Вы находитесь на странице: 1из 23


Basic IT Questions Questions related to DHCP? Q. What is DHCP? A. DHCP stands for "Dynamic Host Configuration Protocol". DHCP (Dynamic Host Configuration Protocol) is a communications protocol that lets network administrators centrally manage and automate the assignment of Internet Protocol (IP) addresses in an organization's network. DHCP, the Dynamic Host Configuration Protocol, describes the means by which a system can connect to a network and obtain the necessary information for communication upon that network. Q. How DHCP Works? A. DHCP uses a client-server model. The network administrator establishes one or more DHCP servers that maintain TCP/IP configuration information and provide it to clients. The server database includes the following: Valid configuration parameters for all clients on the network. Valid IP addresses maintained in a pool for assignment to clients, plus reserved addresses for manual assignment. Duration of a lease offered by the server. The lease defines the length of time for which the assigned IP address can be used.

With a DHCP server installed and configured on your network, DHCP-enabled clients can obtain their IP address and related configuration parameters dynamically each time they start and join your network. DHCP servers provide this configuration in the form of an address-lease offer to requesting clients. A. The DHCP client broadcasts a packet called a DHCPDISCOVER message that contains, at a minimum, a transaction identifier and the client's DHCP identifier, which is normally the client's physical network address. The client sends the broadcast using the address, which is a special address called the limited broadcast address [33]. The client waits for a response from the server. If a response is not received within a specified time interval, the client retransmits the request. DHCP uses UDP as a transport protocol and, unlike RARP, does not require any special Network Access Layer protocols. [33]This address is useful because, unlike the normal broadcast address, it doesn't require the system to know the address of the network it is on. The server responds to the client's message with a DHCPOFFER packet. DHCP uses two different well-known port numbers. UDP port number 67 is used for the server, and UDP port number 68 is used for the client. This is very unusual. Most software uses a well-known port on the server side and a randomly generated port on the client side. (How and why random source port numbers are used is described in Chapter 1.) The random port number ensures that each pair of source/destination ports identifies a unique path for exchanging information. A DHCP client, however, is still in the process of booting. It probably does not know its IP address. Even if the client generates a source port for the DHCPDISCOVER packet, a server response that is addressed to that port and the client's IP address won't be read by a client that doesn't recognize the address. Therefore, DHCP sends the response to a specific port on all hosts. A broadcast sent to UDP port 68 is read by all hosts, even by a system that doesn't know its specific address. The system then determines if it is the intended recipient by checking the transaction identifier and the physical network address embedded in the response.

The server fills in the DHCPOFFER packet with the configuration data it has for the client. A DHCP server can provide every TCP/IP configuration value a client needs, provided the server is properly configured. As the name implies, the DHCPOFFER packet is an offer of configuration data. That offer has a limited lifetime -- typically 120 seconds. The client must respond to the offer before the lifetime expires. This is done because more than one server may hear the DHCPDISCOVER packet from the client and respond with a DHCPOFFER. If the servers did not require a response from the client, multiple servers might commit resources to a single client, thus wasting resources that could be used by other clients. If a client receives multiple DHCPOFFER packets, it responds to only one and ignores the others. The client responds to the DHCPOFFER with a DHCPREQUEST message. The DHCPREQUEST message asks the server to assign the client the configuration information that was offered. The server checks the information in the DHCPREQUEST to make sure that the client got everything right and that all of the offered data is still available. If everything is correct, the server sends the client a DHCPACK message letting the client know that it is now configured to use all of the information from the original DHCPOFFER packet. Figure 3-5 shows the normal packet flow when DHCP is used to configure a client.

Figure 3-5. DHCP client/server protocol Q. At what layer of OSI it functions? A. DHCP works at Data link Layer. (Layer 2) Q. What are the basic requirements (Hardware/Software) to implement the Windows DHCP server? Q. What is DORA? A. Finally, the chosen DHCP server sends the lease information (the IP address, potentially a subnet mask, DNS server, WINS server, WINS node type, domain name, and default gateway) to the workstation in a message called the DHCP ACK (data communications jargon for acknowledge). You can remember the four parts of a DHCP message by the mnemonic DORA - Discover, Offer, Request, and ACK. Q. What is the default Lease Period in DHCP Client/Server communication? A. The default lease is 8 days, after which a computer has to renew their use of the address they've been leased by your DHCP server. There are certain situations however when you might want to lengthen this lease period to several weeks or months or even longer. These situations include (a) when you have a stable network where computers neither join or are removed or relocated; (b) when you have a large pool of available IP addresses to lease from; or (c) when your network is almost saturated with

very little available bandwidth and you want to reduce DHCP traffic to increase available bandwidth (not by much, but sometimes every little bit helps). Q. How does DHCP lease works? A. The first time a DHCP-enabled client starts and attempts to join the network; it automatically follows an initialization process to obtain a lease from a DHCP server. Figure 4.2 shows the lease process.

Figure 4.2 DHCP Lease Process 1. The DHCP client requests an IP address by broadcasting a DHCP Discover message to the local subnet. 2. The client is offered an address when a DHCP server responds with a DHCP Offer message containing IP address and configuration information for lease to the client. If no DHCP server responds to the client request, the client can proceed in two ways: If it is a Windows 2000based client, and IP auto-configuration has not been disabled, the client self-configures an IP address for its interface. If the client is not a Windows 2000based client, or IP auto-configuration has been disabled, the client network initialization fails. The client continues to resend DHCP Discover messages in the background (four times, every 5 minutes) until it receives a DHCP Offer message from a DHCP server. 3. The client indicates acceptance of the offer by selecting the offered address and replying to the server with a DHCP Request message. 4. The client is assigned the address and the DHCP server sends a DHC Pack message, approving the lease. Other DHCP option information might be included in the message. 5. Once the client receives acknowledgment, it configures its TCP/IP properties using any DHCP option information in the reply, and joins the network. In rare cases, a DHCP server might return a negative acknowledgment to the client. This can happen if a client requests an invalid or duplicate address. If a client receives a negative acknowledgment (DHCP Nack), the client must begin the entire lease process again. Q. How can you backup configuration file of DHCP server? A. DHCP database backs itself up automatically every 60 minutes to the %SystemRoot %\System32\Dhcp\Backup\Jet directory. This interval can be changed: 1. Start the registry editor 2. Move to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DHCPServer\Parameters\Back upInterval 3. Double click on Backup Interval and set to the number of minutes you want the backup to be performed. Click OK

4. Close the registry editor 5. Stop and restart the DHCP server service (Start - Settings - Control Panel - Services - DHCP Server - Start and Stop) You could backup the %SystemRoot%\System32\Dhcp\Backup\Jet directory if you wish. Q. Had you maintained/created any technical reference documentation on DHCP Server/Client? A. Yes. Q. What is TCP/IP port no. used for DHCP service? A. DHCP uses the same two IANA assigned ports as BOOTP: 67/udp for the server side, and 68/udp for the client side. Q. What is format of DHCP database? Dhcp.mdb Q. What is VLAN? Short for virtual LAN, a network of computers that behave as if they are connected to the same wire even though they may actually be physically located on different segments of a LAN. VLANs are configured through software rather than hardware, which make them extremely flexible. One of the biggest advantages of VLANs is that when a computer is physically moved to another location, it can stay on the same VLAN without any hardware reconfiguration. Q. How can we use VLAN concept in DHCP? Q. What is DHCP relay Agent? A relay agent software (compliant with RFC 1542) assists in forwarding the DHCP packets between subnets in a routed internal network. Usually, this component runs on the routers. Q. How does DHCP relay agent work? A. A DHCP relay agent is an agent program or component responsible for relaying DHCP & BOOTP (Bootstrap Protocol) broadcast messages between a DHCP server and a client across an IP router. A DHCP relay agent supports DHCP/BOOTP message relay as defined in RFC (Request for Comment) 1541 & 2131. The DHCP relay agent service is managed using Routing & Remote Service. Q. What is Super scope? A. A range of IP addresses that span several subnets. The DHCP server can assign these addresses to clients that are on several subnets. Q. What is Multi-Scope? Configuring more than one scope in single DHCP i.e. called the Multi-scope DHCP. Q. What is a DHCP lease? A. A DHCP lease is the amount of time that the DHCP server grants to the DHCP client permission to use a particular IP address. A typical server allows its administrator to set the lease time.

Questions related to WSUS? Q. What is WSUS? A. It is Microsoft Software Update Server, and it is designed to automate the process of distributing Windows operating system patches. It works by controlling the Automatic Updates applet already present on all Windows machines. Instead of many machines at UVA all going to Microsoft's website to download updates, the SUS server downloads all updates to an ITC-owned server and workstations then look there for updates. Q. What is the Minimum Free Disk Space required? A. Minimum of 6 GB free disk space is recommended to store the WSUS content. Q. How WSUS Works? A. WSUS is an update component of Windows Server and offers an effective and quick way to help keep systems up-to-date. WSUS provides a management infrastructure consisting of the following: Microsoft Update: The Microsoft Web site to which WSUS components connect for updates of Microsoft products. Windows Server Update Services server: The server component that is installed on a computer running a Microsoft Windows 2000 Server with Service Pack 4 (SP4) or Windows Server 2003 operating system inside the corporate firewall. WSUS server provides the features that administrators need to manage and distribute updates through a Web-based tool, which can be accessed from Internet Explorer on any Windows computer in the corporate network. In addition, a WSUS server can be the update source for other WSUS servers. Automatic Updates: The client computer component built into Microsoft Windows Server 2003, Windows XP, and Windows 2000 with SP3 operating systems. Automatic Updates enables both server and client computers to receive updates from Microsoft Update or from a server running WSUS. Q. What are the basic requirements (Hardware/Software) to implement the Windows SUS server? A. Server Hardware Requirements: WSUS requires a single server for basic operation, although you can scale your WSUS implementation to larger numbers of servers if you wish. For a basic implementation of up to 500 users, hardware requirements, per Microsoft, are: 1GHz CPU 1GB RAM

You also need a network card, and around free disk space (described below) Server Software Requirements: You need the following software components: A supported Windows Server operating system - Windows Server 2003 is the preferred OS, but Windows 2000 is also supported. WSUS is supported on all editions of Windows Server 2003, but there are some restrictions of you use the Web Edition (See [WUS Restrictions With2k3 Web]. IIS - WUS is operated via IIS, so your WUS Server needs to have IIS loaded. You need at least IIS 5.0. .NET Framework 1.1 SP1 - get this 7.982MB download from the Microsoft download site. The .NET Framework 1.1 SP1 is delivered as a hot fix installation file (see KB article KB867460 for

details). This expands to 55.6 MB (58,335,654 bytes) on disk prior to installation. The installation of this hot fix also stops IIS, and requires a reboot. Background Intelligent Transfer Service 2.0 (BITS 2.0 English.zip) - this is a new version of BITS, at present only available to beta testers, or those on the OEP. This is a 1.34MB download. WSUS Setup (WSUSSetup.exe) - Like BITS V2, this is available only to beta testers or members of the OEP at present. This is download is over 100mb. SQL Database server. For Windows Server 2003 MSDE is installed during setup. For Windows 2000 it is not and MSDE or SQL server must be installed prior WUS setup. Server Disk Space Requirements: WUS Server disk space requirements fall into three categories: the WUS service, WUS updates and the WUS data base. Microsoft recommends that you have at least 6GB free disk space to store WUS content. At present, typical usage is around 1-2GB/language, although this does depend on what updates you specify and is likely to grow over time. The WSUS service installs (by default) into C:\Program Files\Update Services\. This folder takes up 365MB (371MB on disk) after the initial installation. The WSUS Database is managed by MDSE, and is installed by default into C:\WSUS\MSSQL$WSUS. This folder takes up 216 MB after the initial install, synchronize and with only 2 clients. The size of the DB grows as you add more computers, and as you manage more updates. Q. What is TCP/IP port no. used for Windows SUS services? A. WSUS uses 8530 port. Q. How can you differentiate Windows 2000 WSUS & Windows 2003 WSUS? Q. What is essential application used for WSUS database report? A. WSUS database stores update information, event information about update actions on client computers, and WSUS server settings. Administrators have the following options for the WSUS database: 1. The Microsoft SQL Server 2000 Desktop Engine (Windows) (WMSDE) database that WSUS can install during setup on Windows Server 2003 2. An existing Microsoft SQL Server 2000 database 3. An existing Microsoft Data Engine 2000 (MSDE) with Service Pack 3 (SP3) or Later. Q. What are essential settings required at the end of WSUS client? Questions related to DNS? Q. What is DNS? A. Domain Name System or Service (DNS) is a process that maps hostnames (how humans address servers) to IP addresses (how computers address servers). When you visited www.dyndns.org, your computer resolved that hostname as This translation happens every time you access a website, FTP server, or your e-mail. Q. How DNS Works? A. DNS organizes hostnames in a domain hierarchy and distributed database containing various types of data such as host name and domain names. The names in a DNS database form a hierarchical tree structure called the domain namespace. Domain names consist of individual labels separated by dots, for example: mydomain.microsoft.com.

A Fully Qualified Domain Name (FQDN) uniquely identifies the hosts position within the DNS hierarchical tree by specifying a list of names separated by dots in the path from the referenced host to the root. The next figure shows an example of a DNS tree with a host called mydomain within the microsoft.com domain. The FQDN for the host would be mydomain.microsoft.com. Zone: DNS data is divided into manageable sets of data called zones. Zones contain name and IP address information about one or more parts of a DNS domain. A server that contains all of the information for a zone is the authoritative server for the domain. Sometimes it may make sense to delegate the authority for answering DNS queries for a particular subdomain to another DNS server. Resource Record: A DNS database consists of resource records (RRs). Each RR identifies a particular resource within the database. There are various types of RRs in DNS. Q. What is the TCP/IP port no. used for DNS services? A. 53/TCP, UDP is used for DNS services. Q. What are the basic requirements (Hardware/Software) to implement the Windows DNS server? A. Server Hardware Requirements: Microsoft's suggested minimum hardware requirements (and some Microsoft recommendations) for Windows Server 2003 (Standard) is listed here: CPU speed: 133MHz (550MHz recommended) RAM: 128MB (256MB recommended; 4GB maximum on Standard Server) Disk space for setup: 1.5GB CD-ROM drive: 12X Monitor: Super VGA capable of providing 800 x 600 resolution

Q. Explain DNS Zones? A. A DNS zone is the part of a domain for which an individual DNS server is responsible. Each zone contains a single SOA record. SOA records are defined in IETF RFC 1035, Domain Names Implementation and Specification. Q. Explain zone file? In computer networking, a zone file is a database element of the domain name system (DNS) used by BIND and other DNS server software. A zone file typically contains information that defines mappings between domain names and IP addresses and can also contain reverse mappings which can resolve IP addresses into domain names. Q. What is Primary DNS Zone? A. A primary DNS server holds the "master copy" of the data for a zone, and secondary servers have copies of this data which they synchronize with the primary through zone transfers at intervals or when prompted by the primary. Q. What is Standard Primary DNS Server? A. Standard primary zone holds a master copy of a zone and can replicate it to all configured secondary zones in standard text format. Any changes that must be made to the zone are made on the copy stored on the primary. Q. What is Active Directory Integrated DNS server? A. Active Directoryintegrated zones are available only on Windows 2000 and 2003 DNS servers in an Active Directory domain. The zone information is contained within the Active Directory database and is replicated using Active Directory replication. Active Directoryintegrated zones

provide an increased level of replication flexibility as well as security. Active Directoryintegrated zones also operate in a multi-master arrangement because they are hosted within Active Directory itself; this way, any DNS server (domain controller) hosting the Active Directory integrated zone can update the zone data.

Q. What is Secondary DNS Zone? A. A standard secondary zone holds a read-only copy of the zone information in standard text format. Secondary zones are created to increase performance and resilience of the DNS configuration. Information is transferred from the primary zone to the secondary zones. Q. What is STUB Zone? Stub zones are a new feature of DNS in Windows Server 2003 that can be used to streamline name resolution, especially in a split namespace scenario. They also help reduce the amount of DNS traffic on your network, making DNS more efficient especially over slow WAN links. This article will look in detail at what stub zones are, how they work, and when to use them. I'll also walk you through the process of creating a stub zone to facilitate name lookups between two separate forests. But first, a little background on DNS zones is necessary to see where stub zones fit into the overall picture. Q. What is Forward Lookup? A. Forward Lookup resolves hostname to IP address. Forward Lookup zones supply the main DNS mechanism for finding Hosts (A), Name Servers (NS) or Service (_gc). Q. What is Reverse Lookup? A. Reverse Lookup resolves IP address to hostname. I think of Reverse Lookup as a hackers tool, they can PING a server's IP address and then they use a Reverse Lookup query to discover the hostname. In truth, Reverse Lookup is required by NSLookup, DNSLint and other utilities. Q. What's the difference between a zone and a domain? A. Although the two terms can seem as if they are used interchangeably, there is a difference. A DNS domain is a segment of the DNS namespace. A zone, on the other hand, can contain multiple contiguous domains. For example, quepublishing.com is a DNS domain. It contains all the information for that specific portion of the DNS namespace. sales.quepublishing.com is another example of a domain, which is contiguous with the quepublishing.com domain; in other words, the two domains "touch." So, if you were to create a DNS forward lookup zone on your DNS server, it could contain records for both domains. Zones allow for the logical grouping and management of domains and resource records on your DNS servers. Questions related to WINS? Q. What is WINS? WINS is a service run on Windows NT servers to provide Windows clients a way to find other Windows computers. WINS (Windows Internet Naming Service) resolves Windows network computer names (also known as NetBIOS names) to Internet IP addresses, allowing Windows computers on a network to easily find and communicate with each other. Using a WINS server is essential for any Windows client computer to work with other Windows computers over the Internet. In addition, using a WINS server is essential for any Windows client computer at Indiana University that intends to use Microsoft network resources. To use WINS services, you must insert into your TCP/IP networking configuration the IP address of the WINS servers you wish to use.

Q. How WINS Works? By default, when a computer running Microsoft Windows 2000, Windows XP, or a Windows Server 2003 operating system is configured with WINS server addresses (either manually or through DHCP) for its name resolution, it uses hybrid node (h-node) as its node type for NetBIOS name registration unless another NetBIOS node type is configured. For NetBIOS name query and resolution, it also uses h-node behavior, but with a few differences. For NetBIOS name resolution, a WINS client typically performs the following general sequence of steps to resolve a name: 1. Client checks to see if the name queried is its local NetBIOS computer name, which it owns. 2. Client checks its local NetBIOS name cache of remote names. Any name resolved fo a remote client is placed in this cache where it remains for 10 minutes. 3. Client forwards the NetBIOS query to its configured primary WINS server. If the primary WINS server fails to answer the query--either because it is not available or because it does not have an entry for the name--the client will try to contact other configured WINS servers in the order they are listed and configured for its use. 4. Client broadcasts the NetBIOS query to the local subnet. 5. Client checks the Lmhosts file for a match to the query, if it is configured to use the Lmhosts file. 6. Client tries the Hosts file and then a DNS server, if it is configured for one Q. What is the TCP/IP port no. used for WINS services? A. 137 Q. What are the basic requirements (Hardware/Software) to implement the Windows WINS server? Hardware Requirement Pentium 4 - 2.8 GHz with 2 GB RAM 80 GB Hard drive/7200RPM Recommended hard drive division: 20 GB System Partition and 60 GB Data partition 100 Mbps Network adaptor or better Screen Resolution: - 1024 X 768 pixels, 256 colours (65,536 colours recommended) Software RequirementWindows Server 2003 Standard Edition SP1 or higher installed. Application Server Role installed: Internet Information Server 6.0 ASP.NET

Q. What is Primary WINS Server? Q. Q. Q. Q. What is Secondary WINS Server? What is relation between DNS & DHCP? What is relation between WINS & DNS? How does DNS relates with ADS?

Q. What is Host File? A. The "Hosts" file in Windows and other operating systems is used to associate host names with IP addresses. Host names are the www.yahoo.com addresses that you see every day. IP addresses are numbers that mean the same thing as the www words - the computers use the numbers to

actually find the sites, but we have words like www.yahoo.com so humans do not need to remember the long strings of numbers when they want to visit a site. We can put names and addresses into the Hosts file so your computer does not have to ask a DNS server to translate the domain name into an IP number. This speeds up access to the host site you want to see because your computer no longer has to query other systems on the Internet for the address translation Q. What is LM Host File? A. A text file in a Windows network that provides name resolution of NetBIOS host names to IP addresses. The LMHOSTS files were the Windows counterpart to the HOSTS files in UNIX, but have long since given way to the WINS naming system. LM stands for "LAN Manager," the name of Microsoft's earlier network operating system (NOS). Q. What is Firewall? What are the essential settings are used in Firewall? A. A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized internet users from accessing private networks connected to the internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria. There are several types of firewall techniques; the 3 basic are as given below:

Packet filter: Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing. Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose performance degradation. Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking. Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.

Q. What is Proxy server? A server that sits between a client application, such as a Web browser, and a real server. It intercepts all requests to the real server to see if it can fulfill the requests itself. If not, it forwards the request to the real server.

Q. What is VPN? The virtual private network (VPN) technology included in Windows Server 2003 helps enable costeffective, secure remote access to private networks. VPN allows administrators to take advantage of the Internet to help provide the functionality and security of private WAN connections at a lower cost. In Windows Server 2003, VPN is enabled using the Routing and Remote Access service. VPN is part of a comprehensive network access solution that includes support for authentication and authorization services, and advanced network security technologies.

Q. What are the types of protocols used in VPN? A. There are two types of protocols used in VPN those are PPTP & L2TP. PPTP: Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables the secure transfer of data from a remote client to a private enterprise server by creating a virtual private network (VPN) across TCP/IP-based data networks. PPTP supports on-demand, multi-protocol, virtual private networking over public networks, such as the Internet. L2TP: Layer 2 Tunneling Protocol is an emerging Internet Engineering Task Force (IETF) standard that combines the features of two existing tunneling protocols: Cisco's Layer 2 Forwarding and Microsoft's Point-to-Point Tunneling Protocol. L2TP is an extension to the Pointto-Point Protocol (PPP). Q. What is Terminal Services? A. Terminal Services is a component of Microsoft Windows operating systems (both client and server versions) that allows a user to access applications or data stored on a remote computer over a network connection. Terminal Services is Microsoft's take on server centric computing, which allows individual users to access network resources easily. Questions related to Active Directory? Q. What is Directory Service? A. Directory service is a software application that stores and organizes information about networked computers, users, and network resources, and that allows network administrators to manage users access to the resources. Additionally, directory services act as an abstraction layer between users and shared resources. Q. What is Active Directory? A. Active Directory is an implementation of LDAP directory services by Microsoft for use in Windows environments. Active Directory allows administrators to assign enterprise-wide policies, deploy programs to many computers, and apply critical updates to an entire organization. An Active Directory stores information and settings relating to an organization in a central, organized, accessible database. Active Directory networks can vary from a small installation with a few hundred objects, to a large installation with millions of objects. Q. What is Active Directory Services? A. Active Directory is a directory service used to store information about the network resources across a domain. Q. What are components of Active Directory? A. Components of Active Directory are Domain, Trees, Forest, Organizational Unit, Schema, Group Policy Objects & Global Catalog. Q. What is Tree (Logical Component)? A. Domain trees is a hierarchical grouping of one or more domains that share a single DNS namespace & have one or more child domain and are connected by transitive trust relationship. Example: ttsl.com is root and mah.ttsl.com is child. Q. What is Forest (Logical Component)? A. Forest is one or more domain trees, linked by transitive trust relationship, share common schema and global catalog.

Q. What is Domain (Logical Component)? A. A Domain is a logical grouping of networked computers in which one or more computers has shared resources. (Domains are the fundamental units that make up Active Directory). Q. What is OU (Logical Component)? A. OU is administrative-level container object in ADS that organize groups of users, computers, groups and other Organizational Units together so that any changes, security privileges or any other administrative tasks could be accomplished more efficiently. Q. What is Domain Controller (Physical Component)? A. Domain Controllers are the physical storage location for the Active Directory Services Database. Q. What is Sites (Physical Component)? A. A Site is a physical component of Active Directory that is used to define and represent the physical topology of a network. Q. What is Object? A. Active Directory objects are the entities that make up a network. An object is a distinct, named set of attributes that represents something concrete, such as a user, a printer, or an application. For example, when we create a user object, Active Directory assigns the globally unique identifier (GUID), and we provide values for such attributes as the user's given name, surname, the logon identifier, and so on. Q. What is Schema? A. Schema represents the definitions for all object types that can exist within Active Directory and their associated attributes. Q. What is Schema Attributes? Attribute Schema objects are used to define attributes in the schema. An attribute Schema object determines the allowable contents and syntax for instances of that attribute in the directory.

Q. What is Schema Class? Class Schema objects are used to define classes in the schema. A class Schema object provides the template for building directory objects of that class. Examples of class Schema include User and Server Q. What is Global Catalog? A. Global Catalog is a role held by a domain controller that store information about all objects in an Active Directory Forest. Q. What is Universal Group membership cache?
A. Universal Group Membership Caching (UGMC) is used to locally cache a user's membership in universal groups on the domain controller authenticating the user. This can be useful in branch office scenarios where you don't want to deploy a global catalog (GC) because of the extra WAN traffic that the GC needs to replicate with other domain controllers in the domain. The cached membership for UGMC is refreshed every 8 hours to keep it up to date. In a forest that has more than one domain, in sites that have domain users but no global catalog server, Universal Group Membership Caching can be used to enable caching of logon credentials so that the global catalog does not have to be contacted for subsequent user logons.

Q. What is LDAP? A. LDAP stands for Lightweight Directory Access Protocol is a networking protocol for querying and modifying directory services running over TCP/IP.

Q. FSMO role in Active Directory Server? In a forest, there are at least five FSMO roles that are assigned to one or more domain controllers. The five FSMO roles are: Schema Master: The schema master domain controller controls all updates and modifications to the schema. To update the schema of a forest, you must have access to the schema master. There can be only one schema master in the whole forest. Domain naming master: The domain naming master domain controller controls the addition or removal of domains in the forest. There can be only one domain naming master in the whole forest. Infrastructure Master: The infrastructure is responsible for updating references from objects in its domain to objects in other domains. At any one time, there can be only one domain controller acting as the infrastructure master in each domain. Relative ID (RID) Master: The RID master is responsible for processing RID pool requests from all domain controllers in a particular domain. At any one time, there can be only one domain controller acting as the RID master in the domain. PDC Emulator: The PDC emulator is a domain controller that advertises it self as the primary domain controller (PDC) to workstations, member servers, and domain controllers that are running earlier versions of Windows. For example, if the domain contains computers that are not running Microsoft Windows XP Professional or Microsoft Windows 2000 client software, or if it contains Microsoft Windows NT backup domain controllers, the PDC emulator master acts as a Windows NT PDC. It is also the Domain Master Browser, and it handles password discrepancies. At any one time, there can be only one domain controller acting as the PDC emulator master in each domain in the forest. Q. How to restore Windows2003 System state backup? Restoring Windows Server 2003 system state and system services Tivoli Storage Manager supports the Microsoft Volume Shadowcopy Service (VSS) on Windows Server 2003. Tivoli Storage Manager uses VSS to restore all system state components as a single object, to provide a consistent point-in-time snapshot of the system state. You can restore all system service components (the default) or individual components. System state components include the following: Active Directory (domain controller only) Windows Server 2003 system volume Certificate Server Database COM+ database Windows Registry System and boot files Attention: Restoring system state in a situation other than system recovery is not recommended. You must have administrative authority to restore System State information. To restore the Windows Server 2003 system state using the GUI:

1. Click Restore from the GUI main window. The Restore window appears. 2. Expand the directory tree by clicking the plus sign +. To display files in a folder, click the

folder icon. 3. Locate the System State node in the directory tree. You can expand the System State node to display the components. 4. Click the selection box next to the System State node to restore the entire system state. You can restore the System State node only as a single entity because of dependencies

among the system state components. By default, all components are selected; you cannot back up individual system state components. Click Restore. The Task List window displays the restore processing status.


On the command line, use the restore systemstate command to restore a backup of a system state. See Restore Systemstate for more information. Considerations: You can restore System State data to an alternate machine. If you are upgrading from a Windows 2000 machine to a Windows Server 2003 machine, you cannot restore the Windows 2000 system objects that were backed up to the server. Your Windows Server 2003 client must be connected to a Tivoli Storage Manager Version 5.2.0 or higher server. If Active Directory is installed, you must be in Active Directory restore mode. See Performing a Windows XP or Windows Server 2003 system recovery for procedures on how to perform the following tasks: o Your operating system is still functioning, but a complete system restore is required. o A complete recovery is required, including an operating system re-installation.

System services components include the following: Background Intelligent Transfer Service (BITS) Event logs Removable Storage Management Database (RSM) Cluster Database (cluster node only) Remote Storage Service Terminal Server Licensing Windows Management Instrumentation (WMI) Internet Information Services (IIS) metabase DHCP database Wins database

To restore the system services using the GUI:

1. Click Restore from the GUI main window. The Restore window appears. 2. Expand the directory tree by clicking the plus sign +. To display files in a folder, click the
folder icon. 3. Locate the System Services node in the directory tree. You can expand the System Services node to display the components. 4. Click the selection box next to the system services component(s) that you want to restore. 5. Click Restore. The Task List window displays the backup processing status. On the command line, use the restore systemservices command to restore a backup of the system services. See Restore Systemservices for more information.

Q. What are IIS services? A. IIS services are used to publish web based applications. Q. What is TCP/IP port no for Global Catalog? A. 3268

Q. What is A. 389 Q. What is A. 3389 Q. What is A. 161,162 Q. What is A. 25 Q. What is A. 110 Q. What is A. 143 Q. What is A. 80 TCP/IP port no for LDAP? TCP/IP port no for RDP? the TCP/IP port no for SNMP? the TCP/IP port no for SMTP? the TCP/IP port no for POP3? the TCP/IP port no for IMAP? the TCP/IP port no for HTTP?

Q. What is the TCP/IP port no for HTTPS? A. 443 Q. How can we view All FSMO roles using command prompt? A. Ntdsutil.exe Q. How can we transfer Schema Master Role? A. Transfer the Schema Master Role
Register Schmmgmt.dll

Use the Active Directory Schema Master snap-in to transfer the schema master role. Before you can use this snap-in, you must register the Schmmgmt.dll file. 1. Click Start, and then click Run. 2. Type regsvr32 schmmgmt.dll in the Open box, and then click OK. 3. Click OK when you receive the message that the operation succeeded.

Transfer the Schema Master Role

1. 2. 3. 4. 5. 6. 7. 8. 9. Click Start, click Run, type mmc in the Open box, and then click OK. On the File, menu click Add/Remove Snap-in. Click Add. Click Active Directory Schema, click Add, click Close, and then click OK. In the console tree, right-click Active Directory Schema, and then click Change Domain Controller. Click Specify Name, type the name of the domain controller that will be the new role holder, and then click OK. In the console tree, right-click Active Directory Schema, and then click Operations Master. Click Change. Click OK to confirm that you want to transfer the role, and then click Close.

Q. How can we transfer Domain naming Master? A. Transfer the Domain Naming Master Role
1. Click Start, point to Administrative Tools, and then click Active Directory Domains and Trusts. 2. Right-click Active Directory Domains and Trusts, and then click Connect to Domain Controller. NOTE: You must perform this step if you are not on the domain controller to which you want to transfer the role. You do not have to perform this step if you are already connected to the domain controller whose role you want to transfer. 3. Do one of the following: In the Enter the name of another domain controller box, type the name of the domain controller that will be the new role holder, and then click OK. -or In the Or, select an available domain controller list, click the domain controller that will be the new role holder,

and then click OK. 4. In the console tree, right-click Active Directory Domains and Trusts, and then click Operations Master. 5. Click Change. 6. Click OK to confirm that you want to transfer the role, and then click Close.

Q. How can we transfer PDC Emulator? How can we transfer RID Master? How can we transfer Infrastructure Master? A. Transfer the RID Master, PDC Emulator, and Infrastructure Master Roles
1. Click Start, point to Administrative Tools, and then click Active Directory Users and Computers. 2. Right-click Active Directory Users and Computers, and then click Connect to Domain Controller. NOTE: You must perform this step if you are not on the domain controller to which you want to transfer the role. You do not have to perform this step if you are already connected to the domain controller whose role you want to transfer. 3. Do one of the following: In the Enter the name of another domain controller box, type the name of the domain controller that will be the new role holder, and then click OK. -or In the Or, select an available domain controller list, click the domain controller that will be the new role holder, and then click OK. 4. In the console tree, right-click Active Directory Users and Computers, point to All Tasks, and then click Operations Master. 5. Click the appropriate tab for the role that you want to transfer (RID, PDC, or Infrastructure), and then click Change. 6. Click OK to confirm that you want to transfer the role, and then click Close.

Q. What will happen if Schema Master fails? A. No updates to the Active Directory schema will be possible. Since schema updates are rare (usually done by certain applications and possibly an Administrator adding an attribute to an object), then the malfunction of the server holding the Schema Master role will not pose a critical problem. Q. What will happen if Domain Naming Master fails? A. The Domain Naming Master must be available when adding or removing a domain from the forest (i.e. running DCPROMO). If it is not, then the domain cannot be added or removed. It is also needed when promoting or demoting a server to/from a Domain Controller. Like the Schema Master, this functionality is only used on occasion and is not critical unless you are modifying your domain or forest structure. Q. What will happen if RID Master fails? A. The RID Master provides RIDs for security principles (users, groups, computer accounts). The failure of this FSMO server would have little impact unless you are adding a very large number of users or groups. Each DC in the domain has a pool of RIDs already, and a problem would occur only if the DC you adding the users/groups on ran out of RIDs. Q. What will happen if PDC Emulator fails? A. The server holding the PDC emulator role will cause the most problems if it is unavailable. This would be most noticeable in a mixed mode domain where you are still running NT 4 BDCs and if you are using down-level clients (NT and Win9x). Since the PDC emulator acts as a NT 4 PDC, then any actions that depend on the PDC would be affected (User Manager for Domains, Server Manager, changing passwords, browsing and BDC replication). In a native mode domain the failure of the PDC emulator isn't as critical because other domain controllers can assume most of the responsibilities of the PDC emulator. Q. What will happen if Infrastructure Master fails?

17 A. This FSMO server is only relevant in a multi-domain environment. If you only have one domain,
then the Infrastructure Master is irrelevant. Failure of this server in a multi-domain environment would be a problem if you are trying to add objects from one domain to another. Q. What are the basic requirements (Hardware/Software) to implement the Windows ADS server? A. Minimum requirements Processor: Single 550 MHz PIII or comparable Memory: 512 MB of RAM Hard Disks: Two 9 GB - Mirrored Network: 100 Megabit Ethernet Systems: 2 Windows 2000 SP4 Servers- Redundancy Recommended requirement Processor: Dual Intel Xeon or comparable Memory: 1 GB of RAM Hard Disks: Three 9 GB RAID5 Network: 100 Megabit Ethernet Systems: 2 Windows 2000 SP4 Servers- Redundancy Desktop/Member Server Requirements: Windows desktop OS should be at least Windows 2000 and have hardware to support Windows member servers should be at the Windows 2000 level and have hardware to

such to receive benefit from the GTAD service. support such.

Q. What is GROUPS? Groups are Active Directory (or local computer) objects that can contain users, contacts, computers, and other groups. In Windows 2000, groups are created in domains, using the Active Directory Users and Computers tool. You can create groups in the root domain, in any other domain in the forest, in any organizational unit, or in any Container class object (such as the default Users container). Like user and computer accounts, groups are Windows 2000 security principals; they are directory objects to which SIDs are assigned at creation. You can nest groups; that is, you can add a group as a member of another group (according to specified rulessee the section "Mode Governs Nesting Options"). Nesting groups makes it easier to manage users and can reduce network traffic caused by replication of group membership changes. Q. What is Backup? A. To copy files to a second medium (a disk or tape) as a precaution in case the first medium fails. Q. What are the types of Backup?

A. There are 5 types of backup in windows 2003 and are as follows: Copy, Normal, Incremental, Daily and Differential. Q. Difference between Incremental & Differential Backup? A. Differential backup backs up only the files that changed since the last full back. For example, suppose you do a full backup on Sunday. On Monday you back up only the files that changed since Sunday, on Tuesday you back up only the files that changed since Sunday, and so on until the next full backup. Differential backups are quicker than full backups because so much less data is being backed up. But the amount of data being backed up grows with each differential backup until the next full back up. Differential backups are more flexible than full backups, but still unwieldy to do more than about once a day, especially as the next full backup approaches. Incremental backups also back up only the changed data, but they only back up the data that has changed since the last backup be it a full or incremental backup. They are sometimes called "differential incremental backups," while differential backups are sometimes called "cumulative incremental backups." Confused yet? Don't be. How can we take the backup for ADS? What are types of BACKUP in ADS? How to restore an ADS Backup? Q. What is Basic Disk? A. A standard disk with standard partitions (primary and extended). Q. What is Dynamic Disk? A. Disks that have dynamic mounting capability to add additional local or remote partitions or directories to a disk drive. These are called dynamic volumes. This is new with the Windows 2000 operating system and is not supported by any other operating systems. Any volume that is on more than one hard drive must be created with dynamic disks. A disk can only be converted from dynamic to basic by first deleting all the volumes in the dynamic disk. Q. What is RAID? A. RAID (Redundant Array of Independent Disks). A collection of disk drives that offers increased performance and fault tolerance. There are a number of different RAID levels. The three most commonly used are 0, 1, and 5: Level 0: striping without parity (spreading out blocks of each file across multiple disks). Level 1: disk mirroring or duplexing. Level 2: bit-level striping with parity Level 3: byte-level striping with dedicated parity. Q. What is Simple Volume? A. Simple volumes are the most common volumes and the type of volume that you will create most often. If you are using a single disk configuration, a simple volume is the only volume type that you can create. Q. What is Spanned Volume? A. Spanned volumes are created by combining disk space from two or more hard disks. Spanned volumes can be created by using different amounts of space from different hard disks. For example, a 10GB spanned volume can be created from 6GB of unallocated space on hard drive 0, 3GB of unallocated space on hard drive 1, and 1GB of space on hard drive 2. A spanned volume cannot be extended, and there is no fault tolerance in using a spanned volume. If any of the drives fail, the data on the volume is lost and must be restored from backup (tape). Spanned volumes can be created from two physical disks and can contain up to 32 physical disks. Q. What is Stripped Volume?

A striped volume is created using a minimum of two and a maximum of 32 physical drives to create a single volume. A striped volume is created by using an equal amount of unallocated space on all the physical disks. The data is written across all physical disks in the volume in equal parts, thereby creating a stripe pattern. When data is written to the volume, it is divided into 64KB parts and each part is written to a separate disk. Chopping the data into pieces allows each physical disk to be performing a write operation at almost exactly the same time, thereby increasing speed dramatically. When data is read, it is read in the same way, in 64KB blocks at a time. Striped volumes provide the best read and write performance of all the different types of volumes. A striped volume gets its name from how the data is read and accessed on the drive. Q. What is Mirror Volume? A. Mirrored volumes are created using two physical disks. A mirrored volume requires same amount of unallocated space on each of the physical disk used. When data is written to a mirrored volume, the data is written to disk and then synchronized on the second disk. An exact copy of the data is available on both physical disks. Q. What is Raid-0? A. RAID Level 0 is not redundant, hence does not truly fit the "RAID" acronym. In level 0, data is split across drives, resulting in higher data throughput. Since no redundant information is stored, performance is very good, but the failure of any disk in the array results in data loss. This level is commonly referred to as striping. Q. What is RAID-1? A. RAID Level 1 provides redundancy by writing all data to two or more drives. The performance of a level 1 array tends to be faster on reads and slower on writes compared to a single drive, but if either drive fails, no data is lost. This is a good entry-level redundant system, since only two drives are required; however, since one drive is used to store a duplicate of the data, the cost per megabyte is high. This level is commonly referred to as mirroring. Q. What is RAID-5? A. RAID Level 5 is similar to level 4, but distributes parity among the drives. This can speed small writes in multiprocessing systems, since the parity disk does not become a bottleneck. Because parity data must be skipped on each drive during reads, however, the performance for reads tends to be considerably lower than a level 4 array. The cost per megabyte is the same as for level 4.

Question Related to TCP/IP? Q. What is IP? A. The Internet Protocol (IP) is a data-oriented protocol used for communicating data across a packet-switched internet-work. IP is a network layer protocol in the internet protocol suite and is encapsulated in a data link layer protocol (e.g., Ethernet). Q. What is TCP? A. Transmission Control Protocol, and pronounced as separate letters. TCP is one of the main protocols in TCP/IP networks. Whereas the IP protocol deals only with packets, TCP enables two hosts to establish a connection and exchange streams of data. TCP guarantees delivery of data and also guarantees that packets will be delivered in the same order in which they were sent.

Q. What is UDP? A. UDP, a connectionless protocol that, like TCP, runs on top of IP networks. Unlike TCP/IP, UDP/IP provides very few error recovery services, offering instead a direct way to send and receive datagrams over an IP network. It's used primarily for broadcasting messages over a network. Q. What is range of TCP/IP in Class A? A. 1 to 127 Q. What is range of TCP/IP in Class B? A. 128 to 191 Q. What is range of TCP/IP in Class C? A. 192 to 223 Q. What are reserved IP ranges in Class A? A. to Q. What are reserved IP ranges in Class B? A. to Q. What are reserved IP ranges in Class C? A. to Q. What is default IP range is broadcast by DHCP server if no scope is defined? A. Q. What is Loop back IP address? A. Q. How can we assign Static IP & dynamic IP using command prompt utility? A. Yes. Through ipconfig command. Q. What is Subnet Mask? A. In computer networks, a subnet work or subnet is a range of logical addresses within the address space that is assigned to an organization. Subnetting is a hierarchical partitioning of the network address space of an organization (and of the network nodes of an autonomous system) into several subnets Q. What is Gateway? A. A gateway is either hardware or software that acts as a bridge between two networks so that data can be transferred between a numbers of computers. Q. What is Routed Protocol? A. Routed protocols are routed by routers which use routing protocols to communicate to other routers using routing protocols that have routed protocols. Q. What is Routing Protocol? A. Routing protocols distribute routing information throughout all routers on a network. By knowing about all other routers connected to the network, each router can determine the best path to use to deliver your traffic.

Q. What is OSI Layer? Describe Each. Layer 7: Application layer The Application layer provides a means for the user to access information on the network through an application. This layer is the main interface for the user(s) to interact with the application and therefore the network. Some examples of application layer protocols include Telnet, applications which use File Transfer Protocol (FTP), applications which use Simple Mail Transfer Protocol (SMTP) and applications which use Hypertext Transfer Protocol (HTTP). Applications built to use a protocol, such as FTP, should not be confused with the protocols themselves, which often reside at the session layer 123. Layer 6: Presentation layer The Presentation layer transforms data to provide a standard interface for the Application layer. MIME encoding, data compression, data encryption and similar manipulation of the presentation is done at this layer to present the data as a service or protocol developer sees fit. Examples of this layer are converting an EBCDIC-coded text file to an ASCII-coded file, or serializing objects and other data structures into and out of XML. Layer 5: Session layer The Session layer controls the dialogues/connections (sessions) between computers. It establishes, manages and terminates the connections between the local and remote application. It provides for either full-duplex or half-duplex operation, and establishes check pointing, adjournment, termination, and restart procedures. The OSI model made this layer responsible for "graceful close" of sessions, which is a property of TCP, and also for session check pointing and recovery, which is not usually used in the Internet protocols suite. Layer 4: Transport layer The Transport layer provides transparent transfer of data between end users, thus relieving the upper layers from any concern while providing reliable data transfer. The transport layer controls the reliability of a given link through flow control, segmentation/desegmentation, and error control. Some protocols are state and connection oriented. This means that the transport layer can keep track of the packets and retransmit those that fail. The best known example of a layer 4 protocol is the Transmission Control Protocol (TCP). The transport layer is the layer that converts messages into TCP segments or User Datagram Protocol (UDP), Stream Control Transmission Protocol (SCTP), etc. packets. Perhaps an easy way to visualize the Transport Layer is to compare it with a Post Office, which deals with the dispatching and classification of mail and parcels sent. Layer 3: Network layer The Network layer provides the functional and procedural means of transferring variable length data sequences from a source to a destination via one or more networks while maintaining the quality of service requested by the Transport layer. The Network layer performs network routing functions, and might also perform segmentation/desegmentation, and report delivery errors. Routers operate at this layersending data throughout the extended network and making the Internet possible. This is a logical addressing scheme values are chosen by the network engineer. The addressing scheme is hierarchical. The best known example of a layer 3 protocol is the Internet Protocol (IP). Perhaps it's easier to visualize this layer as the actual Air Mail or Consolidated Carrier that transfers the mail from Point A to Point B.

Layer 2: Data link layer The Data Link layer provides the functional and procedural means to transfer data between network entities and to detect and possibly correct errors that may occur in the Physical layer. The best known example of this is Ethernet. Other examples of data link protocols are HDLC and ADCCP for point-to-point or packet-switched networks and Aloha for local area networks. On IEEE 802 local area networks, and some non-IEEE 802 networks such as FDDI, this layer may be split into a Media Access Control (MAC) layer and the IEEE 802.2 Logical Link Control (LLC) layer. It arranges bits from physical layer into logical chunks of data, known as frames. This is the layer at which the bridges and switches operate. Connectivity is provided only among locally attached network nodes forming layer 2 domains for unicast or broadcast forwarding. Other protocols may be imposed on the data frames to create tunnels and logically separated layer 2 forwarding domain. Layer 1: Physical layer The Physical layer defines all the electrical and physical specifications for devices. This includes the layout of pins, voltages, and cable specifications. Hubs, repeaters, network adapters and Host Bus Adapters (HBAs used in Storage Area Networks) are physical-layer devices. The major functions and services performed by the physical layer are: Establishment and termination of a connection to a communications medium. Participation in the process whereby the communication resources are effectively shared among multiple users. For example, contention resolution and flow control. Modulation, or conversion between the representation of digital data in user equipment and the corresponding signals transmitted over a communications channel. These are signals operating over the physical cabling (such as copper and fiber optic) or over a radio link.

Parallel SCSI buses operate in this layer. Various physical-layer Ethernet standards are also in this layer; Ethernet incorporates both this layer and the data-link layer. The same applies to other localarea networks, such as Token ring, FDDI, and IEEE 802.11, as well as personal area networks such as Bluetooth and IEEE 802.15.4. Q. What is Difference between Windows NT, Windows 2000? 1) In winnt server concept pdc and bdc but there is no concept in 2000 2) In winnt server sam database r/w format in pdc and read only format in bdc, but in 2000 domain and every domain controller sam database read/writer format. 3) 2000 server can any time any moment become server or member of server simple add/remove dcpromo. But in winnt you have to reinstall operating system. In windows 2003 support SHADOW COPIES. A NEW TOOLTO RECOVER FILES Window 2003 server includes IIS server in it. That is the biggest advantage on top of better file system management In 2003 server u can change the domain name at any time without rebulding the domain where as in 2000 u have to rebuld the entire domain to change the domain name In windows 2000 support maximum 10 users access shared folder at a time through network. But in win2003 no limitation Windows Server 2003 was released as an upgrade to Windows 2000 Server. Additional features in Windows Server 2003 include: Increased dependability Built-in support for web services Common language runtime reduces the number of bugs and security holes caused by common

programming mistakes Increased security for Internet connections Support for both 32-bit and 64-bit processors (depending on the version) Symmetric multi-processing support for up to 64 processors Support for up to 512GB of RAM Q. What is difference between Windows 2000 & Windows 2003 Server? A) In 2000 we cannot rename domain whereas in 2003 we can rename Domain B) In 2000 it supports of 8 processors and 64 GB RAM (In 2000 Advance Server) whereas in 2003 supports up to 64 processors and max of 512GB RAM C)2000 Supports IIS 5.0 and 2003 Supports IIS6.0 D) 2000 doesnt support Dot net whereas 2003 Supports Microsoft .NET 2.0 E) 2000 has Server and Advance Server editions whereas 2003 has Standard, Enterprise, Datacentre and Web server Editions. F) 2000 doesnt have any 64 bit server operating system whereas 2003 has 64 bit server operating systems (Windows Server 2003 X64 Std and Enterprise Edition) G) 2000 has basic concept of DFS (Distributed File systems) with defined roots whereas 2003 has Enhanced DFS support with multiple roots. H) In 2000 there is complexality in administering Complex networks whereas 2003 is easy administration in all & Complex networks I) in 2000 we can create 1 million users and in 2003 we can create 1 billion users. J) In 2003 we have concept of Volume shadow copy service which is used to create hard disk snap shot which is used in Disaster recovery and 2000 doesnt have this service. K) In 2000 we dont have end user policy management, whereas in 2003 we have a End user policy management which is done in GPMC (Group policy management console). L) In 2000 we have cross domain trust relation ship and 2003 we have Cross forest trust relationship. M) 2000 Supports 4-node clustering and 2003 supports 8-node clustering. N) 2003 has High HCL Support (Hardware Compatibility List) issued by Microsoft O) Code name of 2000 is Win NT 5.0 and Code name of 2003 is Win NT 5.1 P) 2003 has service called ADFS (Active Directory Federation Services) which is used to communicate between branches with safe authentication. Q) In 2003 their is improved storage management using service File Server Resource Manager (FSRM) R) 2003 has service called Windows Share point Services (It is an integrated portfolio of collaboration and communication services designed to connect people, information, processes, and systems both within and beyond the organizational firewall.) S) 2003 has Improved Print management compared to 2000 server T) 2003 has telnet sessions available. U) 2000 supports IPV4 whereas 2003 supports IPV4 and IPV6