Important Active Directory Interview Questions and Answer PDF

Most Asked Active Directory Interview Questions | Active Directory Interview Questions with Answers 

Active Directory Interview Questions: Active Directory (AD) is a database and set of services that connect users with the network resources they need to get their work done. Active Directory uses a structured data store as the basis for a logical, hierarchical organization of directory information. In this page we have upload 30 Important Active Directory Interview Questions & Answers. Those who long time to search for this Active Directory Interview Questions are advised to use this page. We have given the most Asked Active Directory Interview questions with answer PDF for candidates convenient. You may practice these Active Directory Interview questions regularly. Candidates easily crack any interview/various competitive examination.

Important Links

Click here for Calendar Reasoning Questions
Click here for Data Structure MCQ Questions

Frequently Asked Active Directory Interview Questions 2022

1.  What is LSDOU?

  • LSDOU is a group policy inheritance model where the policies are applied to Local machines, Sites, Domains, and Organizational Units.

2. What is ARP? What do you understand by ARP Cache Poisoning?

  • ARP stands for Address Resolution Protocol.
  • It is a protocol used for mapping an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network.
  • ARP provides the protocol rules for making this correlation and providing address conversion in both directions.

3. What is Active Directory Schema?

  • Active Directory Schema is the blueprint of an Active Directory Network.
  • All the objects created in an Active Directory Network reference the Active Directory Schema for its object type.

4. What is a domain?

  • A domain is a set of network resources for a group of users.
  • The users need only to log in to the domain to access the resources, which may be located on different servers in the network.
  • The ‘domain’ specifies a system address that may provide you a lot of information.

5. What are the different components of Active Directory Schema?

  • Objects: Objects are the entities that Active Directory uses to store information about the resources in its network. The computer object will also store some information about the computer such as operating system, running status, etc.
  • Classes: In an Active Directory Schema, attributes are grouped and categorized into object classes.
  • Attributes: Attributes are the entities that are used to store information about the objects in the Active Directory environment.

6. What do you understand by Kerberos?

  • The Kerberos is a verification protocol used for the network.
  • It is built to provide secure verification for client applications by using secret-key cryptography.

7. What are the newly added features in Active Directory (AD) of Windows Server 2012?

  • dcpromo (Domain Controller Promoter) with the improved wizard
  • Enhanced Administrative Center
  • Recycle bin goes GUI
  • Fine-grained password policies
  • Windows Power Shell History Viewer

8. What is the difference between enterprise admin group and domain admin group in AD?

Enterprise Admin Group Domain Admin Group
The members of the Enterprise Admin Group have complete control of all domains in the forest The members of the Domain Admin Group have complete control of the domain
By default, the Enterprise Admin Group belongs to the Administrators group on all domain controllers in the forest By default, the Domain Admin Group is a member of the Administrators group on all domain controllers, workstations, and member servers when linked to the domain.

9. What system state data contains?

  • Registration Database
  • Memory page file
  • AD information
  • SYSVOL Folder
  • Registry
  • Startup files
  • System files
  • Cluster service information & more.

10. What do you understand by Tombstone lifetime?

  • The Tombstone lifetime is used to determine how long a deleted object is retained in Active Directory.
  • The deleted objects in Active Directory are stored in a special object called TOMBSTONE.

11. What do you understand by the term Active Directory?

  • The term active directory specifies an index structure or MetaData used in Microsoft Windows-based servers and computers to stock up data and information about domains and networks.
  • Active Directory is like a database that stores data such as user information, computer information, and other network object information.

12. What do you understand by RID Master?

  • RID master stands for Relative Identifier Master.
  • It is used to assign unique IDs to the object created in Active Directory.

13. What do you understand by a child DC or CDC?

  • CDC or child DC stands for Child Domain Controller.
  • It is a subdomain controller under the root domain controller, which is used to share a namespace.

14. What are the main components of Active Directory?

  • Physical Structures: It contains the Domain controller and Sites.
  • Logical Structure: It contains the Trees, Forest, Domains, and OU.

15. What is the difference between domain local, global and universal groups?

  • Domain local groups have a scope that extends to the local domain and are used to assign permissions to local resources.
  • The difference between domain local and global groups is that user accounts, global groups, and universal groups from any domain can be added to a domain local group.

16. What is the full form of SID?

  • SID stands for Security Identifier.

17. What is the full form of APIPA? Why is it used?

  • APIPA stands for Automatic Private IP Addressing.
  • It is a prominent feature of Windows 98, 98 SE, Me, and 2000. It is used to automatically assign an Internet Protocol address to a computer on which it is installed.

18. Can a user create a new universal user group?

  • The universal groups are allowed only in native-mode Windows Server 2003 environments.
  • It requires promoting all domain controllers to Windows Server 2003 Active Directory to create a new universal user group.

19.  What do you understand by organizational units?

  • Organizational Unit is a design factor that impacts policy, security, competence, and the charge of administration.
  • Organizational Units are a kind of LDAP pot that can reflect as a sub-domain element with comparable properties to domains

20. What do you understand by Infrastructure Master?

  • The role of the Infrastructure Master is to update references from objects in the local domain to objects in other domains.
  • There can be only one Infrastructure Master DC in each domain.
  • In other words, we can say that the Infrastructure Master is accountable for updating information about the user and group and global catalog.

21. What is the Sysvol folder? Why is it used?

  • The Sysvol folder is used to store the server’s copy of the domain’s public files and deliver the policy and logon scripts to domain members.
  • It replicates all the group policies from one domain to other domain controllers in a particular domain.

22. What is Active Directory Schema?

  • Active Directory Schema is the blueprint of an Active Directory Network. All the objects created in an Active Directory Network reference the Active Directory Schema for its object type.

23. What is the default protocol used in directory services?

  • The non-payment default protocol used in directory services is LDAP. Here, LDAP stands for Lightweight Directory Access Protocol.

24. What is the purpose of replication in Active Directory?

  • The main purpose of replication is to share the data stored within the index throughout the organization for amplified availability, performance, and data defense.

25. What do you understand by domain trees and forests?

  • Domain trees and forests both are two important concepts of Active Directory.
  • A domain tree is a collection of one or more domains that share a common namespace.
  • A forest is a collection of one or more domain trees.
  • The domains in the domain tree and the domain tree could be part of the same forest.

26. What are the different ports used by Active Directory?

  • SMB over IP (Microsoft-DS): port 445 TCP, UDP
  • LDAP: port 389 TCP, UDP
  • LDAP over SSL: port 636 TCP
  • Global catalog LDAP: port 3268 TCP
  • Global catalog LDAP over SSL: port 3269 TCP
  • Kerberos: port 88 TCP, UDP
  • DNS: port 53 TCP, UDP
  • WINS resolution: port 1512 TCP, UDP
  • WINS replication: 42 TCP, UDP

27. What do you understand by the term “Forest” in AD?

  • The term forest describes an assembly of AD domains that split a separate schema for the AD.
  • All DC’s in the forest share this schema and are replicated in a hierarchical way among them.

28. Which program is used to manage trust relationships from the command prompt?

  • The Netdom.exe is a program or a command-line application within Active Directory which administrators use to manage the Active Directory.
  • This application facilitates administrators to manage trust relationships within Active Directory from the command prompt.
  • It also allows administrators to join computers to domains for batch management of trusts and verify trusts and secure Active Directory channels.

29. What are the best tools that you would like to use to edit AD?

  • It is a Microsoft Management Console snap-in with a graphical user interface that facilitates administrators to do simple tasks such as adding, editing, and deleting objects with a directory service.
  • The Adsiedit.msc tool uses Application Programming Interfaces to access the Active Directory.

30. What is the use of Active Directory Recycle Bin?

  • The Active Directory Recycle bin is a characteristic of Windows Server 2008 AD.
  • It is used to re-establish by chance deleted Active Directory objects without using a backed-up AD database, rebooting area controller.

Candidate to get lots of general knowledge questions and answers may refer our dailyrecruitment website regularly.