Active Directory Interview Questions and Answers
Active Directory is a database, which is an advanced Microsoft version of X.500. It maintains the relationship between a variety of resources and enables them to work together. It provides a centralized repository for user's account information and directory authentication, permissions and authorization. The working of Active directory depends on two internet standards namely DNS and LDAP. Likewise, or the purpose of security, LDAP protocol uses Kerberos V5 for authentication. Here we have provided a collection of Active Directory Interview Questions.
Most Frequently Asked Active Directory Interview Questions
Active Directory is a database which is used for the storage of objects. Here, objects are human as well as physical resources. This database stores information in the form of a hierarchical tree structure. Information present in Active Directory can be queried by using the LDAP protocol.
The working of Active directory depends on two internet standards namely DNS and LDAP. It provides privacy mechanism (Authentication and Authorization) as well as a framework which provides deployment services.
LDAP and Kerberos are the default protocols used in directory devices. These are the directory access protocol, used to exchange directory information from the server to clients or from server to server.
KDC is a Kerberos key distribution center which provides temporary session keys to the intended users within an Active Directory domain. It operates on each controller domain as a part of Active Directory Domain Services (AD DS).
4. Kerberos is a network authentication control protocol which is designed to provide a strong security control mechanism to users by using secret-key cryptography.
Steps need to be performed in order to use Kerberos in Active directory.
- Enter the first name of the user
- Log in with the name
- Enter the password and confirm your password
- Verify require per authentication checkbox
SCM is a Security Control Mechanism, as it securely authenticates the user against any domain in Active directory. Additionally, it establishes users identity by performing LDAP search on active directory.
In the active directory, OU is an Organisational Unit which is a subset of Active Directory. In OU users can able to store users, groups and organizational units. In order to mirror the organizational function, OU is created.
Users can check OU in Active Directory by taking account of permission from the administrator. Likewise, users can also check the organizational structure by login into the Active Directory account.
Users can find CN in active Directory by performing the following steps –
- Open windows command prompt/control panel
- Run the query dsquery user – name
- CN will be displayed on the screen
Samaccountname is an attribute which is used to support clients and servers from the previous version of windows.
Advantages
- Centralized administration
- Single point access
- Fault tolerance and redundancy
- Multiple domain controllers are used
- Multi-master replication
- Simplified resource location
Disadvantages
- Recycle bin disable
- Lack of security control standards
- To easy to apply policies over each Active Directory components
- Ideal only for large networks