Question 52

Performance Monitor

Answer 52

tracks performance data, logs and alerts

Create system counters

Server Performance Advisor and System Monitor

Create re-usable data collector sets

Question 53

Windows Reliability and Performance Monitor (WRPM)

Answer 53

Performance Monitor
Reliability Monitor
Data Collector Sets
Reports

Question 54

Performance Log Users

Answer 54

new builtin group 2008 r2

Must have log on as a batch job user right

Question 55

Data Collector Sets

AD Diagnostics

Answer 55

AD

Registry Keys

Performance Counters

Trace Events

Question 56

Data Collector Sets

LAN Diagnostics

Answer 56

System Performance

NIC

System Hardware

Registry Keys

Question 57

Data Collector Sets

System Performance

Answer 57

Local DC

Hardware Resources

System Response Time

Processes

Question 58

Server Performance Advisor

Answer 58

2003 tool

No longer in 2008 r2

Rolled into WRPM

Question 59

Windows System Resource Manager (WSRM)

Answer 59

Added as a Features but is under Diagnostics in Service Manager

Profiles apps to identify resources used

Manage Mode - uses allocation policies to control how many resources application can use on server

Question 60

WSRM Setup

Answer 60

Define policies for resources

Calendar rules apply policies

Collect usage in local .txt or store on SQL db

Question 61

WSRM allocations

Answer 61

Processes

Users

IIS applications pools

Question 62

Network Manager

Answer 62

captures packets for analysis

Question 63

Forwarded Events

Answer 63

Vista or 2008

Can forward to a single collector computer

Start Windows Event Collector on collecting computer

Question 64

Forwarded Events - Forwarder Config

Answer 64

Start Windows Event Collector Service
winrm -quickconfig (sets up firewall and existing ports)

Event Log Reader Group - make collecting computer a member

On Subscriptions - create subscription

Select File Location

Select Collector Computer

(TEST)

Pick types of events

http or https can be used

Question 65

wecutil

Answer 65

Windows Event Collector Service

Question 66

Server Performance Advisor

Answer 66

No more - use Reliability Performance

Question 67

replmon

Answer 67

GUI replication manager