The Standard, Enterprise, and Datacenter Editions can be purchased with or without the Hyper-V virtualization technology. System Administration Interview Questions. Any server on which you will install Windows Server should have at least the minimum hardware requirement for running the network operating system.
Server hardware should also be on the Windows Server Hardware Compatibility List to avoid the possibility of hardware and network operating system incompatibility. You can install Windows Server on a server not currently configured with NOS, or you can upgrade existing servers running Windows Server and Windows Server Exchange Server Interview Questions.
You can access virtual memory settings and the Device Manager via the System Properties dialog box. Child domains and the root domain of a tree are assigned transitive trusts. This means that the root domain and child domain trust each other and allow resources In any domain in the tree to be accessed by users in any domain in the tree.
The primary function of domain controllers is to validate users to the network. However, domain controllers also provide the catalog of Active Directory objects to users on the network. Active Directory Interview Questions. A server running Windows Server can be configured as a domain controller, a file server, a print server, a web server, or an application server.
The Server Manager window enables you to view the roles and features installed on a server and also to quickly access the tools used to manage these various roles and features. The Server Manager can be used to add and remove roles and features as needed. Windows Deployment Services WDS enables you to install client and server operating systems over the network to any computer with a PXE-enabled network interface.
The Windows Deployment Services snap-in enables you to configure the WDS server and add boot and install images to the server. A basic disk embraces the MS-DOS disk structure; a basic disk can be divided into partitions simple volumes. Dynamic disks consist of a single partition that can be divided into any number of volumes.
Windows Server Interview Questions. RAID enables you to combine one or more volumes on separate drives so that they are accessed by a single drive letter. The OSI model, consisting of the application, presentation, session, transport, network, data link, and physical layers, helps describe how data is sent and received on the network by protocol stacks.
It is required for Active Directory implementations and provides for connectivity on heterogeneous networks. Installing the Active Directory on a server running Windows Server provides you with the option of creating a root domain for a domain tree or of creating child domains in an existing tree. Installing Active Directory on the server makes the server a domain controller. When the Active Directory is installed on a server making it a domain controller , a set of Active Directory snap- ins is provided.
The Active Directory Users and Computers snap-in is used to manage Active Directory objects such as user accounts, computers, and groups. The Active Directory Domains and Trusts snap-in enables you to manage the trusts that are defined between domains.
The Active Directory Sites and Services snap-in provides for the management of domain sites and subnets. The Active Directory Users and Computers snap-in provides the tools necessary for creating user accounts and managing account properties. Universal groups are not available in a mixed-mode domain. The functional level must be raised to Windows or Windows to make these groups available.
Organizational Units can hold users, groups, computers, contacts, and other OUs. The Organizational Unit provides you with a container directly below the domain level that enables you to refine the logical hierarchy of how your users and other resources are arranged in the Active Directory. Hyper-V Interview Questions. Each regional domain that you create is assigned to a site.
Sites typically represent one or more IP subnets that are connected by IP routers. Because sites are separated from each other by a router, the domain controllers on each site periodically replicate the Active Directory to update the Global Catalog on each site segment.
Servers running Windows Server can be configured to participate in a workgroup. Only one million object can be created. Universal group membership is not present. Application directory partition is present. In Win server we can apply group policies. Between parent and child, there is no built in trust. It is called as non-transitive trust. Differences between windows server and RODC Read only domain controller introduced in it. RIS Remote installation service. WDS Window deployment services introduced in it.
Boot Sequence changed. Role based installation Services are known as role in it. Group policy option is separate in ADS.
Hyper-V introduced. IIS 7. Better Security. Enhance Terminal Services. Network Access Protection. Power Shell. Window Aero. Bit locker Drive Encryption. The group policy and active directory schemas have been altered to include Vista polices. Active Directory Recycle bin. Accidental object deletion causes business downtime. Deleted users cannot log on or access corporate resources.
Active Directory Administrative Center:- The Active Directory Administrative Center has a task-oriented administration model, with support for larger datasets. In the past, the lack of a task-oriented user interface UI could make certain activities, such as resetting user passwords, more difficult than they had to be. The Active Directory Administrative Center enumerates and organizes the activities that you perform when you manage a system.
Active Directory Best Practices Analyzer. It analyzes Active Directory settings that can cause unexpected behavior. It then makes Active Directory configuration recommendations in the context of your deployment. Virtualization Although it will not be available with the initial launch of Server , Microsoft's Hyper-V hypervisor-based virtualization technology promises to be a star attraction of Server for many organisations.
Although some 75 percent of large businesses have started using virtualization, only an estimated 10 percent of servers out are running virtual machines. This means the market is still immature. For Windows shops, virtualization using Server will be a relatively low-cost and low-risk way to dip a toe in the water. At the moment, Hyper-V lacks the virtualized infrastructure support virtualization market leader VMware can provide.
Roy Illsley, senior research analyst at U. Obviously it only works in a Wintel environment, but if you have Server and System Center, you have a pretty compelling proposition. At launch, Microsoft is unlikely to have a similar product to VMware's highly popular VMotion which enables administrators to move virtual machines from one physical server to another while they are running , but such a product is bound to available soon after. ServerCore Many server administrators, especially those used to working in a Linux environment, instinctively dislike having to install a large, feature-packed operating system to run a particular specialized server.
Server offers a Server Core installation, which provides the minimum installation required to carry out a specific server role, such as for a DHCP , DNS or print server. From a security standpoint, this is attractive. Fewer applications and services on the sever make for a smaller attack surface.
In theory, there should also be less maintenance and management with fewer patches to install, and the whole server could take up as little as 3Gb of disk space according to Microsoft. This comes at a price — there's no upgrade path back to a "normal" version of Server short of a reinstall. In fact there is no GUI at all — everything is done from the command line.
One new feature getting a lot of attention is the ability to delegate administration of servers and sites to site admins while restricting their privileges. Role-based installation Role-based installation is a less extreme version of Server Core.
Although it was included in , it is far more comprehensive in this version. The concept is that rather than configuring a full server install for a particular role by uninstalling unnecessary components and installing needed extras , you simply specify the role the server is to play, and Windows will install what's necessary — nothing more.
This makes it easy for anyone to provision a particular server without increasing the attack surface by including unwanted components that will not do anything except present a security risk. While corporate data centers are often physically secured, servers at branch offices rarely have the same physical security protecting them.
This makes them a convenient launch pad for attacks back to the main corporate servers. Thus, any mischief carried out at the branch office cannot propagate its way back to poison the Active Directory system as a whole. It also reduces traffic on WAN links. Enhancedterminalservices Terminal services has been beefed up in Server in a number of ways. TS RemoteApp enables remote users to access a centralized application rather than an entire desktop that appears to be running on the local computer's hard drive.
These apps can be accessed via a Web portal or directly by double-clicking on a correctly configured icon on the local machine. Local printing has also been made significantly easier. NetworkAccessProtection Microsoft's system for ensuring that clients connecting to Server are patched, running a firewall and in compliance with corporate security policies — and that those that are not can be remediated — is useful.
However, similar functionality has been and remains available from third parties. Bitlocker System drive encryption can be a sensible security measure for servers located in remote branch offices or anywhere where the physical security of the server is sub-optimal.
Bitlocker encryption protects data if the server is physically removed or booted from removable media into a different operating system that might otherwise give an intruder access to data which is protected in a Windows environment.
Again, similar functionality is available from third-party vendors. Windows PowerShell. Microsoft's new ish command line shell and scripting language has proved popular with some server administrators, especially those used to working in Linux environments. Although it might seem like a step backward in terms of user friendly operation, it's one of those features that once you've gotten used to it, you'll never want to give up. Better security. We've already mentioned various security features built into Server , such as the ability to reduce attack surfaces by running minimal installations, and specific features like BitLocker and NAP.
Numerous other little touches make Server more secure than its predecessors. An example is Address Space Load Randomization — a feature also present in Vista — which makes it more difficult for attackers to carry out buffer overflow attacks on a system by changing the location of various system services each time a system is run.
Since many attacks rely on the ability to call particular services by jumping to particular locations, address space randomization can make these attacks much less likely to succeed. It's clear that with Server Microsoft is treading the familiar path of adding features to the operating system that third parties have previously been providing as separate products. As far as the core server product is concerned, much is new. Just because some technologies have been available elsewhere doesn't mean they've actually been implemented.
Having them as part of the operating system can be very convenient, indeed. If you're running Server then, now is the time to start making plans to test Server — you're almost bound to find something you like. Whether you decide to implement it, and when, is up to you. Major Changes in windows server This is the number one cause of Active Directory recovery scenarios.
The Active Directory module for Windows PowerShell provides command-line scripting for administrative, configuration, and diagnostic tasks, with a consistent vocabulary and syntax. It provides predictable discovery and flexible output formatting. You can easily pipe cmdlets to build complex operations.
The Active Directory Administrative Center has a task-oriented administration model, with support for larger datasets. These activities may be maintenance tasks, such as backup; event-driven tasks, such as adding a user; or diagnostic tasks that you perform to correct system failures.
Authentication mechanism assurance makes it possible for applications to control resource access based on authentication strength and method. Administrators can map various properties, including authentication type and authentication strength, to an identity. Based on information that is obtained during authentication, these identities are added to Kerberos tickets for use by applications.
Offline domain join makes provisioning of computers easier in a datacenter. It provides the ability to preprovision computer accounts in the domain to prepare operating system images for mass deployment. Computers are joined to the domain when they first start. This reduces the steps and time necessary to deploy computers in a datacenter. At the Windows Server R2 domain functional level, this feature provides better management of service principal names SPNs.
Managed Service Accounts help lower total cost of ownership TCO by reducing service outages for manual password resets and related issues. You can run one Managed Service Account for each service that is running on a server, without any human intervention for password management.
It discovers and detects computer and software states, and it is aligned with the health state definitions. The new logic for bridgehead server selection allows for even distribution of workload among bridgehead servers.
AD DS helps administrators securely manage this information and facilitates resource sharing and collaboration between users. These policies were specified in the Default Domain Policy for the domain. As a result, organizations that wanted different password and account lockout settings for different sets of users had to either create a password filter or deploy multiple domains. Both options are costly for different reasons.
0コメント