AD 70-640 Flashcards Preview

SYSTEM ADMIN > AD 70-640 > Flashcards

Flashcards in AD 70-640 Deck (78)
Loading flashcards...

What is Schema?

Defines all attributes for all objects in AD

Is what gives the ability to create object:
Examples: tables, the fields in each table, and the relationships between fields and tables.


What file is the core of Active Directory?



What are the Advantages of Active Directory?

Centralized - makes all activities under one authority

Scale-able - allows you to make a lot of objects

Extensible - allows you to add fields to the schema
Examples:pictures, Social #, ETC


Secure- **Cuborose Tickets** traffic is automatically encrypted

DNS Intergration -

Replication- Create users accounts can get replicated to another server convergence

GPO- items it can use to control every aspect what each user can see and do.


What is Convergence?

convergence is when active directory agrees with itself in all of its different locations.


What is a Domain?

A group of computers and devices on a network


What is a Forest?

A collection of one or more AD domains that share a common logical structure, directory schema, directory configuration, and Global catalog


How do you open the Initial Configuration Task after you check do not show?



What is DCPROMO?

starts the AD DS install wizard


What is dynamically assigned IP address?

It automatically assigns an IP address that changes on its own.


What is a static IP address?

Manually assigned IP address that will only changes when manually changed by a admin.


How do you change your IP address from Dynamic to Static?

Network and sharing - Manage network connections - Local area connection - Properties


What is a subnet mask?

it determines if the information is on your network or on another. If the information is located on another network the request will be forwarded to the Default gateway.


What is a common preferred DNS server address? because it is a loop back address.


How do you preform an unattended installation?

dcpromo /unattend:location\myanswerfile.txt


How to tell the version of windows you are on?

WinVer in the command prompt


How to determine the version of the schema?

regedit- hkeylocal system- currentcontrolset- services - NTDS - Prameters


How to add a Child Domain?

Run DCPromo and create new domain in existing forest


How to update the schema?

put dvd in drive
run cmd
adprep /forest prep
once complete run adprep /domain prep /gpprep


How are RODC updated?

Updates are replicated to the RODC from a Read Write Domain Controller


How does Credential Caching work?

RODC verifies credentials instead of forwarding the request.

Admins are denied Caching credentials by default


What can a admin on a RODC do?

Install updates and drivers


How many RODC and be on one domain?

One RODC per domain per site


What happens if you want a RODC in a site that contains outlook users?

You will have to make the RODC a GC


How do you install a RODC?

DCPROMO w/Advance (Full)

For Server Core you have to have a answer file


What are the 5 operations maters roles?

Forest Operations:
the schema master
domain naming master
Infrastructure -
relative identifier (RID) master,
primary domain controller (PDC) emulator
infrastructure master.


How to access the schema?

1. You have to register the schema, regsvr32 schmmgmt.dll mmc console
3.add/remove snap in
4. add the schema


What is the primary domain controller (PDC) emulator?

The final Authority for password changes, responsible for master time source, domain master browser,


What is the Domain Naming Master?

checks to make sure that the name space is not in use.


What is Domain Master Browser?



What is the Master Time Source?



What is the Schema Master role?

Is what gives the options for active directory. Provided the field (Text Box )


What does command dcdiag?

tells you about the domain and what roles it haves. Can be used to diagnosed issues.


What does command dcdiag /test:ridmanager /v do?

it provided information about the RID


What is a stand by master?

Stand by master is used when a server goes down. you can transfer the servers roles to the stand by master
( A back up server )


Why should the Domain Naming Master Role and Global Catalog be installed on the same server?

The domain naming master role refers to the GC to see if the name space already exist.


What does the Infrastructure Master Role do?

Check the cross domain references to verify their group membership . Refers to the GC for verification.


Where are the Domain Operation Roles?

Server manager - active directory user and computers - right click on domain - operations masters


Where do you find the Forrest Operations Roles?

Domain Naming Master Role can be found in Open Active Directory Domains and Trust - right click on Directory Domains and Trust - Operations masters roles

Schema master role can be found in console - right click on active directory schema - operations master role


How to transfer the Schema Master Role?

have to be a schema admin - console - right click on change active directory domain controller - select the new server. - once connected you right click on right click on active directory schema - operations master role - then select the word change


How do you see what Domains are running what Operation master roles?

in cmd run netdom query fsmo


How to rename a domain controller?

start - right click on computer - properties - change settings - select the change button


How to raise the domain functional level.

rick click on the domain inside of server manager - select raise domain functional level ,


How do you determine the highest Functional Level For a Forrest?

The highest level is based upon the lowest level Domain Controller


What is Linked Value Replication?

It picks out the new objects inside of the security group and replicates only the new objects instated of replicating all the memberships in that group


How to raise the Function Level for Forest?

Active Directory Domains and Trust - right click on active directory domains and trust - raise forest functional level


How to make a user account?

Go to the users folder - right click - select user -


What trick should you use for creating Template accounts?

create it with a _ in front of the name to make it appear at the top and disable the user account


How to change the hours someone can login?

click the account - go to account settings tab - select logon hours


How to make a new user from a template account?

right click on the template account - select copy - fill in the persons information.


What is DSADD?

is the primary tool you can use to add new accounts


What is DSRM?

Allows you to remove ou and all of the content in it.


What is DSmove?

Allows you to move and rename groups


What is LDIFDE?

Used to improt and export from a plane text file


What is CSDE?

Used to work with CSV files to automatically import & export accounts.


How do you get assistance with powershell cmdlets?

get-help (then the task you want to preform) get-service


What are variables in PowerShell?

Its an abbreviation that reduces the amount of typing and they start with $
These changes are only temporary

example: $wmi=Get-WmiObject Win32_Service - computername dci

will run complete cmdlet in full when you now type $wmi


What is PowerShell?

is a command line that uses Verb-Noun Syntax (CMDLET) example Get-Service
It is backwards compatible with cmd commands


What is a Alias in PowerShell?

a shortened cmdlet
These changes are only temporary

example: get-ChildItem
Alias: Dir


How do you make a Alias in PowerShell?

new-alias np (desired abbreviation) notepad (name of task)


How do you assign or limit someone to the computers they can access.

Right click on the account - account tab - select logon - and you can assign the computer the user can access.


How do you make an account profile?

account preferences - profile - \\servername\profiles\%username%


How do you access GPO passwords settings?

server manager - features - Group policy management - forest - domain - right click on default domain policy edit -

computer configurations - security settings - account policy


How to access the Audit account login settings?

server manager - features - Group policy management - forest - domain - right click on default domain policy edit -

computer configurations -windows settings - security settings - local policies


How to enable or disable an account?

Right click on the account and select disable / enable


How to rename an account?

Right click on the account and select rename


What are the 3 group scope?

Domain Local, Global, Universal


What kind of memberships can be added to a Domain local group?

Can accept any membership ( Global , Universal ) but cant accept other Domain Local groups form another domain's local group

User account from any domain in forest
 Global or universal from any domain in forest
 User accounts, global or universal groups from a
trusted forest domain
 Other domain local groups from the same domain

Recourse access


What kind of memberships can be added to a Global group?

User account in same domain
Other global groups from same domain

for users of common type. example Department users


What is a Tree?

A collection of domains that share a common DNS namespace ( Patent ( child (


What is a Domain?

The core administrative unit of AD DS ( Address


What is a Orgnizational Unit? (OU)

Containers in AD DS which provide a framework for administrator and Group Policy Links.


What is a Site?

A collection of AD objects defined by their physical location


What is a Partition?

Logical section of actual AD DS Database.


What is a Domain Controller?

Contain copiesof the ad ds database


What is a data store?

The file on each domain controller that stores the AD DS information


What is Global Catalog servers

Domain Controllers which host global catalog which is partial read only copy of all the objects in the forrest


Read-Only Domain Controllers ?

Contain a special read only copy of the AD DS Database


What is Forest and Domain function level?

It is configured based on the older OS you will be supporting.