Ads Int Faq

1. What is Global Catalog Server?
Global Catalog server is the server which keeps the stores the details of each object
created in the forest. Global Catalog is the master searchable index to all objects in forest
2. Can GC Server and Infrastructure place in single server? If not explain why?
No, As Infrastructure master does the same job as the GC. It does not work together.
3. What is the size of log file which created before updating into ntds.dit and the total
number of files?
Three Log files Names
Edb.log
Res1.log
Res2.log
Each initially 10 MB
4. What does SYSVOL contains?

SysVol Folder contains the public information of the domain & The information for
replication
Ex: Group policy object & scripts can be found in this directory.
5. Which is service in your windows is responsible for replication of Domain controller

to another domain controller.
KCC generates the replication topology.
Use SMTP / RPC to replicate changes.
6. How data will travel between sites in ADS replication?

As determined in the site connectors
7. What is the port number for SMTP, Kerberos, LDAP, and GC Server??
SMTP 25, Kerberos 88, GC 3268, LDAP 389
8. What Intrasite and Intersite Replication?

Intrasite is the replication within the same site & intersite the replication between sites
9. What is lost & found folder in ADS?

It's the folder where you can find the objects missed due to conflict.
Ex: you created a user in OU which is deleted in other DC & when replication happed
ADS didn't find the OU then it will put that in Lost & Found Folder.
10. What is Garbage collection?

Garbage collection is the process of the online defragmentation of active directory. It
happens every 12 Hours.
11. What System State data contains?

Contains Startup files,
Registry
Com + Registration Database
Memory Page file
System files
AD information
Cluster Service information
SYSVOL Folder
12. How do you restore a particular OU which got deleted by accident?

Go authoritative restore
13. What is IPSec Policy?

IPSec provides secure gateway-to-gateway connections across outsourced private wide
area network (WAN) or Internet-based connections using L2TP/IPSec tunnels or pure
IPSec tunnel mode.
IPSec Policy can be deployed via Group policy to the Windows Domain controllers 7
Servers.
14. What are different types of Group Policy?

I don't think there are types of group policies????
15. What is the order of applying Group Policy?

Local Policy.
Site Policy.
Domain Policy.
OU Policy.
16. What are the new features in Windows 2003 related to ADS, Replication, and Trust?
ADS: Can more than 5000 users in the groups
17. How to edit the Schema in ADS?

ADSI Edit
18. What is Domain Local, Global Group, Universal group?

Domain Local – Only Users with in Domain
Global groups are used to grant permissions to objects in any domain in the domain tree
or forest. Members of global groups can include only accounts and groups from the
domain in which they are defined.
Universal groups are used to grant permissions on a wide scale throughout a domain tree
or forest. Members of global groups include accounts and groups from any domain in the
domain tree or forest.
19. Diff between Global & Universal group?

Check the answer above.
20. What are the different types of Terminal Services?
User Mode & Application Mode
21. What does mean by root DNS servers?

Public DNS servers Hosted in the Internet which registers the DNS
22. What are the different records in DNS?

A – Address record
MX – Mail Server Record
NS – Name Server
CNAME – Canonical name / Alias
SOA – Start of authority
23. What is a SOA record?

Start of authority – authorized DNS in the domain
24. How does the down-level clients register it names with DNS server?
Enable the WINS integration with DNS.
25. What is RsOP?

RsOP is the resultant set of policy applied on the object (Group Policy)
26. What is default lease period for DHCP Server?

8 days Default
27. What is the process of DHCP clients for getting the ip address?
Discover – Order – Receive - Acknowledge
28. What is multicast?

Multicast scopes enable you to lease Class D IP addresses to clients for participation in
multicast transmissions, such as streaming video and audio transmissions.
29. What is superscope?

Superscope enables you to group several standard DHCP scopes into a single
administrative group without causing any service disruption to network clients.
30. What is the System Startup process?
Windows 2K boot process on Intel architecture.
1. Power-On Self Tests (POST) is run.
2. The boot device is found, the Master Boot Record (MBR) is loaded into memory, and
its program is run.
3. The active partition is located, and the boot sector is loaded.

4. The Windows 2000 loader (NTLDR) is then loaded.
The boot sequence executes the following steps:
1. The Windows 2000 loader switches the processor to the 32-bit flat memory model.
2. The Windows 2000 loader starts a mini-file system.
3. The Windows 2000 loader reads the BOOT.INI file and displays the operating system
selections (boot loader menu).
4. The Windows 2000 loader loads the operating system selected by the user. If Windows
2000 is selected, NTLDR runs NTDETECT.COM. For other operating systems, NTLDR
loads BOOTSECT.DOS and gives it control.
5. NTDETECT.COM scans the hardware installed in the computer, and reports the list to
NTLDR for inclusion in the Registry under the
HKEY_LOCAL_MACHINE_HARDWARE hive.
6. NTLDR then loads the NTOSKRNL.EXE, and gives it the hardware information
collected by NTDETECT.COM. Windows NT enters the Windows load phases.
31. What is WINS hybrid & mixed mode?

Systems that are configured to use WINS are normally configured as a hybrid (H-node)
client, meaning they attempt to resolve NetBIOS names via a WINS server and then try a
broadcast (B-node) if WINS is unsuccessful. Most systems can be configured to resolve
NetBIOS names in one of four modes:
Broadcast (B-node)—Clients use a broadcast only to resolve names. An enhanced B-node

setting has the client use an LMHOST file as well. The hex value for this setting is 0x1.
Peer-to-Peer (P-node)—Clients use WINS only to resolve names. The hex value for this
setting is 0x2.
Mixed (M-node)—Clients first use a broadcast in an attempt to resolve NetBIOS names.
If this fails, they attempt the resolution via the WINS server. The hex value for this
setting is 0x4.
Hybrid (H-node)—Clients first use the WINS service in an attempt to resolve NetBIOS
names. If this fails, they attempt the resolution via broadcast. The hex value for this
setting is 0x8.
32. What is Disk Quota?

Disk Quota is the specifying the limits of usage on the disks.
==========================================================
1) What is different Editions of Windows 2003 server?

i)Standard Edition
ii)Web Edition
iii)Enterprise Edition
iv)Datacenter Edition
2) What is active directory?
Active Directory is the directory service included in the Windows Server 2003 family.
Active Directory includes the directory, which stores information about network
resources, as well as all the services that make the information available and useful.
Active Directory is also the directory service included in Windows 2000.
3)What is the active directory database name and where it is located?
Name : NTDS.Dit located in c:\windows\ntds\
4)What is the expansion of .Dit ? Scalable size of NTDS in 2k3?

Dit – Directory Information Tree. It is scalable up to 70 TB.
5) What is schema in AD?
The Active Directory schema defines objects that can be stored in Active Directory. The
schema is a list of definitions that determines the kinds of objects and the types of
information about those objects that can be stored in Active Directory. Because the
schema definitions themselves are stored as objects, they can be administered in the same
manner as the rest of the objects in Active Directory. Normally called schema object or
metadata.
6) Structure of AD in 2kX?
1)Physical structure
Sites ,Domain Controllers
2)Logical structures
Forest, Tree, Domain, OU, object
7) What are the domain functional levels in 2k3?
1)Mixed mode
2)Native mode
3)Interim mode
8) What is Global catalog and GC server?
The global catalog is the central repository of information about objects in a tree or
forest. By default, a global catalog is created automatically on the initial domain
controller in the first domain in the forest. A domain controller that holds a copy of the
global catalog is called a global catalog server.
9) What are the functions of GC?
A) It enables a user to log on to a network by providing universal group membership

information to a domain controller when a logon process is initiated.
B) It enables finding directory information regardless of which domain in the forest
actually contains the data.
10) What is the active directory database engine name?

ESE (Extensible Storage Engine)
11) What are the partitions available in AD?

i) Schema partition
ii) Configuration Partition
iii) Domain Partition
iv)Application Partition
12) What are the two types of replications?

Inter-site (Site to site) and Intra-site (With in site) replications.
13) What is KCC? What is the function of the KCC?

The KCC is a built-in process that runs on all domain controllers. The KCC configures
connection objects between domain controllers. Within a site, each KCC generates its
own connections. For replication between sites, a single KCC per site generates all
connections between sites.
14) What is the two trust protocols 2k3 using?

Kerberos V5 and NTLM
15) What are the trust relations available in 2k3?

Tree-Root , Parent- Child , Shortcut, Realm, Forest trust , External trust
16)What is the hierarchy of applying Gpo in 2k3?

It is applied from parent level to child level in AD.
i) Local GPO
ii) GPOs linked to sites
iii) GPOs linked to domains
iv) GPOs linked to OUs
17) What are the protocols used on replication?

RPC over IP (Used for synchronies transfer) , SMTP over IP (Asynchronies transfer)
18) What is the default time delay on replication?

Intra site – 15 min ( KCC automatically create the topology for Replication)
Inter-site – 1 hrs.
Security related changes replicated immediately across sites.
19) What Different tables available in NTDS database?

i) Schema table
Ii) Link Table
iii) Data table
iv)Configuration Table
19) Where is the FRS logs stored in and what is the database engine name?
c:\windows\ntfrs\jet\log, The engine used is jet database engine. Ntfrs.jdb.
20) What is tombstone object in AD? What is its life time?

Any objects deleted from Active directory will not removed from Database immediately.
That object is called tombstone object. The default life time for that object is 60 days. For
win 2k3 SP1 180 days
21) FSMO Roles
In a forest, there are at least five FSMO roles that are assigned to one or more domain
controllers. The five FSMO roles are
Schema Master:
The schema master domain controller controls all updates and modifications to the
schema. To update the schema of a forest, you must have access to the schema master.
There can be only one schema master in the whole forest.
Domain naming master
The domain naming master domain controller controls the addition or removal of
domains in the forest. There can be only one domain naming master in the whole forest.
Infrastructure Master:
The infrastructure is responsible for updating references from objects in its domain to
objects in other domains. At any one time, there can be only one domain controller acting
as the infrastructure master in each domain.
Relative ID (RID) Master:

The RID master is responsible for processing RID pool requests from all domain
controllers in a particular domain. At any one time, there can be only one domain
controller acting as the RID master in the domain.
PDC Emulator
The PDC emulator is a domain controller that advertises itself as the primary domain
controller (PDC) to workstations, member servers, and domain controllers that are
running earlier versions of Windows.
For example, if the domain contains computers that are not running Microsoft Windows
XP Professional or Microsoft Windows 2000 client software, or if it contains Microsoft
Windows NT backup domain controllers, the PDC emulator master acts as a Windows
NT PDC.
It is also the Domain Master Browser, and it handles password discrepancies. At any one
time, there can be only one domain controller acting as the PDC emulator master in each
domain in the forest
============================================================
Quicker Q&A
What are the required components of Windows Server 2003 for installing Exchange
2003? - ASP.NET, SMTP, NNTP, W3SVC
What must be done to an AD forest before Exchange can be deployed? - Setup
/forestprep
What Exchange process is responsible for communication with AD? - DSACCESS
What 3 types of domain controller does Exchange access? - Normal Domain Controller,
Global Catalog, Configuration Domain Controller
What connector type would you use to connect to the Internet, and what are the two
methods of sending mail over that connector? - SMTP Connector: Forward to smart host
or use DNS to route to each address
How would you optimise Exchange 2003 memory usage on a Windows Server 2003
server with more than 1Gb of memory? - Add /3Gb switch to boot.ini
What would a rise in remote queue length generally indicate? - This means mail is not
being sent to other servers. This can be explained by outages or performance issues with
the network or remote servers.
What would a rise in the Local Delivery queue generally mean? - This indicates a
performance issue or outage on the local server. Reasons could be slowness in consulting
AD, slowness in handing messages off to local delivery or SMTP delivery. It could also
be databases being dismounted or a lack of disk space.
What are the standard port numbers for SMTP, POP3, IMAP4, RPC, LDAP and Global
Catalog? - SMTP – 25, POP3 – 110, IMAP4 – 143, RPC – 135, LDAP – 389, Global
Catalog - 3268
Name the process names for the following: System Attendant? – MAD.EXE, Information
Store – STORE.EXE, SMTP/POP/IMAP/OWA – INETINFO.EXE
What is the maximum amount of databases that can be hosted on Exchange 2003
Enterprise? - 20 databases. 4 SGs x 5 DBs.
What are the disadvantages of circular logging? - In the event of a corrupt database, data
can only be restored to the last backup.
========================================================
1. What are the Default shares in Windows Server 2003?
By default, Windows automatically creates special hidden administrative shares that
administrators, programs, and services can use to manage the computer environment or
network. These special shared resources are not visible in Windows Explorer or in My
Computer, but you can use the Shared Folders tool in Computer Management to view
them. Depending on the configuration of your computer, you may see some or all the
following special shared resources listed in the Shares folder in Shared Folders:
•
DriveLetter$: Root partitions and volumes are shared as the drive letter name appended
with the $ character. For example, drive letters C and D are shared as C$ and D$.
•
ADMIN$: A resource that is used during remote administration of a computer.
•
IPC$: A resource that shares the named pipes that you must have for communication
between programs. Note that this resource cannot be deleted.
•
NETLOGON: A resource that is used on domain controllers.
•
SYSVOL: A resources that is used on domain controllers.
•
PRINT$: A resource that is used during the remote administration of printers.
•
FAX$: A shared folder on a server that is used by fax clients during fax transmission.
Note NETLOGON and SYSVOL are not hidden shares but are instead special
administrative shares. Generally, Microsoft recommends that you do not modify these
special shared resources. However, if you want to remove the special shared resources
and prevent them from being created automatically, you can do this by editing the
registry.
1. Q) Can I changed password if my machince’s connectivity to DC who holds PDC

emulator role has been fails?A) No You cant the password.
Q) i have been asked if there is set of 30 harddisk configured for raid 5 if two harddisk
failed what about dataA) It depends how u had configured ur RAID its only Raid5 or
with with spare if its only raid 5 then in raid5 if ur 2 nos of HDD goes then ur raid is
gone.
Q) How Can i Deploy the Latest Patched in Pc through G.P. wihtout having the Admin
Right in Pc.A) Create a batch file and place all the patches in the Netlogon, and deploy
the batch file through GP to all the pcs so the same should take affect after restarting the
pc.
Q) In Raid 5,Suppose i have 5 HDD of 10-10 GB, After configuring the Raid how much
space do i have for utilise.A) -1 out of the total (eg- if u r using 5 u will get only 4
because 1 goes for parity).
Q) How Can i Resolve the Svr name through NslookupA) what exactly u want to do,
nslookup command will let u know through which server u r getting routed, (eg-
c:\nslookup then u will get ur domain name to which u r getting routed. and if u want to
get the name of the pc/server with the ip address then u have to give the command
c:\nbtstat -a ip xx-xx-xx-xx)
===========================================================
1. DHCP relay agent where to place it?
Ans: DHCP Relay agent u need to place in Software Router.
Question: How many Zones in Windows 2000 server and Windows 2003 Server ?
Ans: In Windows 2000 there are mainly 3 zones
Standard Primary — zone information is written in Txt fileStandard Secondary — copy
of PrimaryActive Directory Integrated– Information stores in Active Directory
In Win2k3 one more zone is added that is Stub zone
–Stub is like secondary but it contains only copy of SOA records, copy of NS records,
copy of A records for that zone. No copy of MX, SRV records etc.,With this Stub zone
DNS traffic will be low
Question: What is Kerberos? Which version is currently used by Windows? How does
Kerberos work?
Answer: Kerberos is the user authentication used in Win2000 and Win2003 Active
Directory servers
Kerberos version in 5.0
Port is: 88
It’s more secure and encrypted than NTLM (NT authentication)
1. Which protocol is used for Public Folder?

ANS: SMTP
What is the use of NNTP with exchange?
ANS: This protocol is used the news group in exchange.
1. What is the content of System State backup?

The contents are: Boot files, system filesActive directory (if it’s done on DC)SysVol
folder(if it done on DC)Certificate service ( on a CA server)Cluster database ( on a
cluster server)registryPerformance counter configuration informationComponent services
class registration database
Q: What are the perquisites for installation of Exchange Server?

The prerequisite are
IISSMTPWWW serviceNNTP.NET FrameworkASP.NETThen run ForestprepThen run
domainprep
Question: What is Multi Master Replication?

Answer: Multi-master replication is a method of replication employed by databases to
transfer data or changes to data across multiple computers within a group. Multi-master
replication can be contrasted with a master-slave method (also known as single-master
replication).
DFS? DFS Namespace ?

1. DFS Replication. New state-based, multimaster replication engine that is optimized for
WAN environments. DFS Replication supports replication scheduling, bandwidth
throttling, and a new byte-level compression algorithm known as remote differential
compression (RDC).
DFS Namespaces. Technology that helps administrators group shared folders located on
different servers and present them to users as a virtual tree of folders known as a
namespace. DFS Namespaces was formerly known as Distributed File System in
Windows 2000 Server and Windows Server 2003.
What are the four domain functional levels?

Windows 2000 MixedWindows 2000 NativeWindows Server 2003 InterimWindows
Server 2003
Windows 2000 Mixed
When you configure a new Windows Server 2003 domain, the default domain functional
level is Windows 2000 mixed.Under this domain functional level, Windows NT, 2000,
and 2003 domain controllers are supported. However,certain features such as group
nesting, universal groups, and so on are not available.
Windows 2000 Native
Upgrading the functional level of a domain to Windows 2000 Native should only be done
if there areno Windows NT domain controllers remaining on the network. By upgrading
to Windows 2000 Native functional level,additional features become available including:
group nesting, universal groups, SID History, and the ability to convertsecurity groups
and distribution groups.
Windows Server 2003 Interim
The third functional level is Windows Server 2003 Interim and it is often used when
upgrading fromWindows NT to Windows Server 2003. Upgrading to this domain
functional level provides support forWindows NT and Windows Server 2003 domain
controllers. However, like Windows 2000 Mixed, it does not provide new features.
Windows Server 2003The last functional level is Windows Server 2003. This domain
functional level only provides support forWindows Server 2003 domain controllers. If
you want to take advantage of all the features included withWindows Server 2003, you
must implement this functional level. One of the most important features introducedat
this functional level is the ability to rename domain controllers
comments (0)
TOP
3:07 AM
system admin FAQ with Answers

Posted by kalil
===============================================================
Download This doc:
http://u-bm8g42kfs.urlcash.net
===============================================================
FSMO ROLES
1) While Active Directory is a distributed system, some servers only carry out specific
roles. If something happens to this server or you need a more substantial server to handle
a particular role, you must know which servers are handling each role.
There are five FSMO roles:•
PDC emulator (one per domain): This role allows Windows Server 2003 to act as a
Windows NT primary domain controller (PDC), and it provides replication support for
Windows NT-based backup domain controllers (BDCs). In addition, this role assists with
time and group policy synchronization. •
Infrastructure master (one per domain): This role is responsible for updating the group-to-
user references whenever the members of groups change or receive new names. •
Relative ID (RID) master (one per domain): This role ensures that every object created
has a unique identification number. •
Schema master (one per forest): This role is responsible for maintaining and modifying
the Active Directory schema. •
Domain naming master (one per forest): This role is responsible for the addition and
deletion of domains in a forest.
==============================
How can you determine which servers hold these roles in an Active Directory forest?
To find the PDC emulator, the infrastructure master, and the RID master, follows these
steps:
1. Go to Start Administrative Tools Active Directory Users and Computers.
2. Right-click the domain and select Operations Master. The resulting three tabs will
show you which server holds each respective role.
To find the schema master, follow these steps:
1. Go to Start Run.
2. Enter regsvr32 schmmgmt.dll in the Open text box, and click OK.
3. Go to Start Run.
4. Enter mmc in the Open text box, and click OK.
5. Go to File Add/Remove Snap-In, and click Add.
6. Click Active Directory Schema, click Add, click Close, and click OK.
7. Right-click Active Directory Schema and select Operations Master from the shortcut
menu.
To find the domain naming master, follow these steps:

1. Go to Start Administrative Tools Active Directory Domains and Trusts.
2. Right-click Active Directory Domains and Trusts, and select Operations Master from
the list.
Transferring the RID Master, PDC Emulator, and Infrastructure Masters via GUITo
Transfer the Domain-Specific RID Master, PDC Emulator, and Infrastructure Master
FSMO Roles:
1. Open the Active Directory Users and Computers snap-in from the Administrative
Tools folder.
2. If you are NOT logged onto the target domain controller, in the snap-in, right-click the
icon next to Active Directory Users and Computers and press Connect to Domain
Controller.
3. Select the domain controller that will be the new role holder, the target, and press OK.
4. Right-click the Active Directory Users and Computers icon again and press Operation
Masters.
5. Select the appropriate tab for the role you wish to transfer and press the Change button.
6. Press OK to confirm the change.7. Press OK all the way out
.DHCP LEASE PROCESS

1. Discover: The host will initially send a broadcast in an attempt to discover a DHCP
server on the network.
2. Offer: The DHCP server will 'see' the workstation looking for the DHCP service and
respond with an 'offer', which is an IP address.
3. Request: The client will receive the 'offer' and, in most cases, will accept it. This
means it sends an 'official request' for the same IP address offered previously by the
server.
4. Accept: The DHCP server will complete the transaction by sending an 'accept' message
and marking the particular IP address for the specific host.
DHCP SERVER- Dynamic host configuration protocol is used to automatically assign

TCP/IP addresses to clients along with the correct subnet mask, default gateway, and
DNS server.
169.254.0.0 -169.254.255.255-APIPA Address
BOOTP- short for Bootstrap Protocol is a UDP network protocol used by a network
client to obtain its IP address automatically. This is usually done during the bootstrap
process when a computer is starting up. The BOOTP servers assign the IP address from a
pool of addresses to each client.
BOOTP/DHCP differencesThere are significant differences in the way in which BOOTP
and DHCP perform host configuration. The following table compares and contrasts the
features of the two protocols that vary.
BOOTP DHCP Designed prior to DHCP. Designed after BOOTP.Intended to configure

diskless workstations with limited boot capabilities. Intended to configure frequently
relocated networked computers (such as portables) that have local hard drives and full
boot capabilities.Dynamic BOOTP has default 30-day expiration on IP address leases.
DHCP has default eight-day expiration on IP address leases.Supports a limited number of
client configuration parameters called vendor extensions. Supports a larger and extensible
set of client configuration parameters called options.Describes a two-phase bootstrap
configuration process, as follows:• Clients contact BOOTP servers to perform address
determination and boot file name selection.• Clients contact Trivial File Transfer Protocol
(TFTP) servers to perform file transfer of their boot image. Describes a single-phase boot
configuration process whereby a DHCP client negotiates with a DHCP server to
determine its IP address and obtain any other initial configuration details it needs for
network operation.BOOTP clients do not rebind or renew configuration with the BOOTP
server except when the system restarts. DHCP clients do not require a system restart to
rebind or renew configuration with the DHCP server. Instead, clients automatically enter
a rebinding state at set timed intervals to renew their leased address allocation with the
DHCP server. This process occurs in the background and is transparent to the user.
ARP (Address Resolution Protocol)Address Resolution Protocol (ARP) is a protocol for

mapping an Internet Protocol address (IP address) to a physical machine address.
RARP (Reverse Address Resolution Protocol)Address Resolution Protocol (ARP) is a

protocol for mapping a physical machine address to Internet Protocol address (IP
address).
DHCP Relay AgentThe DHCP Relay Agent component is a Bootstrap Protocol (BOOTP)
relay agent that relays Dynamic Host Configuration Protocol (DHCP) messages between
DHCP clients and DHCP servers on different IP networks. The DHCP Relay Agent is
compliant with RFC 1542. You cannot use the DHCP Relay Agent component on a
computer running the DHCP service. BOOTP is a host configuration protocol developed
before DHCP that was designed to configure diskless workstations with limited boot
capabilities
RAID types
RAID-0: RAID-0 is called disk "striping". All the data is spread out in chunks across all
the disks in the RAID set. RAID-0 has great performance, because you spread out the
load of storing data onto more physical drives. There is no parity generated for RAID-0.
Therefore there is no overhead to write data to RAID-0 disks. RAID-0 is only good for
better performance, and not for high availability, since parity is not generated for RAID-0
disks. RAID-0 requires at least two physical disks.
RAID-1: RAID-1 is called disk mirroring. All the data is written to at least two separate
physical disks. The disks are essentially mirror images of each other. If one of the disks
fails, the other can be used to retrieve data. Disk mirroring is good for very fast read
operations. It's slower when writing to the disks, since the data needs to be written twice.
RAID-1 requires at least two physical disks.
RAID-5: RAID-5 uses disk striping with parity. The data is striped across all the disks in
the RAID set, along with the parity information needed to reconstruct the data in case of
disk failure. RAID-5 is the most common method used, since it achieves a good balance
between performance and availability. RAID-5 requires at least three physical disks.
How do I Backup Active Directory?
Backing up Active Directory is essential to maintain an Active Directory database. You

can back up Active Directory by using the Graphical User Interface (GUI) and command-
line tools that the Windows Server 2003 family provides.You frequently backup the
system state data on domain controllers so that you can restore the most current data. By
establishing a regular backup schedule, you have a better chance of recovering data when
necessary.To ensure a good backup includes at least the system state data and contents of
the system disk, you must be aware of the tombstone lifetime. By default, the tombstone
is 60 days. Any backup older than 60 days is not a good backup. Plan to backup at least
two domain controllers in each domain, one of at least one backup to enable an
authoritative restore of the data when necessary.
System State Data

Several features in the windows server 2003 family make it easy to backup Active
Directory. You can backup Active Directory while the server is online and other network
function can continue to function.
System state data on a domain controller includes the following components:•
Active Directory system state data does not contain Active Directory unless the server, on
which you are backing up the system state data, is a domain controller. Active Directory
is present only on domain controllers. •
The SYSVOL shared folder:
This shared folder contains Group policy templates and logon scripts. The SYSVOL
shared folder is present only on domain controllers. •
The Registry: This database repository contains information about the computer's
configuration. • System startup files: Windows Server 2003 requires these files during its
initial startup phase. They include the boot and system files that are under windows file
protection and used by windows to load, configure, and run the operating system. •
The COM+ Class Registration database: The Class registration is a database of

information about Component Services applications. •
The Certificate Services database: This database contains certificates that a server
running Windows server 2003 uses to authenticate users. The Certificate Services
database is present only if the server is operating as a certificate server. System state data
contains most elements of a system's configuration, but it may not include all of the
information that you require recovering data from a system failure. Therefore, be sure to
backup all boot and system volumes, including the System State, when you back up your
server.
BOOT PROCESS-XP, 2000, 2003

First is the POST, this stands for Power on Self Test, for the computer. This process tests
memory as well as a number of other subsystems. You can usually monitor this as it runs
each test. After that is complete the system will run POST for any device that has BIOS
(Basic Input-Output System). An AGP has its own BIOS, as do some network cards and
various other devices.Once the POST is complete and the BIOS is sure that everything is
working properly, the BIOS will then attempt to read the MBR (Master Boot Record).
This is the first sector of the first hard drive (called the Master or HD0). When the MBR
takes over it means that Windows is now in control.The MBR looks at the BOOT
SECTOR (the first sector of the active partition). That is where NTLDR is located;
NTLDR is the BOOT LOADER for Windows XP. NTLDR will allow memory
addressing, initiate the file system, read the boot.ini and load the boot menu. NTLDR has
to be in the root of the active partition as do NTDETECT.COM, BOOT.INI,
BOOTSECT.DOS (for multi-OS booting) and NTBOOTDD.SYS (if you have SCSI
adapters)Once XP is selected from the Boot Menu, NTLDR will run NTDETECT.COM,
BOOT.INI and BOOTSECT.DOS to get the proper OS selected and loaded. The system
starts in 16-bit real mode and then moves into 32-bit protected mode.NTLDR will then
load NTOSKRNL.EXE and HAL.DLL. Effectively, these two files are windows XP.
They must be located in %SystemRoot%System32.NTLDR reads the registry, chooses a
hardware profile and authorizes device drivers, in that exact order.At this point
NTOSKRNL.EXE takes over. It starts WINLOGON.EXE that in turn starts LSASS.EXE;
this is the program that displays the Logon screen so that you can logon.Sample Boot.ini
File
This is a sample of a default Boot.ini file from a Windows XP Professional computer.
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP
Professional" /fast detect
=============================================================
TYPES OF WINDOWS 2003
Standard Edition-4 processors with up to 4 GB RAM
Enterprise Edition-eight processors with up to 32 GB memory.
Datacenter Edition-32 processors with up to 64 GB RAM.
Web Edition-supports a maximum of 2 processors with support for a maximum of 2GB
of RAM
The Five IP Address Classes
Class A networks have a beginning octet of 1 - 126.
Class B networks have a beginning octet of 128-191.
Class C networks have a beginning octet of 192 - 223.
Class D networks have a beginning octet of 224 – 239.
Class E networks have a beginning octet of 224.0.0.0 - 255.255.255.255
What are the benefits of using DHCP?
A. DHCP provides the following benefits for administering your TCP/IP-based network:•
Reliable configuration
DHCP avoids configuration errors caused by the need to manually type in values at each
computer. Also, DHCP helps prevent address conflicts caused by a previously assigned
IP address being reused to configure a new computer on the network.•
Reduces configuration management
Using DHCP servers can greatly decrease time spent configuring and reconfiguring
computers on your network. Servers can be configured to supply a full range of
additional configuration values when assigning address leases. These values are assigned
using DHCP options.
The DHCP lease renewal process helps assure that where client configurations need to be
updated often (such as users with mobile or portable computers who change locations
frequently), these changes can be made efficiently and automatically by clients
communicating directly with DHCP servers.
What protocols and ports does DHCP traffic use?

All DHCP traffic uses the User Datagram Protocol (UDP). Messages from the DHCP
client to the DHCP server use UDP source port 68 and UDP destination port 67.
Messages from the DHCP server to the DHCP client use UDP source port 67 and UDP
destination port 68.
Backing up the DHCP databaseMaintaining a backup of the DHCP database protects you
from data loss if the DHCP database is lost (for example, due to hard disk failure) or
becomes corrupted.
There are three backup methods supported by the DHCP Server service:•
Synchronous backups that occur automatically. The default backup interval is 60
minutes.• Asynchronous (manual) backups, performed by using the Backup command on
the DHCP console. For more information about asynchronous backups, see back up the
DHCP database. • Backups using Windows Backup (ntbackup.exe) or non-Microsoft
backup software. For more information about Windows Backup, see Backup.To move a
DHCP database to another serverThis topic provides details on how to move a DHCP
database from one server computer (the source server) to another server computer (the
destination server).
To back up the DHCP database (at the source server)

1. Open DHCP.
2. In the console tree, click the applicable DHCP server.
3. On the Action menu, click Backup.
4. In the Browse for Folder dialog box, select the folder that will contain the backup
DHCP database, and then click OK.
5. Stop the DHCP server. This prevents the server from assigning new address leases to
clients after the database has been backed up.For more information, see Start or stop a
DHCP server.
6. Disable the DHCP Server service in the list of services. This prevents the DHCP server
from starting after the database has been transferred. For more information, see Enable or
disable a service for a hardware profile.
7. Copy the folder that contains the backup DHCP database to the destination
Group policy- is a feature of Microsoft Windows NT family of operating systems that

provides centralized management and configuration of computers and remote users in an
Active Directory environment
DNS Query Process
A DNS query is the process of a computer or networking device making an inquiry to get
an IP address for a DNS name such as w3.org The client computer will send a DNS query
to one of their internet service provider's DNS servers. The DNS server looks in it's DNS
database to tell whether it can answer the query authoritatively. If the DNS server can
answer authoritatively, the DNS server answers the query and the DNS query process is
complete.
If the server cannot answer the query authoritatively it will look in its DNS cache of
previous queries. If the DNS server finds a matching entry in its cache, it will answer the
query with a non-authoritative answer based on the information in its cache and the DNS
query process is complete.
If the ISP DNS server did not have the DNS information in its DNS database or its DNS
cache the DNS query process will use recursion to complete the DNS query. The ISP
DNS server will use its root hints file to find information to contact other DNS servers.
The root hints file specified DNS servers that are authoritative for the DNS domain root
and top level domains in the DNS system. This includes the .com, .org, .net, .gov and
other domain types. If the query is for www.w3.org the ISP DNS server would contact an
authorititative server for the top level "org" domain and send an iterative query to the org
DNS server asking for information about the authoritative server for w3.org. The org
domain DNS server responds with the the nameserver information including IP address
of the nameserver for w3.org. Then the ISP DNS server sends a query to the w3.org DNS
server asking for the IP address of www.w3c.org. The w3.org DNS server sends an
authoritative answer back to the ISP DNS server which is cached in the ISP DNS server
cache and also sent to the client computer.
If another client computer later does a request for information about www.w3.org the ISP
DNS server has the information in its cache and will not neet to ask other DNS servers
for additional information.
===============================================================
==============
comments (0)
TOP
2:42 AM
Frequently Asked Questions for Windows Servers and

clustering with answers
Posted by kalil
============================================
Download this doc:
http://u-1l4bipltl.urlcash.org
=============================================
Q. What are Most Frequently Asked Questions?

A.
· How do I know if my Server cluster is a supported configuration?
· How many servers can there be in a single cluster?
· How do I benefit from more than two nodes in a cluster?
· Are dynamic disks supported in a cluster?
· Can a cluster disk be extended without rebooting?
· How can I replace a disk that has gone bad in a cluster?
· Why is zoning needed to isolate a Server cluster in a SAN?
· Can a cluster server boot from a SAN?
· Is Kerberos authentication possible for services hosted on a cluster?
· Is IIS cluster-aware?
· Can Server clusters span multiple sites?
· Will Microsoft provide a cluster file system?
Introduction to Server Clusters

Q. What is a Server Cluster?
A. A Server cluster is a collection of independent servers that together provide a single,
highly available platform for hosting applications
Q. What are the benefits of Server clusters?
A. There are three primary benefits to server clustering: availability, manageability, and
scalability:
Availability:
Server clusters provide a highly available platform for deploying applications. A Server
cluster ensures that applications continue to run in the event of planned downtime due to
maintenance or unplanned downtime due to failures. Server clusters protect against
hardware failures, failures of the Windows operating system, device drivers or
application software. Server clusters allow operating system and application software to
be upgraded across the cluster without having to take down the application.
Manageability:
Server clusters allow administrators to quickly inspect the status of all cluster resources
and move workloads around onto different servers within the cluster. This is useful for
manual load balancing, and to perform "rolling updates" on the servers without taking
important data and applications offline.
Scalability:
Applications that can be partitioned can be spread across the servers of a cluster allowing
additional CPU and memory to be applied to a problem. As the problem size increases,
additional servers can be added to the cluster. A partitioned application is one where the
data (or function) can be split up into independent units. For example, a customer
database could be split into two units, one covering customers with names beginning A
thru L and the other for customers with names beginning M thru Z.
Q. What are Server clusters used for?

A. Server clusters provide a highly available platform for mission critical, line of
business applications. These typically include database servers (such as Microsoft SQL
Server), mail and collaboration servers (such as Exchange Server) and infrastructure
servers such as file servers and print servers.
Q. Is Server cluster the same as Microsoft Cluster Server (MSCS) and/or Wolfpack?
A. The code name for the original Server cluster project was Wolfpack. When the
product was released as part of Microsoft Windows NT 4.0 Enterprise Edition it was
named Microsoft Cluster Server or MSCS. In Microsoft Windows 2000, the official name
of the product became Server cluster.
Q. How do Server clusters fit into the larger Windows high availability story?
A. Server clusters are part of a much larger story for highly available applications
running on Microsoft products. Windows has two cluster technologies, server clusters
and Network Load Balancing (NLB). Server clusters are used to ensure that stateful
applications such as a database (e.g., SQL Server) can be kept highly available by failing
over the application from one server to another in the event of a failure. NLB is used to
distribute client requests across a set of identical servers. NLB is particularly useful for
ensuring that stateless applications such as a web server (e.g., IIS) are highly available
and can be scaled-out by adding additional servers as the load increases.
In addition, Microsoft Application Center 2000 includes Component Load Balancing
(CLB) CLB is a technology used to ensure COM+ applications are highly available and
can scale-out.
The Windows platform also uses other technologies to ensure high availability and
scalability. For example, Active Directory is made highly available through replication of
the directory contents across a set of domain controllers.
Q. What is Scale-up verses Scale-out?
A. Scale-up is a term used to describe the scalability provided by large symmetric multi-
processing (SMP) systems. As the load increases, more processors and more memory can
be added to a single server, increasing the processing power and memory available for
applications. Windows 2000 Datacenter Server and Windows Server 2003 Datacenter
Edition provide the support for scaling up to large computers with many CPUs and large
physical memory. In a scale-out environment, Server clusters are deployed to ensure that
the failure of the server does not cause the applications or services to fail. Scale-up is
typically done for either hosting large applications that cannot be partitioned, or to
consolidate a set of applications into a single server (or small number of servers in the
case of a server cluster).
Scale-out is a term used to describe the idea that an application can be scaled by
partitioning the workload and spreading it across a set of cooperating servers. If the load
increases, additional servers can be added to the set to provide additional processing
power and memory.
Server clusters are particularly useful for enhancing the availability of applications that
can be scaled out across a set of nodes by allowing the individual pieces or partitions of a
scale-out solution to be made highly available via failover.
Q. Is Server cluster a standard feature of all Windows operating system products?
A. Server clusters are not available in all Windows operating system products. Server
clusters are available in:
· Windows NT Server, Enterprise Edition
· Windows 2000 Advanced Server and Datacenter server
· Windows Server 2003 Enterprise Edition and Datacenter Edition
· Windows Server 2003, 64 bit Enterprise Edition and Datacenter Edition
Server clusters are also available as part of the Server Appliance Kit, available to OEMs
for building embedded solutions based on the Windows operating system.
Q. How do I know if my Server cluster is a supported configuration?
A. All server clusters must be qualified to be supported by Microsoft. A qualified
configuration has undergone extensive testing using a hardware compatibility test
provided by Microsoft. All qualified solutions appear on the Microsoft Hardware
Compatibility List (HCL) (http://go.microsoft.com/fwlink/?LinkID=67738). Only cluster
solutions listed on the HCL are supported by Microsoft.
The complete cluster solution must be listed on the Cluster HCL list. The complete
solution includes the servers, the storage adapters, the interconnect type, the storage
controllers firmware and driver versions. All of the components must match exactly,
including any software, driver or firmware versions for the solution to be qualified.
The HCL contains a set of qualified cluster components. A solution built from qualified
components does NOT imply that the solution is qualified.
The cluster component lists have been a source of confusion in the past and we will be
removing the cluster component lists (such as Cluster/RAID) from the HCL for Windows
Server 2003.
Q. Where are supported configurations listed?
A. All qualified solutions appear on the Microsoft Hardware Compatibility list (HCL)
(http://go.microsoft.com/fwlink/?LinkID=67738). Only cluster solutions listed on the
HCL are supported by Microsoft.
Q. Where can I find more documentation on Server clusters?
A. Server clusters are extensively covered in the online help in Windows 2000 and
Windows Server 2003. Additional information can be found on the Microsoft web site at:
· http://go.microsoft.com/fwlink/?LinkID=67742
Availability
Q. Can Server clusters provide zero downtime for applications?
A.
· No. Server clusters can dramatically reduce planned and unplanned downtime.
However, even with Server clusters, a server could still experience downtime from the
following events:
· Failover time: If a Server cluster recovers from a server or application failure, or if it is
used to move applications from one server to another, the application(s) will be
unavailable for a non-zero period of time (typically under a minute).
· Failures from which Server clusters can not recover: There are types of failure that
Server clusters do not protect against, such as loss of a disk not protected by RAID, loss
of power when a UPS is not used, or loss of a site when there is no fast-recovery disaster
recovery plan. Most of these can be survived with minimal downtime if precautions are
taken in advance.
· Server maintenance that requires downtime: Server clusters can keep applications and
data online through many types of server maintenance, but not all (for example: installing
a new version of an application which has a new on-disk data format that requires
reformatting preexisting data).
Microsoft recommends that clusters be used as one element in customers' overall
programs to provide high integrity and high availability for their mission-critical server-
based data and applications.
Q. Which types of applications and services benefit from Server clustering?
A. There are three types of server applications that will benefit from Server clusters:
1. "In the box" services provided by the Windows platform: For example: File shares,
print queues, Microsoft Message Queue Server (MSMQ) services, and Component
Services (formerly known as Transaction Server) services.
2. Generic applications: Server clusters include a point-and-click wizard for setting up
any well-behaved server application for basic error detection, automatic recovery, and
operator-initiated management (e.g., move from one server to the other). A "well
behaved" server application is one which keeps a recoverable state on cluster disk(s), and
whose client can gracefully handle a pause in service as the application is automatically
re-started.
3. Cluster-aware applications: Software vendors test and support their application
products on Server clusters.
Manageability and Deployment
Q. Do Server clusters provide a single image view for administration?
A. Yes, Server clusters provide administrators with a graphical interface (Cluster
Administrator) and a command line tool (Cluster.exe available on Windows 2000 and
Windows Server 2003) from which they can monitor and manage all of the resources in a
cluster as if it was a single system. The administrator can:
· monitor the status of all servers and applications in the cluster
· setup new applications, file shares, print queues, etc. for high availability
· administer the recovery policies for applications and resources
· take applications offline, bring them back online, and move them from one server to
another
The ability to graphically move workload from one server to another with only a
momentary pause in service (typically less than a minute), means administrators can
easily unload servers for planned maintenance without taking important data and
applications offline for long periods of time.
Q. Can Server clusters be managed remotely?
A. Yes, an authorized cluster administrator can run Cluster Administrator from any
Windows NT or Windows 2000 Workstation or Server, any Windows XP machine or any
Windows Server 2003 on the network. The cluster.exe command line tool can be run
remotely from any Windows 2000 Workstation or Server, any Windows XP machine or
any Windows Server 2003 on the network.
Q. Can Server clusters be setup and configured remotely?
A. Yes, with Windows Server 2003, Cluster administrator and the cluster.exe command
line tool can also be used to remotely setup and configure a Server cluster (e.g., create a
new cluster, add a new server to an existing cluster or remove servers from a cluster).
Q. Is the server cluster software installed by default?
A. On Windows NT and Windows 2000, the Server cluster software is not installed by
default. On Windows NT you must install the Enterprise Edition CD. With Windows
2000, you must install the Server cluster software using the optional component
management tool.
With Windows Server 2003, the Server cluster software is installed by default on
Enterprise Edition and Datacenter Edition. The cluster software is NOT configured by
default and will not start until the server is either used to create a new cluster or the server
is added to an existing cluster. In Windows Server 2003, you must use Cluster
Administrator or the Cluster.exe command line tool to configure a cluster.
Q. Can a Server cluster be installed and configured using unattended installs?
A. Yes, to perform an unattended installation for a Windows 2000 Cluster using an
Uttend.txt file, please consult the Windows 2000 Deployment Guide located on the
Windows 2000 CD-ROM in the following location: %CDROM
%\SUPPORT\TOOLS\DEPLOY.CAB\Unattend.doc
Additional information can be found in article 176507 in the Microsoft Knowledge Base
(http://go.microsoft.com/fwlink/?LinkID=67745).
Q. Do applications have to be installed separately on all the cluster servers?
A. It depends on the application. Each application that can be failed over between servers
in a cluster must be available on all servers in the cluster. Historically, application setup
has not been cluster-aware and therefore the application must be installed separately on
each server.
With more recent versions of some applications, for example SQL Server 2000, the
application setup is aware of Server clusters. In the case of Microsoft SQL Server 2000
setup, the appropriate files are copied to all servers and registry settings and other SQL
Server configuration is done just once.
Q. How can I take advantage of extensibility features of ISA Server?
A. A number of third-party vendors offer solutions such as virus detection, content
filtering, site categorization, reporting, and administration. Customers and developers
also have the ability to create their own extensions to ISA Server. ISA Server includes a
comprehensive software development kit for developing tools that build on ISA Server
firewall, caching, and management features.
Q. Are cluster management operations scriptable?
A. Yes, there are a number of options for scripting management operations:
· The Cluster.exe command line tool allows command files to be built that can change the
state of cluster resources, move resources around etc.. For more information about the
command line, see the online help or type cluster at the command line on a server that has
Server clusters installed or has the Windows server admin pack installed.
· In Windows 2000 and Windows Server 2003, there is a scriptable COM interface to the
Server cluster APIs. This allows VBScript or any other scripting language supported by
Windows to call the cluster APIs. These APIs provide a way to change the state of the
cluster as well as return data about the resources or applications in a cluster. For more
information about the cluster server APIs, see the Platform SDK, it has comprehensive
documentation for the cluster APIs and the COM (automation server) APIs.
· In Windows Server 2003, there is a WMI provider for Server clusters that allows WMI
scripts to manage the cluster. For more information about the cluster server WMI
schema, see the Platform SDK.
Q. Can command line tools be used to manage a cluster?
A. Yes, Server clusters have a command line tool cluster.exe that can be used to manage
the cluster. With Windows Server 2003, this command line tool can also be used to create
new clusters, add servers to existing clusters and remove servers from clusters. Almost all
of the functionality provided by Cluster Administrator is available through cluster.exe in
Windows Server 2003.
Q. Is WMI supported for managing a cluster?
A. Yes, in Windows Server 2003, there is a WMI provider that allows a Server cluster to
be managed. In addition, all the Server cluster events (such as server up and server down,
resource online, offline, failed etc.) are available through WMI events.
Q. Does Server clusters support WMI eventing?
A. Yes, in Windows Server 2003, all of the Server cluster events (such as server up and
server down, resource online, offline, failed etc.) are available through WMI events.
Q. Can Group Policy be used on cluster servers?
A. You can apply Group Policy to cluster servers. There are a few things to remember.
Applications failover from one server to another in a cluster and will typically expect the
same policies to be in effect no matter where they are hosted. You should ensure that all
cluster servers have the same set of group policies applied to them.
With Windows Server 2003 and Windows 2000 SP3 onwards, virtual servers can be
published in active directory. You should NOT apply group policies to a virtual server
computer object. The policy will only be applied to the server that is currently hosting the
virtual server and all policy settings may be lost if the application fails over.
Q. Is Systems Management Server (SMS) supported for deploying applications in a
Server cluster?
A. No, at this time, SMS is not supported for deploying applications across a cluster.
Q. Is Application Center 2000 supported on a Server cluster?
A. No, Application Center 2000 provides a set of features that are intended for managing
servers hosting web server front-end and middle-tier business logic. Server clusters are
typically deployed to ensure high availability of the back-end database engine.
Q. Are MOM management packs available for monitoring Server clusters?
A. No, at this time, there are no server-aware MOM management packs.
Q. How do server clusters help administrators perform rolling upgrades?
A. With Server clusters, server administrators no longer have to do all of their
maintenance within those rare windows of opportunity when no users are online. Instead,
they can simply wait until a convenient off-peak time when one of the servers in the
cluster can be removed for maintenance and the workload distributed across the other
cluster servers. By pointing-and-clicking in Cluster Administrator (or using scripts) to
move all of the workload onto other servers, one of the servers in the cluster can be
upgraded. Once the upgrade is complete and tested, that server can be rebooted where it
will automatically re-join the cluster, ready for work. When convenient, the administrator
repeats the process to perform maintenance on the other servers in the cluster. This ability
to keep applications and data online while performing server maintenance is often
referred to as doing "rolling upgrades" to your servers.
Server clusters allows rolling upgrades for a new release and the previous version.
Q. What combination of Windows versions supports rolling upgrades?
A. Server clusters allow rolling upgrades for a new release and the previous version. The
following rolling upgrades are supported:
· Windows NT Enterprise Edition to Windows 2000
· Windows 2000 to Windows Server 2003
Q. Can I manage different versions of Server cluster from a single Cluster Administrator
tool?
A. Yes, the Server cluster tools allow a mixed version cluster to be managed from a
single point. During a rolling upgrade, a cluster may contain different versions of the
operating system. As an example Windows 2000 and Windows Server 2003 can co-exist
in the same cluster. The administration tools provided with Windows Server 2003 allow
such a mixed-version cluster to be managed.
Q. Are there other manageability benefits with Server clusters?
A. Server clusters allow administrators to quickly inspect the status of all cluster
resources, and move workload around onto different servers within the cluster. This is
useful for manual load balancing, and to perform "rolling updates" on the servers without
taking important data and applications offline.
Scalability (Server Clusters: Frequently Asked Questions for Windows 2000 and
Windows Server 2003)
Q. Do Server clusters enhance server scalability?
A. The primary goal of Server clusters is to provide a highly available platform for
applications.
There are some types of applications which can be scaled-out to take advantage of a set
of machines. More machines can be added to the set to increase the CPU or memory
available to the application. Applications of this type are typically scaled by partitioning
the data set. For example, a SQL Server database may be scaled out by partitioning the
database into pieces and then using database views to give the client applications the
illusion of a single database.
Server clusters do not provide facilities to partition or scale-out an application; however,
Server clusters allow such applications to be scaled-out in a highly available
environment. Each of the partitions can be failed over independently within the set of
machines (or to additional spare nodes) so that in the event of failure, a partition of the
application remains available.
Q. Do Server clusters provide load balancing of applications?
A. Server clusters provide a manual load balancing mechanism. Applications can be
moved around the servers of a cluster to distribute the load.
There are no automated tools provided with the operating system to automatically load
balance applications and no enhanced failover policies that use load to determine the best
placement for an application.
Server cluster Concepts (Server Clusters: Frequently Asked Questions for Windows 2000
and Windows Server 2003)
Q. What hardware do you need to build a Server cluster?
A. The most important criteria for Server cluster hardware is that it be included in a
validated Cluster configuration on the Microsoft Hardware Compatibility List (HCL),
indicating it has passed the Microsoft Cluster Hardware Compatibility Test. All qualified
solutions appear on the Microsoft HCL (http://go.microsoft.com/fwlink/?linkid=67738).
Only cluster solutions listed on the HCL are supported by Microsoft.
In general, the criteria for building a server cluster include the following:
· Servers: Two or more PCI-based machines running one of the operating system releases
that support Server clusters (see below). Server clusters can run on all hardware
architectures supported by the base Windows operating system, however, you cannot mix
32-bit and 64-bit architectures in the same cluster.
· Storage: Each server needs to be attached to a shared, external storage bus(es) that is/are
separate from the bus containing the system disk, the startup disk or the pagefile disk.
Applications and data are stored on one or more disks attached to this bus. There must be
enough storage capacity on the shared cluster bus(es) for all of the applications running in
the cluster environment. This shared storage configuration allows applications to failover
between servers in the cluster.
Microsoft recommends hardware Redundant Array of Inexpensive Disks (RAID) for all
cluster disks to eliminate disk drives as a potential single point of failure. This means
using a RAID storage unit, a host-based RAID adapter that implements RAID across
disks, etc.
SCSI is supported for 2-node cluster configurations only. Fibre channel arbitrated loop is
supported for 2-node clusters only. Microsoft recommends using fibre channel switched
fabrics for clusters of more than two nodes.
· Network: Each server needs at least two network cards. Typically, one is the public
network and the other is a private network between the two nodes. A static IP address is
needed for each group of applications that move as a unit between nodes. Server clusters
can project the identity of multiple servers from a single cluster by using multiple IP
addresses and computer names: this is known as a virtual server.
Q. What is a cluster resource?
A. A cluster resource is the lowest level unit of management in a Server cluster. A
resource represents a physical object or an instance of running code. For example, a
physical disk, an IP address, an MSMQ queue, a COM object all of these things are
considered to be resources. From a management perspective, resources can be
independently started and stopped and each is monitored to ensure that it is healthy.
Server cluster can monitor any arbitrary resource type. This is possible because Server
clusters define a resource plug-in model. Each resource type has an associated resource
plug-in or resource dll that is used to start, stop and provide health information that is
specific to the resource type. For example, starting and stopping SQL Server is different
from starting and stopping a physical disk. The resource dll takes care of the differences.
Application developers and system administrators can build new resource dlls for their
applications that can be registered with the cluster service.
Server clusters provides some generic plug-ins that can be used to make existing
applications cluster-aware very quickly, known as Generic Service and Generic
Application. With Windows Server 2003, a Generic Script resource plug-in was added
that allows the resource dll to be written in any scripting language supported by the
Windows operating system.
Q. What is a resource dependency?
A. A complete application actually consists of multiple pieces or multiple resources,
some pieces are code and others are physical resources required by the application. The
resources are related in different ways; for example, an application that writes to a disk
cannot come online until the disk is online. If the disk fails, then, by definition, the
application cannot continue to run since it writes to the disk. Resource dependencies can
be defined by the application developer or system administrator to capture these
relationships. Resource dependencies define the order that resources are brought online
and control how failures are propagated to the various pieces of the application.
Q. What is a resource group?
A. A resource group is a collection of one or more resources that are managed and
monitored as a single unit. A resource group can be started or stopped. If a resource
group is started, each resource in the group is started (taking into account any start order
defined by the dependencies between resources in the group). If a resource group is
stopped, all of the resources in the group are stopped. Dependencies between resources
cannot span a group. In other words, the set of resources within a group is an autonomous
unit that can be started and stopped independently from any other group. A group is a
single, indivisible unit that is hosted on one server in a Server cluster at any point in time
and it is the unit of failover.
Q. Can I have dependencies between resources in different groups?
A. No, resource dependencies are confined to a single group.
Q. What is a virtual server?
A. A virtual server is a resource group that contains an IP address resource and a network
name resource. When an application is hosted in a virtual server, the application can be
accessed by clients using the IP address or network name in that resource group. As the
resource group fails over across the cluster, the IP address and network name remain the
same, therefore the client becomes unaware of the physical location of the application
and will continue to work in the event of a failure of one of the servers in the cluster.
Q. How can I take advantage of extensibility features of ISA Server?
A. A number of third-party vendors offer solutions such as virus detection, content
filtering, site categorization, reporting, and administration. Customers and developers
also have the ability to create their own extensions to ISA Server. ISA Server includes a
comprehensive software development kit for developing tools that build on ISA Server
firewall, caching, and management features.
Q. What is failover?
A. Server clusters monitor the health of the nodes in the cluster and the resources in the
cluster. In the event of a server failure, the cluster software re-starts the failed server's
workload on one or more of the remaining servers. If an individual resource or
application fails (but the server does not), Server clusters will typically try to re-start the
application on the same server; if that fails, it moves the application's resources and re-
starts it on the other server. The process of detecting failures and restarting the
application on another server in the cluster is known as failover.
The cluster administrator can set various recovery policies such as whether or not to re-
start an application on the same server, and whether or not to automatically "failback"
(re-balance) workloads when a failed server comes back online.
Q. Is failover transparent to users?
A. Server clusters do not require any special software on client computers, so the user
experience during failover depends on the nature of the client side of their client-server
application. Client reconnection can be made transparent, because the Server clusters
software has restarted the applications, file shares, etc. at exactly the same IP address.
If a client is using "state-less" connections such as a standard browser connection, then
the client would be unaware of a failover if it occurred between server requests. If a
failure occurs while a client is connected to the failed resource, then the client will
receive whatever standard notification is provided by the client side of their application
when the server side becomes unavailable. This might be, for example, the standard
"Abort, Retry, or Cancel?" prompt you get when using the Windows Explorer to
download a file at the time a server or network goes down. In this case, client
reconnection is not automatic (the user must choose "Retry"), but the user is fully
informed of what is happening and has a simple, well-understood method of re-
establishing contact with the server. Of course, in the meantime, the cluster service is
busily re-starting the service or application so that, when the user chooses "Retry", it re-
appears as if it never went away.
Q. What is failback?
A. In the event of the failure of a server in a cluster, the applications and resources are
failed over to another node in the cluster. When the failed node rejoins the cluster (after
reboot for example), that node now is free to be used by applications. A cluster
administrator can set policies on resources and resource groups that allow an application
to automatically move back to a node if it becomes available, thus automatically taking
advantage of a node rejoining the cluster. These policies are known as failback policies.
You should take care when defining automatic failback policies since depending on the
application, automatically moving the application (which was working just fine) may
have undesirable consequences on the clients using the applications.
Q. When an application restarts after failover, does it restore the application state at the
time of failure?
A. No, Server clusters provide a fast crash restart mechanism. When an application is
failed over and restarted, the application is restarted from scratch. Any persistent data
written out to a database or to files is available to the application, but any in-memory
state that the application had before the failover is lost.
Q. At what level does failover exist?
A. At the resource group level.
Q. What is a Quorum Resource and how does it help Server clusters provide high
availability?
A. Server clusters require a quorum resource to function. The quorum resource, like any
other resource, is a resource which can only be owned by one server at a time, and for
which servers can negotiate for ownership. Negotiating for the quorum resource allows
Server clusters to avoid "split-brain" situations where the servers are active and think the
other servers are down. This can happen when, for example, the cluster interconnect is
lost and network response time is problematic. The quorum resource is used to store the
definitive copy of the cluster configuration so that regardless of any sequence of failures,
the cluster configuration will always remain consistent.
Q. What is active/active verses active/passive?
A. Active/Active and Active/Passive are terms used to describe how applications are
deployed in a cluster. Unfortunately, they mean different things to different people and so
the terms tend to cause confusion.
From the perspective of a single application or database:
· Active/Active means that the same application or pieces of the same service can be run
concurrently on different nodes in the cluster. For example SQL Server 2000 can be
configured such that the database is partitioned and each node can be running a single
instance of the database. SQL Server provides the notion of views to provide a single
image of the entire database.
· Active/Passive means that only one node in the cluster can be hosting the given
application. For example, a single file share is active/passive. Any given file share can
only be hosted on one node at a time.
From the perspective of a set of instances of an application or service:
· Active/Active means that different instances of the same application can be running
concurrently on different cluster nodes. For example, each node in a cluster can be
running SQL Server against a different database. A single cluster can support many file
shares that are hosted on the nodes in a cluster concurrently.
· Active/Passive means that only one instance of a service can be running anywhere in the
cluster. For example, there must only be a single instance of the DHCP service running in
the cluster at any point in time.
From the perspective of the cluster:
· Active/Active means that all nodes in the cluster are running applications. These may be
multiple instances of the same application or different applications (for example, in a 2-
node cluster, WINS may be running on one node and DHCP may be running on the other
node).
· Active/Passive means that one of the cluster nodes is spare and not being used to host
applications.
Server clusters support all of these different combinations; the terms are really about how
specific applications or sets of applications are deployed.
With the advent of more than two servers in a cluster, starting with Windows 2000
Datacenter, the term active/active is confusing because there may be four servers. When
there are multiple servers, the set of options available for deployment becomes more
flexible, allowing different configurations such as N+I.
Q. How do I benefit from more than two nodes in a cluster?
A. Failover is the mechanism that instance applications and the individual partitions of a
partitioned application typically employ for high availability (the term Pack has been
coined to describe a highly available, single instance application or partition).
In a 2-node cluster, defining failover policies is trivial. If one node fails, the only option
is to failover to the remaining node. As the size of a cluster increases, different failover
policies are possible and each one has different characteristics.
Failover Pairs
In a large cluster, failover policies can be defined such that each application is set to
failover between two nodes. The simple example below shows two applications App1
and App2 in a 4-node cluster.
Figure 1: Failover pairs

Configuration has pros and cons:
Pro
Good for clusters that are supporting heavy-weight1 applications such as databases. This
configuration ensures that in the event of failure, two applications will not be hosted on
the same node.
Pro
Very easy to plan capacity. Each node is sized based on the application that it will need to
host (just like a 2-node cluster hosting one application).
Pro
Effect of a node failure on availability and performance of the system is very easy to
determine.
Pro
Get the flexibility of a larger cluster. In the event that a node is taken out for
maintenance, the buddy for a given application can be changed dynamically (may end up
with standby policy below).
Con
In simple configurations such as the one above, only 50% of the capacity of the cluster is
in use.
Con
Administrator intervention may be required in the event of multiple failures.
1 A heavy-weight application is one that consumes a significant number of system

resources such as CPU, memory or IO bandwidth.
Failover pairs are supported by server clusters on all versions of Windows by limiting the
possible owner list for each resource to a given pair of nodes.
Hot-Standby Server
To reduce the overhead of failover pairs, the spare node for each pair may be
consolidated into a single node, providing a hot standby server that is capable of picking
up the work in the event of a failure.
Figure 2: Standby Server

Pro
Good for clusters that are supporting heavy-weight applications such as databases. This
configuration ensures that in the event of a single failure, two applications will not be
hosted on the same node.
Pro
host, the spare is sized to be the maximum of the other nodes.
Pro
determine.
Con
Configuration is targeted towards a single point of failure.
Con
Does not really handle multiple failures well. This may be an issue during scheduled
maintenance where the spare may be in use.
Server clusters support standby servers today using a combination of the possible owners
list and the preferred owners list. The preferred node should be set to the node that the
application will run on by default and the possible owners for a given resource should be
set to the preferred node and the spare node.
N+I
Standby server works well for 4-node clusters in some configurations, however, its ability
to handle multiple failures is limited. N+I configurations are an extension of the standby
server concept where there are N nodes hosting applications and I nodes spare.
Figure 3: N+I Spare node configuration

Pro
Good for clusters that are supporting heavy-weight applications such as databases or
Exchange. This configuration ensures that in the event of a failure, an application
instance will failover to a spare node, not one that is already in use.
Pro
host.
Pro
determine.
Pro
Configuration works well for multiple failures.
Con
Does not really handle multiple applications running in the same cluster well. This policy
is best suited to applications running on a dedicated cluster.
Server cluster supports N+I scenarios in the Windows Server 2003 release using a cluster
group public property AntiAffinityClassNames. This property can contain an arbitrary
string of characters. In the event of a failover, if a group being failed over has a non-
empty string in the AntiAffinityClassNames property, the failover manager will check all
other nodes. If there are any nodes in the possible owners list for the resource that are
NOT hosting a group with the same value in AntiAffinityClassNames, then those nodes
are considered a good target for failover. If all nodes in the cluster are hosting groups that
contain the same value in the AntiAffinityClassNames property, then the preferred node
list is used to select a failover target.
Failover Ring
Failover rings allow each node in the cluster to run an application instance. In the event
of a failure, the application on the failed node is moved to the next node in sequence.
Figure 4: Failover Ring

Pro
Good for clusters that are supporting several small application instances where the
capacity of any node is large enough to support several at the same time.
Pro
Effect on performance of a node failure is easy to predict.
Pro
Easy to plan capacity for a single failure.
Con
Configuration does not work well for all cases of multiple failures. If one Node 1 fails,
Node 2 will host two application instances and Nodes 3 and 4 will host one application
instance. If Node 2 then fails, Node 3 will be hosting three application instances and
Node 4 will be hosting one instance
Con
Not well suited to heavy-weight applications since multiple instances may end up being
hosted on the same node even if there are lightly-loaded nodes.
Failover rings are supported by server clusters on the Windows Server 2003 release. This
is done by defining the order of failover for a given group using the preferred owner list.
A node order should be chosen and then the preferred node list should be set up with each
group starting at a different node.
Random
In large clusters or even 4-node clusters that are running several applications, defining
specific failover targets or policies for each application instance can be extremely
cumbersome and error prone. The best policy in some cases is to allow the target to be
chosen at random, with a statistical probability that this will spread the load around the
cluster in the event of a failure.
Pro
Good for clusters that are supporting several small application instances where the
capacity of any node is large enough to support several at the same time.
Pro
Does not require an administrator to decide where any given application should failover
to.
Pro
Provided that there are sufficient applications or the applications are partitioned finely
enough, this provides a good mechanism to statistically load balance the applications
across the cluster in the event of a failure.
Pro
Configuration works well for multiple failures.
Pro
Very well tuned to handling multiple applications or many instances of the same
application running in the same cluster well.
Con
Can be difficult to plan capacity. There is no real guarantee that the load will be balanced
across the cluster.
Con
Effect on performance of a node failure is not easy to predict.
Con
Not well suited to heavy-weight applications since multiple instances may end up being
hosted on the same node even if there are lightly-loaded nodes.
The Windows Server 2003 release of server clusters randomizes the failover target in the
event of node failure. Each resource group that has an empty preferred owners list will be
failed over to a random node in the cluster in the event that the node currently hosting it
fails.
Customized control
There are some cases where specific nodes may be preferred for a given application
instance.
Pro
Administrator has full control over what happens when a failure occurs.
Pro
Capacity planning is easy, since failure scenarios are predictable.
Con
With many applications running in a cluster, defining a good policy for failures can be
extremely complex.
Con
Very hard to plan for multiple cascaded failures.
Server clusters provide full control over the order of failover using the preferred node list
feature. The full semantics of the preferred node list can be defined as:
Preferred Node List

Move group to best possible initiated via administrator
Failover due to node or group failure
Contains all nodes in cluster
Group is moved to highest node in preferred node list that is up and running in the
cluster.
Group is moved to the next node on the preferred node list.
Contains a subset of the nodes in the cluster
Group is moved to highest node in preferred node list that is up and running in the
cluster.
If no nodes in the preferred node list are up and running, the group is moved to a random
node.
Group is moved to the next node on the preferred node list.
If the node that was hosting the group is the last on the list or was not in the preferred
node list, the group is moved to a random node.
Empty
Group is moved to a random node.
Group is moved to a random node.
Q. How many resources can be hosted in a cluster?

A. The theoretical limit for the number of resources in a cluster is 1,674; however, you
should be aware that the cluster service periodically polls the resources to ensure they are
alive. As the number of resources increases, the overhead of this polling also increases.
Server Requirements
Q. How many servers can be clustered?
A. The number of servers in a Server cluster is dependent on the Windows product and
the Windows release. The following table lists the server sizes:
Windows Operating System

Maximum number of servers
Windows NT Enterprise Edition
2
Windows 2000 Advanced Server
2
Windows 2000 Datacenter Server
4
Windows Server 2003 Enterprise Edition
8
Windows Server 2003 Datacenter Edition
8
Q. Is it necessary that the servers in a Server cluster be identical?

A. The cluster hardware compatibility test does not require that all the servers in a
qualified cluster be identical. As cluster sizes increase and therefore the investment in
hardware increases, it is likely that different types of servers will appear in a single
cluster.
The qualification process and the listing process are being improved to allow
heterogeneous solutions to be more easily defined and qualified. This is particularly
important to OEMs where server families change relatively often and therefore the
additional qualification passes required increases dramatically with the current process.
The server itself has never been an issue during qualification, it is typically the HBA or
other piece of the storage subsystem, and therefore there is no real reason to mandate
exact servers in a given qualified solution.
Q. Can 32-bit servers and 64-bit servers be mixed in the same Server cluster?
A. No, a single Server cluster must contain all 32-bit servers or all 64-bit servers.
Q. Can I use any of my servers to make a Server cluster?
A. All qualified solutions appear on the Microsoft Hardware Compatibility list (HCL)
(http://go.microsoft.com/fwlink/?linkid=67738). Only cluster solutions listed on the HCL
are supported by Microsoft. You can use any servers that are listed as part of a
configuration to build a complete solution.
Interconnects
Q. What types of networks are required for cluster interconnects?
A. The network interface controllers along with any other components used in certified
cluster configurations must have the Windows logo and appear on the Microsoft
Hardware Compatibility List. The interconnect itself must support TCP/IP and UDP
traffic and must appear as a single, non-routed LAN segment or subnet.
Q. Do Server clusters support high-bandwidth, low latency interconnects through
WinSock direct?
A. The Server cluster code itself does not use WinSock direct path for intra-cluster
communication. All communication between cluster nodes is over TCP/IP or UDP.
Server clusters can use, but may not take advantage of any high-bandwidth, low latency
connection between nodes that looks like a standard NDIS network adapter.
Q. How many network adapters should a cluster server have?
A. The cluster nodes must be connected by two or more independent networks in order to
avoid a single point of failure. The use of two local area networks (LANs) is required.
Cluster configurations that have only one network are not supported. At least 2 networks
must be configured for cluster communications. Typically, one network is a private
network, configured for cluster communications only and the other is a public network,
configured for both client access and cluster communications.
Q. Can a cluster support multiple adapters configured as public?
A. Yes, however, there are a couple of caveats:
· Each network adapter must be on a different subnet.
· You can create different IP address resources that can be associated with different
adapters; however, there is no way to make a resource or application dependent on the
two networks so that if one fails, the application will continue to be available. In Server
clusters, the dependencies must all be online for the dependent application to be online.
For future versions of the cluster technology, we are working on a feature to allow more
flexible dependencies such as: a resource can depend on A OR B for it to be online.
Q. Can a cluster support multiple private networks?
A. Yes.
Q. Why do I see heartbeat packets on the networks marked as client-only?
A. In Windows 2000 and beyond, the Server cluster software heartbeats through the
public network as well as the private network regardless of the configuration of the public
network. This is to ensure that the cluster service can detect failures of the public network
adapters and can failover an application if the node currently hosting it cannot
communicate with the outside world.
Q. How should the different networks be configured?
A. The cluster nodes must be connected by two or more independent networks in order to
avoid a single point of failure. The use of two local area networks (LANs) is typical. The
configuration of a cluster with nodes connected by only one network is not supported.
You should configure the private network as Internal Cluster Communication Only and
the public network as All Communications.
Q. What type of information is carried over the cluster network?
A. The cluster service uses the cluster network for the following intra-cluster traffic:
· Server cluster query/management and control information
· Heartbeats for failure detection
· Intra-cluster communication to ensure tight consistency of cluster configuration
· Cluster join requests when a node reboots or recovers from a failure
Q. What types of protocol are supported for applications in a Server cluster?
A. Cluster-aware applications must use protocols based on top of TCP/IP. The cluster
software only supports the TCP/IP protocols for failover out-of -the-box.
Q. Will failover occur if the public network on one server fails?
A. Yes, in Windows 2000 and above, additional heartbeats are sent across the public
networks to detect public network and/or network adapter failures and to cause
applications to failover if the node they are currently hosted on cannot communicate with
the other nodes.
Q. Is network adapter teaming supported in a Server cluster?
A. Yes, however there are caveats. The use of network adapter teaming on all cluster
networks concurrently is not supported. At least one of the cluster networks that are
enabled for internal communication between cluster nodes must not be teamed.
Typically, the un-teamed network is a private interconnect dedicated to this type of
communication. The use of network adapter teaming on other cluster networks is
acceptable; however, if communication problems occur on a teamed network, Microsoft
Product Support Services may require that teaming be disabled. If this action resolves the
problem or issue, then you must seek further assistance from the manufacturer of the
teaming solution.
Q. Is DHCP supported for Server cluster virtual servers?
A. No, virtual servers must have static IP addresses.
Q. Is DHCP supported for Server cluster nodes?
A. Yes, addresses may be assigned to the physical nodes dynamically by DHCP, but
manual configuration with static addresses is recommended.
Q. Is NetBIOS required to run Server clusters?
A. In Windows NT and Windows 2000, NetBIOS is required for Server clusters to
function correctly.
In Windows Server 2003, the cluster service does not require NetBIOS. A basic principle
of server security is to disable unneeded services. To determine whether to disable
NetBIOS, consider the following:
· Some services and applications other than the cluster service use NetBIOS. Review all
the ways a clustered server functions before disabling NetBIOS on it.
· With NetBIOS disabled, you will not be able to use the Browse function in Cluster
Administrator when opening a connection to a cluster. Cluster Administrator uses
NetBIOS to enumerate all clusters in a domain.
· With NetBIOS disabled, Cluster Administrator does not work if a cluster name is
specified.
You can control the NetBIOS setting for the cluster through the Cluster IP Address
resource property sheet (parameters).
Q. Is IPSec supported in a Server cluster?
A. Although it is possible to use Internet Protocol Security (IPSec) for applications that
can failover in a server cluster, IPSec was not designed for failover situations and we
recommend that you do NOT use IPSec for applications in a server cluster.
Q. How do Server clusters update router tables when doing IP failover?
A. As part of its automatic recovery procedures, the cluster service will issue IETF
standard ARP "flush" commands to routers to flush the machine addresses related to IP
addresses that are being moved to a different server.
Q. How does the Address Resolution Protocol (ARP) cause systems on a LAN to update
their tables that translate IP addresses to physical machine (MAC) addresses?
A. The ARP specification states that all systems receiving an ARP request must update
their physical address mapping for the source of the request. The source IP address and
physical network address are contained in the request. As part of the IP address
registration process, the Windows TCP/IP driver broadcasts an ARP request on the
appropriate LAN several times. This request asks the owner of the specified IP address to
respond with its physical network address. By issuing a request for the IP address being
registered, Windows can detect IP address conflicts; if a response is received, the address
cannot be safely used. When it issues this request, though, Windows specifies the IP
address being registered as the source of the request. Thus, all systems on the network
will update their ARP cache entries for the specified address, and the registering system
becomes the new owner of the address.
Note that if an address conflict does occur, the responding system can send out another
ARP request for the same address, forcing the other systems on the subnet to update their
caches again. Windows does this when it detects a conflict with an address that it has
successfully registered.
Q. Server clusters use ARP broadcasts to re-set MAC addresses, but ARP broadcasts
don't pass routers. So what about clients behind the routers?
A. If the clients were behind routers, they would be using the router(s) to access the
subnet where the cluster servers were located. Accordingly, the clients would use their
router (gateway) to pass the packets to the routers through whatever route (OSPF, RIP,
etc) is designated. The end result is that their packet is forwarded to a router on the same
subnet as the cluster. This router's ARP cache is consistent with the MAC address(es) that
have been modified during a failover. Packets thereby get to the correct Virtual server,
without the remote clients ever having seen the original ARP broadcast.
Storage (Server Clusters: Frequently Asked Questions for Windows 2000 and Windows
Server 2003)
There are many storage questions, these questions are categorized as general questions,
questions about deploying Server clusters on a storage area network (SAN) and network
attached storage (NAS) questions.
General Storage Questions
Q. What storage interconnects are supported by Server clusters?
A. Cluster Server does not limit the type of storage interconnects supported; however,
there are some requirements of the storage subsystem that limit the types from a practical
perspective. For example, all of the cluster nodes should be able to access the storage
device. This typically impacts the interconnect since only interconnects that allow
multiple initiators (i.e. nodes) can be used. The set of interconnects that are currently part
of qualified configurations on the HCL include: SCSI (of various flavors), Fibre channel
arbitrated loop and fibre channel switched fabrics.
Remember that only clusters where the full configuration appears on the Cluster HCL are
supported by Microsoft.
Q. How do I configure the nodes and the storage on a SCSI cluster?
A. You must make sure that all of the devices on the SCSI bus have different SCSI Ids.
By default, SCSI adapters tend to have Id 7. You should make sure that the adapters in
each node have different Ids. Likewise, the disks should be given unique SCSI Ids on the
bus.
For a SCSI bus to work correctly it must be terminated. There are many ways to
terminate the bus, both internally (at the host adapter) and externally (using Y cables). To
ensure that the cluster can survive different types of failures (specifically being able to
power down one of the nodes), the SCSI bus should be terminated using passive
components such as a Y cable. Internal termination, which requires the adapter to be
powered up, is not recommended.
Note
Microsoft only allows 2-node clusters to be built using SCSI storage interconnects.
Q. Does Server clustering support fibre channel arbitrated loop (FC-AL)?
A. Yes, Microsoft only allows 2-node clusters to be built using FC-AL storage
interconnects. Multiple clusters on a single fibre channel loop are NOT supported.
Q. Can multiple clusters be connected to the same storage controller?
A. Yes, there is a special device qualification test for storage controllers that ensures they
respond correctly if multiple clusters are attached to the same controller. For multiple
clusters to be connected to the same controller the storage controller MUST appear on the
Multi-cluster device Hardware Compatibility List (HCL) AND each of the individual
end-to-end cluster solutions must appear on the Cluster Hardware Compatibility List. For
example: EMC Symmetrix 5.0 is on the multi-cluster device HCL list. Multiple clusters
(say a Dell PowerEdge cluster and a Compaq Proliant cluster) can be connected to the
EMC Symmetrix storage controller as long as Dell PowerEdge + EMC Symmetrix AND
Compaq Proliant + EMC Symmetrix as both on the cluster HCL.
Q. Will failover occur if the storage cable is pulled from the host bus adapter (HBA)?
A. If the storage cable is pulled from the host bus adapter (HBA), there may be a pause
before the adapter reacts to losing the connection, however, once the HBA has detected
the communication failure, the disk resources within the cluster using the specific HBA
will fail. This will trigger a failover to occur and the resource will be brought back on line
on another node in the cluster.
If the storage cable is reconnected, the Windows operating system may not rescan for
new hardware automatically (this depends on the driver used for the adapter). You may
need to manually initiate a rescan for new devices. Once the rescan is done, the node can
host any of the physical disk resources. If failback policies are set, any resources that
failed over when the cable was removed will failback to the node when the cable is
replaced.
Note
An HBA) is the storage interface that is deployed in the server. Typically this is a PCI
card that connects the server to the storage fabric.
Q. Will Server clusters protect my disks from hardware failures?
A. No, Cluster server protects against server failure, operating system or application
failure and planned downtime due to maintenance. Microsoft strongly suggests that
application and user data is protected against disk failure using redundancy techniques
such as mirroring, RAID or replication either in hardware or in software.
Q. Do Server clusters support RAID or mirrored disks?
A. Yes, Microsoft strongly suggests that application and user data is protected against
disk failure using redundancy techniques such as mirroring, RAID or replication either in
hardware or in software.
Q. Are dynamic disks supported in a cluster?
A. Windows server products shipped from Microsoft do not provide support for dynamic
disks in a server cluster environment. The Volume Manager for Windows 2000 add-on
product from Veritas can be used to add the dynamic disk features to a server cluster.
When the Veritas Volume Manager product is installed on a cluster, Veritas should be the
first point of support for cluster issues.
Q. Can a cluster disk be extended without rebooting?
A. Yes, cluster disks can be extended without rebooting if the storage controller supports
dynamic expansion of the underlying physical disk. Many new storage controllers
virtualize the Logical Units (LUNs) presented to the operating system and these
controllers allow LUNs to be grown online from the storage controller management
console. Microsoft provides a tool called DiskPart that allows volumes or partitions to be
grown online to take advantage of the newly created space on the disk without disruption
to applications or users using the disk. There are separate versions of DiskPart for
Windows 2000 and Windows Server 2003. The Windows 2000 version is available as a
free download on the web and the Windows Server 2003 version is shipped on the
distribution media.
Note
An LUN equates to a disk device visible in Disk Administrator.
Q. Can additional disks be added to a cluster without rebooting?
A. Yes, you can insert a new disk or create a new LUN and make that visible to the
cluster nodes. You should only make the disk visible to one node in the cluster and then
create a cluster resource to protect that disk. Once the disk is protected, you can make the
LUN visible to other nodes in the cluster. In some cases you may need to do a rescan in
device manager to find the new disk. In other cases (especially with fibre channel) the
disk may be automatically detected.
Q. Can disks be removed from the cluster without rebooting?
A. Yes
Q. What types of disks can be used for cluster disks?
A. Microsoft recommends that all partitions on the cluster disks be formatted with the
NTFS file system. This is for two reasons. Firstly, NTFS provides access controls that
can be used to secure the data on the disk. Secondly, NTFS can recover from volumes
that have been forcibly dismounted; other file systems may become corrupt if they are
forcibly dismounted.
Server clusters only support Master Boot Record (MBR) format disks. Cluster disks
cannot be GPT format.
Q. Can tape devices or other non-disk devices be attached to the same storage bus as the
Cluster Disks?
A. It depends on the storage interconnect. Server clusters use SCSI reserve and reset to
arbitrate for cluster disks. In Windows NT and Windows 2000 cluster server performs an
untargeted bus reset. In Windows Server 2003 it is possible to target the reset, however, it
may fallback to an untargeted reset. If a tape device receives a reset, this will typically
trigger the tape to rewind.
Server cluster does not provide any arbitration mechanism for tape devices that are
visible from multiple servers, therefore tape devices are not protected against concurrent
access from multiple servers.
Microsoft does NOT support attaching a tape device to the SCSI bus containing the
cluster disks in the case of a SCSI cluster or the loop in and fibre channel arbitrated loop.
Tape devices can be attached to a switched fabric as long as they are not visible through
the same adapters as the cluster disks. This can be achieved by either putting the tape
drive in a different zone to the cluster disks or by LUN masking techniques.
Q. Are software fault tolerant disks (software RAID or mirroring) supported in a Server
cluster?
A. Windows server products shipped from Microsoft do not provide support for software
RAID or mirroring, however, there are 3rd party products that provide this functionality
in a clustered environment.
Q. Is the Virtual Snapshot Service (VSS) supported in a Server cluster?
A. Yes, the Virtual Snapshot Service is new with Windows Server 2003 and provides
basic snapshot capabilities that are used by backup applications to create consistent,
single point in time backups. The cluster service has a VSS provider that allows the
cluster service configuration to be snapshoted and stored as part of the system state by
these backup applications.
Q. Do Timewarp snapshots work in a Server cluster?
A. No, Timewarp is a new feature in Windows Server 2003 that allows persistent
snapshot to be created and exposed to clients. TImewarp makes use of features that are
not cluster-aware and it is not supported in a cluster at this time.
Q. Are hardware snapshots or business recovery volumes supported in a Server cluster?
A. Yes, you can use facilities in the latest storage controllers to create snapshots of
existing volumes. Note, however, when you create a snapshot of a disk you should NOT
expose the snapshot back to the same cluster as the original disk. The cluster service uses
the disk signature to uniquely identify a disk. With a snapshot, the disk and the snapshot
have the same disk signature.
If you create a hardware snapshot or a business recovery volume of a cluster disk you
should expose the snapshot to another server or cluster (typically a dedicated backup
server).
Q. What other considerations are there when creating clustered disks?
A. Modern storage controllers provide a virtual view of the storage itself. A physical
RAID set can be carved into multiple logical units that are exposed to the operating
system as individual disks or LUNs. If you intend to carve up physical disks in this way
and expose them as independent LUNs to the hosts, you should think carefully about the
IO characteristics and the failure characteristics remember underneath, there is only a
finite bandwidth to each spin
dle.
Microsoft recommends that you do not create a LUN for use as the quorum disk from the
same underlying physical disks that you will be using for applications. The availability of
the cluster is directly related to the availability of the quorum disk. If I/Os to the quorum
disk take too long, the cluster server will assume that the quorum disk has failed and
initiate a failover of the quorum device. At that point, all other cluster related activity is
suspended until the quorum device is brought back online.
Q. How can I replace a disk that has gone bad in a cluster?
A. The answer depends on the Windows release:
· Windows NT Enterprise Edition
· FTEdit tool along with some manipulate of the registry. This is covered in article
243195 in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?
linkid=67761).
· Windows 2000
· DumpCfg.
· ClusterRecovery Reskit tool provided on Windows Server 2003 Reskit
· Windows Server 2003
· Automated system recovery.
· ConfDisk. This is covered in article 280425 in the Microsoft Knowledge Base
(http://go.microsoft.com/fwlink/?linkid=67762).
· ClusterRecovery Reskit tool provided on Windows Server 2003 Reskit
Storage Area Networks (SAN) questions
Q. What is a Storage Area Network (SAN)?
A. A storage area network (SAN) is defined as a set of interconnected devices (e.g. disks
and tapes) and servers that are connected to a common communication and data transfer
infrastructure such as a fibre channel. The common communication and data transfer
mechanism for a given deployment is commonly known as the storage fabric. The
purpose of the SAN is to allow multiple servers access to a pool of storage in which any
server can potentially access any storage unit. Clearly in this environment, management
plays a large role providing security guarantees (who is authorized to access which
devices) and sequencing or serialization guarantees (who can access which devices at
what point in time).
Q. Why use a SAN?
A. Storage area networks provide a broad range of advantages over locally connected
devices. They allow compute units to be detached from storage units, thereby allowing
flexible deployment and re-purposing of both servers and storage dynamically to suit the
current business needs without having to be concerned about buying the right devices for
a given server or without re-cabling a datacenter to attach storage to a given server.
Q. Can a cluster be connected to a SAN?
A. Yes, Microsoft fully supports storage area networks both as part of the base Windows
platform and as part of a complete Windows Clustering high availability solution.
Q. Can a cluster co-exist on a SAN with other servers?
A. One or more Server clusters can be deployed in a single SAN environment along with
standalone Windows servers and/or with other non-Windows platforms.
Q. What additional SAN configuration is required to put a cluster on a shared SAN?
A.
· The cluster disks for each cluster on a SAN MUST be deployed in their own zone. All
host bus adapters (HBAs) in a single cluster must be the same type and at the same
firmware revision level. Many storage and switch vendors require that ALL HBAs on the
same zone, and in some cases the same fabric, are the same type and have the same
firmware revision number.
· All storage device drivers and HBA device drivers in a cluster must be at the same
software version.
· When adding a new server to a SAN, ensure that the HBA is appropriate for the
topology. In some configurations, adding an arbitrated loop HBA to a switched fibre
fabric can result in widespread failures of the storage fabric. There have been real-world
examples of this causing serious downtime.
Note
An HBA is the storage interface that is deployed in the server. Typically this is a PCI
card that connects the server to the storage fabric.
Q. What is LUN masking or selective presentation?
A. LUN masking (also implemented as selective presentations) allows users to express at
the controller level a specific relationship between a LUN and a host. Only the hosts that
are configured to access the LUN should be able to see it.
Q. What is hardware zoning verses software zoning?
A. Zoning can be implemented in hardware/firmware on controllers or on software on the
hosts. Microsoft recommends that controller based (or hardware) zoning be used since
this allows for uniform implementation of access policy that cannot be interrupted or
compromised by node disruption or failure of the software component.
Q. Why is zoning needed to isolate a Server cluster in a SAN?
A. The cluster uses mechanisms to protect access to the disks that can have an adverse
effect on other clusters that are in the same zone. By using zoning to separate the cluster
traffic from other cluster or non-cluster traffic, there is no chance of interference.
The diagram shows two clusters sharing a single storage controller. Each cluster is in its
own zone. The LUNs presented by the storage controller must be allocated to individual
clusters using fine-grained security provided by the storage controller itself. LUNs must
be setup so that every LUN for a specific cluster is visible and accessible from all nodes
of the cluster. A LUN should only be visible to one cluster at a time. The cluster software
itself takes care of ensuring that although LUNs are visible to all cluster nodes, only one
node in the cluster accesses and mounts the disk at any point in time.
The multi-cluster device test used to qualify storage configurations for the multi-cluster
HCL list tests the isolation guarantees when multiple clusters are connected to a single
storage controller in this way.
Q. Can a cluster server boot from a SAN?
A. Yes, however, there is a set of configuration restrictions around how Windows boots
from a storage area network. For more information, see article 305547 in the Microsoft
Knowledge Base (http://go.microsoft.com/fwlink/?linkid=67837).
Server clusters require that the startup disk, page file disk and system disk be on a
different storage bus to the cluster server disks. To boot from a SAN, you must have a
separate HBA for the boot, system and pagefile disks than the cluster disks. You MUST
ensure that the cluster disks are isolated from the boot, system and pagefile disks by
zoning the cluster disks into their own zone.
Q. Can I use multiple paths to SAN storage for high availability?
A. Microsoft does not provide a generic driver that allows multiple paths to the storage
infrastructure for high availability; however, several vendors have built their own
proprietary drivers that allow multiple HBAs and SAN fabrics to be used as a highly
available storage infrastructure. For a Server cluster that has multi-path drivers to be
considered supported, the multipath driver MUST appear as part of the complete cluster
solution on the Cluster Hardware Compatibility List (HCL). NOTE: The driver version is
VERY important and it MUST match the qualified version on the HCL.
Q. Can the startup disk, pagefile disks and the cluster disks be on the same SAN fabric?
A. No, in Windows Server 2003, there is a registry key that allows the startup disk,
pagefile disks, and cluster disks to be on the same bus. This feature is enabled by a
registry key, which helps ensure that it is not accidentally enabled by customers who do
not understand the implications of this configuration. It is intended for OEMs to ship
qualified and tested configurations and not for a typical end-user or administrator to set
up in an ad hoc manner.
In the original release of Windows Server 2003, the registry key is:
HKLM\SYSTEM\CurrentControlSet\Services\ClusSvc\Parameters\ManageDisksOnSyste
mBuses 0x01
In Windows Server 2003 with Service Pack 1 (SP1), the registry key is:
HKLM\SYSTEM\CurrentControlSet\Services\ClusDisk\Parameters\ManageDisksOnSyst
emBuses 0x01
In Windows Server 2003 SP1, the key path was changed to use “Clusdisk” as a subkey
instead of “ClusSvc.” This change was made to avoid issues during setup. However, the
change is backward compatible, and systems that use the old key locations do not need to
be modified.
Q. Can serverless backup be performed against cluster disks?
A. No, the cluster disk arbitration mechanism uses SCSI reserve and release operations.
Once a server arbitrates for a cluster disk, that disk cannot be accessed by any other
server on the storage network.
Network Attached Storage (NAS) questions
Q. What is Network Attached Storage (NAS)?
A. Network attached storage (NAS) is an alternative way to connect storage to servers
that is built using standard network components such as Ethernet or other LAN
technologies. The application servers access storage using file system functions such as
open file, read file, write file, close file, etc.. These higher-level functions are
encapsulated in protocols such as CIFS, NFS or AppleShare and run across standard IP-
based connections.
Q. Can Server clusters use NAS for the shared storage?
A. Yes, providing the applications can store data on file shares and the file shares are
accessible to the applications as they failover across the cluster, there is no reason why
NAS cannot be used as the storage solution in a cluster.
There is currently no support in Windows to use NAS as the quorum resource.
In Windows Server 2003, we are providing a new quorum resource Majority Node Set
that can be used to remove the need for a shared disk for the quorum resource. If you
combine NAS storage with Majority Node Set quorum, you can build a failover cluster
that does not require shared disks in the traditional sense of SCSI or SAN.
Highly Available File Servers
Q. Can I have an active/active file server?
A. The Windows 2000 resource kit contains a tool ClusTool that can be used to migrate
file share settings from a single node to a cluster environment.
Q. Can FRS be used to replicate clustered file shares?
A. No, the file replication service (FRS) provided by Windows cannot be used to
replicate a clustered file share. This means that clustered file shares cannot be the source
or target for redundant links in a DFS tree. See the online documentation for DFS for
more details.
Q. What file system types are supported in a cluster?
A. All partitions on clustered disks should be formatted with NTFS.
Q. Does client-side caching (offline folders) work with Server clusters?
A. Yes, in Windows Server 2003, you can select client-side caching (also know as offline
folders) for clustered file shares.
Q. Is the Encrypting File System (EFS) supported on cluster disks?
A. With Windows Server 2003, the encrypting file system (EFS) is supported on
clustered file shares. To enable EFS on a clustered file share, you must perform a number
of tasks to configure the environment correctly:
· EFS can only be enabled on file shares when the virtual server has Kerberos enabled. By
default, Kerberos is not enabled on a virtual server. To enable Kerberos you must check
the Enable Kerberos Authentication check box on the network name resource that will be
used to connect to the clustered file share. NOTE: Enabling Kerberos on a network name
has a number of implications that you should ensure you fully understand before
checking the box.
· All cluster node computer accounts, as well as the virtual server computer account, must
be trusted for delegation. See online help for how to do this.
· To ensure that the users private keys are available to all nodes in the cluster, you must
enable roaming profiles for users who want to store data using EFS. See online help for
how to enable roaming profiles.
Once the cluster file shares have been created and the configuration steps above carried
out, users data can be stored in encrypted files for added security.
Q. How many file shares can be hosted on a cluster?
A. The number of file shares in a cluster depends on the number of nodes in the cluster
and the failure scenarios that you are trying to protect against. A single server has a limit
for the number of file shares it can support so you need to take that into account when
planning your cluster.
In a 2-node cluster, if one node fails, the remaining node must pick up all of the file
shares. Therefore, to ensure the highest availability, the cluster should host the maximum
number of shares that can be hosted by a single node.
Note
2-node Server clusters are focused on high availability, not scale-out, therefore you
should not expect to hold more shares on a 2-node cluster than a single node.
In a 4-node cluster, you have other options that may be more appropriate, depending on
the failure scenarios that you wish to protect against. For example, if you wish to survive
one node failing at any point in time, you can configure the shares so that if one node
fails, its work is spread across the remaining three nodes. This means that each node
could be loaded to 66% of the maximum number of shares and still be within the
maximum limit of a single node in the event of a single failure. In this case, the cluster
can host three times the number of shares that a single server can host. If you wish to
survive two nodes failing, then a 4-node cluster can hold twice as many shares (since if
two nodes fail, the remaining two nodes need to pick up the load from the two failed
servers) and so on.
In general, as the number of nodes in a cluster increases, the more options you have and
the more you can use server clusters to scale-out a highly available infrastructure.
Q. What is the maximum capacity of a cluster disk?
A. Server cluster does not impose any restrictions on the size of a volume supported.
Q. How many disks can Server cluster support?
A. In Windows 2000, each clustered disk had to have a drive letter assigned to it,
therefore the maximum number of clustered disks in a single cluster was limited to 23
volumes (26 letters of the alphabet minus A and B [Floppy drives] and C [system/boot
drive]).
In Windows Server 2003, there is no longer a requirement for a clustered disk to have a
driver letter assigned, therefore the number of disks is limited by the number that can be
physically attached and the number supported by the underlying operating system.
Note
Applications can access disks with no drive letters in one of two ways a) directly using
the object name associated with the disk or more likely b) by using mount points to link
multiple disks together that can be accessed using a single drive letter.
Q. How can a cluster support more disks than there are drive letters?
A. Using file system mount points. For more information about using mount points with
clustered disks see the online help for Windows Server 2003.
Q. Why can I browse shares owned by different virtual servers?
A. File shares are not scoped by the virtual server name that is hosting them. If you use a
browsing tool (e.g. the NET VIEW command) you will see all the shares that are
currently hosted on the physical node.
Highly Available Print Servers
Q. How do I cluster a printer?
A. Printers can be clustered using the Print Spooler cluster resource. The Windows 2000
and the Windows Server 2003 online help both give specific examples and the steps
necessary to create a highly available print server.
Q. Can I have active/active print servers?
A. Yes, it is possible to host multiple print spoolers on a single Server cluster. The
spoolers can be failed over independently and can run concurrently on multiple nodes in
the cluster.
Q. How do I migrate printer settings from a single server to a cluster?
A. Microsoft provides a tool (Print Migrator) as part of the ResKit that can be used to
migrate printer settings from one node to another or from one node to a Server cluster.
Q. How many printer resources can be hosted on a cluster?
A. The number of printers is limited by the number of resources the cluster can support,
however, as the number of printers increases, so will the time to failover.
Removing all Single Points of Failure
Q. What other services does the server cluster rely on?
A. The cluster service itself relies on being able to authenticate and sign communications
traffic between the cluster nodes. It uses the domain infrastructure to authenticate using
the cluster service account. In an environment with Server clusters installed, you must
ensure that the domain infrastructure is highly available; any disruption to the
infrastructure can result in the clusters becoming unavailable.
Q. What other services do I need to think about?
A. In order for applications to remain highly available in a clustered environment, any
services that the application requires external to the cluster must also be highly available.
Many of these services have mechanisms such as replication or being made cluster-aware
themselves to protect against failures. Examples of services that you should think about
include WINS, DNS, DHCP, the domain infrastructure, firewalls, etc.
Q. What other single points of failure should I protect against?
A. Server clusters are a mechanism that protects applications against hardware, operating
system and application failures. There are some types of hardware failure that you should
think about:
· Disk failures you should use RAID or mirroring to protect against disk failures
· Hardware failures multiple hot swap fans in the server, redundant power supplies etc.
· Network failures redundant networks that do not have any shared components
· Site failures disaster recovery plans
Active Directory, DNS and Domain Controllers
Q. Is Kerberos authentication possible for services hosted on a cluster?
A. Yes, in Windows 2000 SP3 and above and Windows Server 2003, the cluster service
publishes a computer object in Active Directory. This provides the infrastructure with
sufficient state to allow Kerberos authentication against applications and services hosted
in a virtual server.
For more information about Kerberos and how it works, see the TechNet web site
(http://go.microsoft.com/fwlink/?linkid=67842).
Q. Can cluster servers also be domain controllers?
A. Yes, however, there are several caveats that you should fully understand before taking
this approach. We recommend that Server cluster nodes are not domain controllers and
that you co-locate a domain controller on the same subnet as the Server cluster public.
If you must make the cluster nodes into domain controllers, consider the following
important points:
· If one cluster node in a 2-node cluster is a domain controller, all nodes must be domain
controllers. It is recommended that you configure at least two of the nodes in a 4-node
Datacenter cluster as domain controllers.
· There is overhead that is associated with the running of a domain controller. A domain
controller that is idle can use anywhere between 130 to 140 megabytes (MB) of RAM,
which includes the running of Windows Clustering. There is also replication traffic if
these domain controllers have to replicate with other domain controllers within the
domain and across domains. Most corporate deployments of clusters include nodes with
gigabytes (GB) of memory so this is not generally an issue.
· If the cluster nodes are the only domain controllers, they each have to be DNS servers as
well, and they should point to each other for primary DNS resolution, and to themselves
for secondary DNS resolution. You have to address the problem of the ability to not
register the private interface in DNS, especially if it is connected by way of a crossover
cable (2-node only). For information about how to configure the heartbeat interface refer
to article 258750 in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?
LinkID=46549). However, before you can accomplish step 12 in KB article 258750, you
must first modify other configuration settings, which are outlined in article 275554
(http://go.microsoft.com/fwlink/?LinkID=67844).
If the cluster nodes are the only domain controllers, they must each be Global Catalog
servers, or you must implement domainlets.
· The first domain controller in the forest takes on all flexible single master operation
roles (refer to article 197132 at http://go.microsoft.com/fwlink/?LinkID=67847). You can
redistribute these roles to each node. However, if a node fails over, the flexible single
master operation roles that the node has taken on are no longer available. You can use
Ntdsutil to forcibly take away the roles and assign them to the node that is still running
(refer to article 223787 at http://go.microsoft.com/fwlink/?LinkID=67851). Review
article 223346 at http://go.microsoft.com/fwlink/?LinkID=19807) for information about
placement of flexible, single master operation roles throughout the domain.
· If a domain controller is so busy that the Cluster service is unable to gain access to the
Quorum drive as needed, the Cluster service may interpret this as a resource failure and
cause the cluster group to fail over to the other node. If the Quorum drive is in another
group (although it should not be), and it is configured to affect the group, a failure may
move all group resources to the other node, which may not be desirable. For more
information regarding Quorum configuration, please refer to the article 280345 listed in
the "Reference" section (http://go.microsoft.com/fwlink/?LinkID=67855).
· Clustering other programs such as SQL Server or Exchange Server in a scenario where
the nodes are also domain controllers, may not result in optimal performance due to
resource constraints. You should thoroughly test this configuration in a lab environment
prior to deployment.
· You may want to consider making cluster nodes domain controllers (refer to KB article
171390 at http://go.microsoft.com/fwlink/?LinkID=67857 for more information), but if a
domain controller is already local, or there is a reliable high-speed connectivity to a
domain controller available, Microsoft does not recommend implementing them on
cluster nodes.
Note
You must promote a cluster node to a domain controller by using the Dcpromo tool prior
to installing Windows Clustering.
· You must be extremely careful when demoting a domain controller that is also a cluster
node. When a node is demoted from a domain controller, the security settings and the
user accounts are radically changed (user accounts are demoted to local accounts for
example).
Q. Are virtual servers published in active directory?
A. Yes, in Windows 2000 SP3 and above and in Windows Server 2003, each virtual
server has the option of being published in active directory.
Although the network name server cluster resource publishes a computer object in active
directory, that computer object should NOT be used for administration tasks such as
applying Group Policy. The ONLY role for the virtual server computer object in
Windows 2000 and Windows Server 2003 is to allow Kerberos authentication and
delegation and for cluster-aware, active directory-aware services (such as MSMQ) to
publish service provider information.
Q. Is the cluster configuration stored in active directory?
A. No, at this time there is no cluster information other than the computer objects for
virtual servers published in Active directory.
Q. Do Server clusters make domain controllers highly available?
A. No, domain controllers use replication across a set of servers to achieve high
availability.
Q. How should my DNS server be configured to work with Server clusters?
A. The cluster service account needs to be able to publish records. In a secure, DNS
backed zone, the DNS administrator can chose to restrict the access rights for users. The
cluster service account must be granted permission to create records or alternatively, the
records can be pre-created. If the records are pre-created, you should not set the zone to
dynamic update.
Security Considerations (Server Clusters: Frequently Asked Questions for Windows 2000
and Windows Server 2003)
Q. How do I update the cluster service account password?
A. The cluster service account on ALL nodes in the cluster must match to ensure that the
intra-cluster communication can be successfully authenticated. The cluster service itself
sends messages between cluster nodes under a variety of conditions and if any of those
communications fail, the cluster node will be removed from the cluster (i.e. the cluster
service will be stopped). It is not possible to determine when the cluster service will
establish communication and therefore there is no clear window that allows the cluster
service account to be changed in a reliable way while ensuring that the cluster remains
running.
Windows 2000
On Windows 2000, the cluster account password can only be reliably changed using the
following steps:
1. Stop the cluster service on ALL nodes in the cluster
2. Change the password of the cluster service account at the domain controller
3. Update the service control manager password on ALL cluster nodes
4. Re-start the cluster service on all the cluster nodes
Windows Server 2003
The cluster.exe command on Windows Server 2003 has the ability to change the cluster
account password dynamically without shutting down the cluster service on any of the
nodes. The cluster.exe command changes the domain account password and updates the
service control manager account information about all nodes in the cluster.
Cluster
/cluster:cluster_name1[,cluster_name2,]/changepassword[:new_password[,old_password]
] [/skipdc] [/force] [/options]
For more information refer to the online help for Windows Server 2003.
Q. What other security considerations and best practices do I need to worry about for
Server clusters?
A. For security best practices, see the online help for Windows Server 2003.
In-the-box HA Services
Q. What highly available operating system services are provided on the Windows
release?
A. Server clusters following highly available services by default in the Windows
operating system:
· IP Address and Network Name: highly available network configuration to allow clients
to location independent and failover unaware
· DHCP: Highly available DHCP server
· MSDTC: Highly available distributed transaction coordinator
· IIS: Highly available web server and FTP server*
· File Share: Highly available file share service and DFS
· Message Queue: Highly available MSMQ service
· MSMQ triggers: Highly available MSMQ trigger service (new for Windows Server
2003)
· Print Spooler: Highly available printer service
· WINS: Highly available WINS service
*In Windows Server 2003, IIS is made cluster-aware using the generic script resource
and the scripts provided. There is no specific IIS resource type.
Q. Are MSMQ triggers supported in a Server cluster?
A. Yes, in Windows Server 2003, the MSMQ trigger service can be made highly
available using Server clusters.
Q. Is IIS cluster-aware?
A. Yes, in Windows 2000, IIS web sites and FTP services can be made highly available
using the IIS Server Instance resource type. In Windows Server 2003, the IIS Server
Instance resource type was replaced with a set of generic scripts provided in the Windows
Server 2003 release (see the online help for more information about converting IIS web
servers and FTP servers from Windows 2000 to Windows Server 2003).
Although IIS web servers can be made highly available by failover using Server
clustering, Microsoft recommends that you use a load balancing cluster such as provided
by Network Load Balancing (NLB), another cluster mechanism provided by the
Windows operating system to make IIS highly available and to scale-out a web service or
web farm.
Depending on the access characteristics, you may choose either Server clusters or
Network Load Balancing clusters to provide highly available FTP servers. Server
clustering is good for FTP sites with high update rates or where you want to have a single
copy of the FTP content. Network Load Balancing is good for mainly read-only FTP
Servers.
Q. How is the IIS metabase kept consistent across the cluster?
A. The Windows operating system comes with a tool (IISSync) that allows the IIS
metabase to be kept in sync across the nodes in the cluster. For more details see the
online help.
Geographically Dispersed Clusters
Q. Can Server clusters span multiple sites?
A. Yes, Server clusters support a single cluster spanning multiple sites. This is known as
a geographically dispersed cluster. All qualified geographically dispersed cluster
solutions appear on the Microsoft Hardware Compatibility list (HCL)
(http://go.microsoft.com/fwlink/?LinkID=67738). Only cluster solutions listed on the
HCL are supported by Microsoft.
Q. How is a geographically dispersed cluster defined?
A. A geographically dispersed cluster is a Server cluster that has the following attributes:
1. Has multiple storage arrays, at least one deployed at each site. This ensures that in the
event of failure of any one site, the other site(s) will have local copies of the data that
they can use to continue to provide the services and applications.
2. Nodes are connected to storage in such a way that in the event of a failure of either a
site or the communication links between sites, the nodes on a given site can access the
storage on that site. In other words, in a two-site configuration, the nodes in site A are
connected to the storage in site A directly and the nodes in site B are connected to the
storage in site B directly. The nodes in site A con continue without accessing the storage
on site B and vice-versa.
3. The storage fabric or host-based software provides a way to mirror or replicate data
between the sites so that each site has a copy of the data. Different levels of consistency
are available.
The following diagram shows a simple two-site cluster configuration.
Q. Will geographically dispersed clusters give me disaster tolerance, or disaster

recovery?
A. The goal of multi-site Server cluster configurations is to ensure that loss of one site in
the solution does not cause a loss of the complete application for business continuance
and disaster recovery purposes. Sites are typically up to a few hundred miles apart so that
they have completely different power, different communications infrastructure providers,
and are placed so that natural disasters (e.g., earthquakes) are extremely unlikely to take
out more than one site.
Geographically dispersed clusters do not provide disaster tolerance, since, in some cases,
manual intervention is required to restart the applications.
Q. Can a geographically dispersed cluster use asynchronous replication between sites?
A. Yes, however, there are a couple of caveats:
· The quorum data must be synchronously replicated between the sites. To ensure that the
Server cluster guarantees of consistency are met, the cluster database must be kept
consistent across all nodes. If the quorum disk is replicated across the sites, it MUST be
replicated synchronously.
In Windows Server 2003, a new quorum resource Majority Node Set can be used in these
configurations as an alternative to replicating the quorum disk.
· If data is replicated asynchronously, in the event of a site failure, the secondary site will
be consistent, but out of date. You should check that the applications can handle going
back in time and that the client experience makes sense for the business. Applications
such as SQL Server can be hosted on asynchronous replication; however, there are a
bunch of restrictions and warning that you should be aware of (see the SQL Server high
availability documentation for rules around multi-site replication of SQL Server data).
· If data is replicated at the block level, the replication must preserve the order of writes
to the secondary site. Failure to ensure this will lead to data corruption.
Q. Does Microsoft provide a complete end-to-end geographically dispersed cluster
solution?
A. No, Microsoft does not provide a software mechanism for replicating application data
from one site to another in a geographically dispersed cluster. Microsoft works with
hardware and software vendors to provide a complete solution. All qualified
geographically dispersed cluster solutions appear on the Microsoft Hardware
Compatibility list (HCL) (http://go.microsoft.com/fwlink/?LinkID=67738). Only cluster
solutions listed on the HCL are supported by Microsoft.
Q. What additional requirements are there on a Server cluster to support multiple sites?
A. The Microsoft server clustering software itself is unaware of the extended nature of
geographically dispersed clusters. There are no special features in Server cluster in
Windows 2000 or Windows Server 2003 that are specific to these kinds of configuration.
The network and storage architectures used to build geographically dispersed clusters
must preserve the semantics that the server cluster technology expects. Fundamentally,
the network and storage architecture of geographically dispersed server clusters must
meet the following requirements:
1. The private and public network connections between cluster nodes must appear as a
single, non-routed LAN (e.g., using technologies such as VLANs to ensure that all nodes
in the cluster appear on the same IP subnets).
2. The network connections must be able to provide a maximum guaranteed round trip
latency between nodes of no more than 500 milliseconds. The cluster uses heartbeat to
detect whether a node is alive or not responding. These heartbeats are sent out on a
periodic basis. If a node takes too long to respond to heartbeat packets, the cluster service
starts a heavy-weight protocol to figure out which nodes are really still alive and which
ones are dead; this is known as a cluster re-group. The heartbeat interval is not a
configurable parameter for the cluster service (there are many reasons for this, but the
bottom line is that changing this parameter can have a significant impact on the stability
of the cluster and the failover time). 500ms round-trip is significantly below any
threshold to ensure that artificial re-group operations are not triggered.
3. Windows 2000 requires that a cluster have a single shared disk known as the quorum
disk. The storage infrastructure can provide mirroring across the sites to make a set of
disks appear to the cluster service like a single disk, however, it must preserve the
fundamental semantics that are required by the physical disk resource:
· Cluster service uses SCSI reserve commands and bus reset to arbitrate for and protect
the shared disks. The semantics of these commands must be preserved across the sites
even in the face of complete communication failures between sites. If a node on site A
reserves a disk, nodes on site B should not be able to access the contents of the disk.
These semantics are essential to avoid data corruption of cluster data and application
data.
· The quorum disk must be replicated in real-time, synchronous mode across all sites. The
different members of a mirrored quorum disk MUST contain the same data.
In Windows Server 2003, you can use either a mirrored/replicated quorum disk or a new
resource Majority Node Set for a multi-site cluster.
Q. What additional requirements are there on applications?
A. As with the Server cluster itself, applications are unaware of the extended nature of
geographically dispersed clusters. There is no topology or configuration information
provided to applications to make them aware of the different sites.
Typically, no changes are required to ensure that an application runs, as expected, on a
geographically dispersed cluster. However, you should check with the application
vendors. In some cases different failure timeout periods may be required since disk
accesses and failover times may be longer due to the extended distance between clusters
and the need to provide mirroring or replication of data between sites.
Quorum
Q. What is the quorum used for?
A. Server clusters require a quorum resource to function. The quorum resource, like any
other resource, is a resource which can only be owned by one server at a time, and for
which servers can negotiate for ownership. Negotiating for the quorum resource allows
Server clusters to avoid "split-brain" situations where the servers are active and think the
other servers are down. This can happen when, for example, the cluster interconnect is
lost and network response time is problematic. The quorum resource is used to store the
definitive copy of the cluster configuration so that regardless of any sequence of failures,
the cluster configuration will always remain consistent.
Q. What options do I have for my quorum resource?
A. In Windows 2000, there are two quorum-capable resources:
· Physical Disk Resource
This allows a disk on the shared cluster storage bus to be used as the quorum resource.
The cluster code uses SCSI commands to arbitrate for the quorum disk ensuring only one
node owns the quorum disk at any point in time. This is the standard quorum resource
that Microsoft recommends for all production Windows 2000 clusters.
Note
Some storage vendors provide their own quorum capable resources for specific hardware
solutions (e.g., IBM Shark Storage) or software solutions (such as Veritas Volume
Manager). You should use these if they are required for your environment.
· Local Quorum
This quorum-capable resource allows a single node cluster to be setup without having a
second storage bus. This type of cluster is useful for developing cluster-aware software
without having to have a multi-node cluster.Local Quorum can be used in a production
environment if you want to take advantage of the resource health monitoring and local
restart facilities provided by Server cluster on a single node.
In Windows Server 2003 we have introduced another quorum capable resource type
Majority Node Set
A majority node set is a single quorum resource from a Server cluster perspective;
however, all of the quorum data is actually stored on multiple disks across the cluster.
The majority node set resource takes care to ensure that the cluster configuration data
stored on the majority node set is kept consistent across the different disks.
See What is Majority Node Set? for more details.
Q. Can other applications share the quorum disk?
A. Microsoft recommends that you do NOT use the quorum disk for other applications in
the cluster and that the quorum disk is restricted to use by the cluster service itself. If you
use the quorum disk for other applications you should be aware of the following:
· The quorum disk health determines the health of the entire cluster. If the quorum disk
fails, the cluster service will become unavailable on all cluster nodes. The cluster service
checks the health of the quorum disk and arbitrates for exclusive access to the physical
drive using standard I/O operations. These operations are queued to the device along with
any other I/Os to that device. If the cluster service I/O operations are delayed by
extremely heavy traffic, the cluster service will declare the quorum disk as failed and
force a regroup to bring the quorum back online somewhere else in the cluster. To protect
against malicious applications flooding the quorum disk with I/Os, the quorum disk
should be protected. Access to the quorum disk should be restricted to the local
administrator group and the cluster service account.
· If the quorum disk fills up, the cluster service may be unable to log required data. In this
case, the cluster service will fail, potentially on all cluster nodes. To protect against
malicious applications filling up the quorum disk, access should be restricted to the local
administrator group and the cluster service account.
· The cluster service itself will always try to bring the quorum disk back online. In doing
so, it may violate the failover and failback policies assigned to applications in the same
group.
Q. Can a NAS device be used as the shared quorum disk?
A. No, out-of-the-box, the cluster service supports physical disks on the shared cluster
bus or in Windows Server 2003 Majority Node Set quorum resources.
Q. What is Majority Node Set?
A. A majority node set is a single quorum resource from a Server cluster perspective;
however, all of the quorum data is actually stored on multiple disks across the cluster.
The majority node set resource takes care to ensure that the cluster configuration data
stored on the majority node set is kept consistent across the different disks. This allows
cluster topologies as follows:
The disks that make up the majority node set could, in principle be local disks physically
attached to the nodes themselves or disks on a shared storage fabric. In the majority node
set implementation that is provided as part of Server clusters in Windows Server 2003,
every node in the cluster uses a directory on its own local system disk to store the quorum
data. If the configuration of the cluster changes, that change is reflected across the
different disks. The change is only considered to have been committed (i.e. made
persistent), if that change is made to:
(/2) + 1
This ensures that a majority of the nodes have an up-to-date copy of the data. The cluster
service itself will only start up, and therefore bring resources on line, if a majority of the
nodes configured as part of the cluster are up and running the cluster service. If there are
fewer nodes, the cluster is said not to have quorum and therefore the cluster service waits
(trying to restart) until more nodes try to join. Only when a majority or quorum of nodes,
are available, will the cluster service start up the resources be brought online. This way,
since the up-to-date configuration is written to a majority of the nodes, regardless of node
failures, the cluster will always guarantee that it starts up with the latest and most up-to-
date configuration.
Cluster-Aware Applications
Q. What is a Cluster Aware Application?
A. A cluster-aware application is an application that calls the cluster APIs to determine
the context under which it is running (such as the virtual server name etc.) and can
failover between nodes for high availability.
Can applications that were not written for a cluster be made highly available?
Yes, Server clusters provide a plug-in environment that allows resource dlls to provide
the necessary control and health monitoring functions to make existing applications
highly available.
Server clusters provide a set of generic resource types that can be used to make existing
applications failover in a cluster. In Windows 2000 there are two generic resource types:
Generic application
allows any application to be started, stopped and monitored by the cluster service
Generic Service
allows an existing Windows Service to be started, stopped and monitored.
These generic services provide very rudimentary health monitoring (for example, is the
process that was started still a valid process on the system). It does not check that the
application is servicing requests since this requires specific knowledge of the application.
The generic resources can be used to make applications failover relatively quickly;
however, to provide a more appropriate health check, Microsoft recommends that you
build an application-specific resource dll.
In Windows Server 2003, we have provided an additional resource type (Generic Script)
that allows the start/stop and health monitoring functions to be implemented as scripts
rather than using C or C++. This makes the job of building application-specific resource
plug-ins much more manageable and easier.
Q. How do I build a cluster-aware application?
A. Server clusters provides a rich API set that allows applications to recognize and utilize
the cluster environment. These APIs are fully documented in the Platform SDK.
Q. Should I use the Generic Service or Generic Application resource to make my
application highly available?
A. The generic services provide very rudimentary health monitoring (for example, is the
process that was started still a valid process on the system). It does not check that the
application is servicing requests since this requires specific knowledge of the application.
The generic resources can be used to make applications failover relatively quickly;
however, to provide a more appropriate health check, Microsoft recommends that you
build an application-specific resource dll.
Q. Does Microsoft validate or logo software products that work with Server clusters?
A. Yes, Server clustering is an optional component of the Windows Advanced Server
logo program. Applications can be logoed as working on a Server cluster.
Q. What Microsoft Applications are cluster-aware?
A. The following services shipped as part of the Windows operating system are cluster-
aware:
· DHCP Highly available DHCP server
· MSDTC Highly available distributed transaction coordinator
· IIS Highly available web server and FTP server*
· File Share Highly available file share service and DFS
· Message Queue Highly available MSMQ service
· MSMQ triggers Highly available MSMQ trigger service (new for Windows Server
2003)
· Print Spooler Highly available printer service
· WINS Highly available WINS service
The following additional Microsoft Products are cluster-aware:
· SQL Server 6.5, 7.0, 2000 and upwards
· Exchange Server 5.5 and upwards
· Services for Unix 3.0 and upwards
Q. Does Exchange 2000 support active/active clusters?
A. Yes, there are some caveats to supporting Exchange 2000 in an active/active
configuration.
Q. Does SQL Server support active/active clusters?
A. Yes, SQL Server allows the following:
· Multiple nodes in a cluster hosting different databases. Each database can be failed over
independently.
· Multiple nodes in a cluster hosting partitions of a single database using database views
to tie the different instances into a single logical database from a client perspective.
Q. Where do I find information about writing cluster-aware applications?
A. The cluster concepts and APIs are fully documented in the Platform SDK. In addition,
there are several examples in the Platform SDK that can be used to demonstrate Server
cluster integration.
Q. Is Services for Macintosh (SFM) supported in a Server cluster?
A. No, Services for Macintosh is not supported in a Server cluster.
Q. Is Services for Unix (SFU) supported in a Server cluster?
A. Yes, Services for Unix supports highly available NFS shares in SFU 3.0.
Miscellaneous Topics
Q. Can Server clusters and Network Load Balancing be used on the same set of servers?
A. No, Microsoft Server clusters (MSCS) and Network Load Balancing (NLB) are not
supported on the same set of nodes. Both Server clusters and Network Load Balancing
clusters control and configure network adapters. Since they are not aware of each other,
configuring one can interfere with the other.
Q. Can I use antivirus software with a Server cluster?
A. Yes, you should make sure that the vendor has tested their solution in a Server cluster
environment. Antivirus software typically layers into the storage stack as a disk driver.
This can have an impact on the clusters ability to failover a disk if the driver does not
support the required features.
Q. Does Microsoft provide a Distributed Lock Manager (DLM)?
A. No, at this time, Microsoft has no plans to release a distributed lock manager,
however, that may change if there is sufficient customer demand for a DLM service.
Note
Do not confuse a distributed lock manager with a cluster file system. A cluster file system
can be built in a number of ways, using a lock manager is one of them. However, just
providing a lock manager does not solve the cluster file system problem.
Q. Will Microsoft provide a shared disk cluster file system?
A. Microsoft is continually looking at ways to improve the services it provides on the
Windows operating system. A shared disk cluster file system is a way to provide a
number of attributes in a cluster:
· A single file system namespace visible to all applications on all nodes in the cluster
· High speed access to disks from any node in the cluster
Q. How do Server clusters and Fault tolerant servers relate?
A. Server clusters address a number of availability issues:
· Hardware failures
· Operating system failures
· Application failures
· Site failures
· Operating system and application upgrades
Fault tolerant servers provide an extremely reliable server platform that addresses
hardware failures by providing redundancy at the hardware level. In some cases, fault
tolerant servers can be used to address site failures.
In and of themselves, fault tolerant servers do not address issues relating to operating
system and application monitoring and failure recovery, nor do they address upgrading
the operating system or applications without taking the service down.
In summary, Server clusters are about providing high availability, fault tolerant servers
provide high reliability. By combining highly reliable, fault tolerant servers with Server
clusters, you get the best of both worlds; a set of reliable servers that can provide high
availability in the face of operating system and application failures and upgrades.
Q. How do I find Server cluster KB Articles?
A. All cluster KB articles can be found at http://go.microsoft.com/fwlink/?LinkID=538
· All Windows NT 4.0 related articles have keyword "MSCS"
· All Windows 2000 articles have keyword "W2000MSCS"
This should allow easy selection of Server cluster related articles
comments (0)
TOP
9:46 PM
Active Directory- FAQ

Posted by kalil
What is Active Directory?

What is LDAP?
Can you connect Active Directory to other 3rd-party Directory Services? Name a few
options.
Where is the AD database held? What other folders are related to AD?
What is the SYSVOL folder?
Name the AD NCs and replication issues for each NC
What are application partitions? When do I use them
How do you create a new application partition
How do you view replication properties for AD partitions and DCs?
What is the Global Catalog?
How do you view all the GCs in the forest?
Why not make all DCs in a large forest as GCs?
Trying to look at the Schema, how can I do that?
What are the Support Tools? Why do I need them?
What is LDP? What is REPLMON? What is ADSIEDIT? What is NETDOM? What is
REPADMIN?
What are sites? What are they used for?
What's the difference between a site link's schedule and interval?
What is the KCC?
What is the ISTG? Who has that role by default?
What are the requirements for installing AD on a new server?
What can you do to promote a server to DC if you're in a remote location with slow
WAN link?
How can you forcibly remove AD from a server, and what do you do later? • Can I get
user passwords from the AD database?
What tool would I use to try to grab security related packets from the wire?
Name some OU design considerations.
What is tombstone lifetime attribute?
What do you do to install a new Windows 2003 DC in a Windows 2000 AD?
What do you do to install a new Windows 2003 R2 DC in a Windows 2003 AD?
How would you find all users that have not logged on since last month?
What are the DS* commands?
What's the difference between LDIFDE and CSVDE? Usage considerations?
What are the FSMO roles? Who has them by default? What happens when each one
fails?
What FSMO placement considerations do you know of?
I want to look at the RID allocation table for a DC. What do I do?
What's the difference between transferring a FSMO role and seizing one? Which one
should you NOT seize? Why?
How do you configure a "stand-by operation master" for any of the roles?
How do you backup AD?
How do you restore AD?
How do you change the DS Restore admin password?
Why can't you restore a DC that was backed up 4 months ago?
What are GPOs?
What is the order in which GPOs are applied?
Name a few benefits of using GPMC.
What are the GPC and the GPT? Where can I find them?
What are GPO links? What special things can I do to them?
What can I do to prevent inheritance from above?
How can I override blocking of inheritance?
How can you determine what GPO was and was not applied for a user? Name a few ways
to do that.
A user claims he did not receive a GPO, yet his user and computer accounts are in the
right OU, and everyone else there gets the GPO. What will you look for?
Name a few differences in Vista GPOs
Name some GPO settings in the computer and user parts.
What are administrative templates?
What's the difference between software publishing and assigning?
Can I deploy non-MSI software with GPO?
You want to standardize the desktop environments (wallpaper, My Documents, Start
menu, printers etc.) on the computers in one department. How would you do that?
Tell Me About Yourself'

Your answer should be relevant to the job for which you are being interviews. Do not
start going into your personal life. Keep your self-introduction PROFESSIONAL.
A person is defined in three ways: (1) who he is right now, (2) what he has done in the
past, and (3) what he will become in the future.
So, here is how you answer: (1) I am a [the job title for which you are applying or
something very close.] (2) I have [how many years of experience] in [what field, what
subject]. (3) I want to be [a job title that is a couple or a few levels above the current
position for which you are applying in 5 to 10 years.]
Close your answer with an affirmative question: "Is there anything else you want to
know?"
Here are more suggestions for answering this very common interview question.
• You should be very straight forward and honest in replying to this question. The
interviewer wants to check if what you have mentioned in your resume is correct
or not.
• I would answer the question based on who is interviewing me? If it's a sales
manager/Technical Manager/Human resources manager? Depending on the
person's field I'll have to mend the answer to please him...I feel that everyone's
goals are different...so anlayse that and then answer.
• Answer this question with your 30 second "elevator speach" about yourself. The
standard format for this speech is... "I am a (BLANK), who does (WHAT)." In
my case... I am a PROJECT MANAGER, who PROVIDES QUALITY
MANAGEMENT SOLUTIONS, Blah, Blah, Blah. (you get the idea).
• The Answer can Start like this: "I have 10 years' sales rep experience, working in
a variety of industries, from retail to advertising. For the past two years I have
been working in the food industry. In addition to my successful sales techniques, I
have a great record for forming long-standing relationships with customers. I'm a
team player who thrives on challenge."
• Let me share what my recruiting office tells its candidates as they head out for
that crucial face-to-face interview. When asked to "tell me about yourself," say, "I
will gladly answer that question, but may I first ask you a question? (They
ALWAYS say yes) So that I may better focus my answer, what are the issues you
want me to address should you hire me? Once they share with you what they need
to have you do, then proceed to address how your training, education, skills, and
experience can best resolve these issues. By answering in this fashion, you have
proven that you know how to focus ... and that you have what's needed to fix the
issues they need to have fixed. It's always a winner ... and beats the heck out of,
"Well, let's see, I was born on a small farm in Idaho ..."
• I am a self-starter dedicated, hard-working person who works well with other,
punctual, detail oriented a team player, great organizational and interpersonal
skills.
Answer
Tell Me About Yourself
It's one of the most frequently asked questions in an interview: Tell me about yourself.
Your response to this request will set the tone for the rest of the interview. For some, this
is the most challenging question to answer, as they wonder what the interviewer really
wants to know and what information they should include.
Eleanor dreaded this question. When it was the first one asked at her interview, she
fumbled her way through a vague answer, not focusing on what she could bring to the
job.
"I'm happily married and originally from Denver," she began. "My husband was
transferred here three months ago, and I've been getting us settled in our new home. I'm
now ready to go back to work. I've worked in a variety of jobs, usually customer service-
related. I'm looking for a company that offers growth opportunities."
The interview went downhill after that. She had started with personal information and
gave the interviewer reason to doubt whether she was an employee who would stay for
very long.
* She's married, and when her husband gets transferred that means she has to leave; she
did it once and can do it again.
* She has some work experience with customers but didn't emphasize what she did.
* She is looking to grow. What about the job she is applying for? Will she stay content
for long?
The secret to successfully responding to this free-form request is to focus, script and
practice. You cannot afford to wing this answer, as it will affect the rest of the interview.
Begin to think about what you want the interviewer to know about you.
Focus
List five strengths you have that are pertinent to this job (experiences, traits, skills, etc.).
What do you want the interviewer to know about you when you leave?
Eleanor is strong in communications and connecting with people. She has a strong
background and proven success with customer relationships. Her real strength is her
follow-through. She prides herself on her reputation for meeting deadlines.
Scripting
Prepare a script that includes the information you want to convey. Begin by talking about
past experiences and proven success:
"I have been in the customer service industry for the past five years. My most recent
experience has been handling incoming calls in the high tech industry. One reason I
particularly enjoy this business, and the challenges that go along with it, is the
opportunity to connect with people. In my last job, I formed some significant customer
relationships resulting in a 30 percent increase in sales in a matter of months."
Next, mention your strengths and abilities:
"My real strength is my attention to detail. I pride myself on my reputation for following
through and meeting deadlines. When I commit to doing something, I make sure it gets
done, and on time."
Conclude with a statement about your current situation:
"What I am looking for now is a company that values customer relations, where I can join
a strong team and have a positive impact on customer retention and sales."
Practice
Practice with your script until you feel confident about what you want to emphasize in
your statement. Your script should help you stay on track, but you shouldn't memorize it
-- you don't want to sound stiff and rehearsed. It should sound natural and conversational.
Even if you are not asked this type of question to begin the interview, this preparation
will help you focus on what you have to offer. You will also find that you can use the
information in this exercise to assist you in answering other questions. The more you can
talk about your product -- you -- the better chance you will have at selling it.

Ads Int Faq

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Ads Int Faq

Uploaded by

Copyright:

1. What is Global Catalog Server?

4. What does SYSVOL contains?

5. Which is service in your windows is responsible for replication of Domain controller

6. How data will travel between sites in ADS replication?

8. What Intrasite and Intersite Replication?

9. What is lost & found folder in ADS?

10. What is Garbage collection?

11. What System State data contains?

12. How do you restore a particular OU which got deleted by accident?

13. What is IPSec Policy?

14. What are different types of Group Policy?

15. What is the order of applying Group Policy?

17. How to edit the Schema in ADS?

18. What is Domain Local, Global Group, Universal group?

19. Diff between Global & Universal group?

21. What does mean by root DNS servers?

22. What are the different records in DNS?

23. What is a SOA record?

25. What is RsOP?

26. What is default lease period for DHCP Server?

28. What is multicast?

29. What is superscope?

30. What is the System Startup process?

Windows 2K boot process on Intel architecture.

1. Power-On Self Tests (POST) is run.

3. The active partition is located, and the boot sector is loaded.

The boot sequence executes the following steps:

2. The Windows 2000 loader starts a mini-file system.

31. What is WINS hybrid & mixed mode?

Broadcast (B-node)—Clients use a broadcast only to resolve names. An enhanced B-node

32. What is Disk Quota?

1) What is different Editions of Windows 2003 server?

3)What is the active directory database name and where it is located?

Name : NTDS.Dit located in c:\windows\ntds\

4)What is the expansion of .Dit ? Scalable size of NTDS in 2k3?

5) What is schema in AD?

7) What are the domain functional levels in 2k3?

8) What is Global catalog and GC server?

9) What are the functions of GC?

A) It enables a user to log on to a network by providing universal group membership

10) What is the active directory database engine name?

11) What are the partitions available in AD?

12) What are the two types of replications?

13) What is KCC? What is the function of the KCC?

14) What is the two trust protocols 2k3 using?

15) What are the trust relations available in 2k3?

16)What is the hierarchy of applying Gpo in 2k3?

17) What are the protocols used on replication?

18) What is the default time delay on replication?

19) What Different tables available in NTDS database?

20) What is tombstone object in AD? What is its life time?

21) FSMO Roles

Domain naming master

Relative ID (RID) Master:

1. Q) Can I changed password if my machince’s connectivity to DC who holds PDC

1. Which protocol is used for Public Folder?

1. What is the content of System State backup?

Q: What are the perquisites for installation of Exchange Server?

Question: What is Multi Master Replication?

DFS? DFS Namespace ?

What are the four domain functional levels?

system admin FAQ with Answers

To find the domain naming master, follow these steps:

.DHCP LEASE PROCESS

DHCP SERVER- Dynamic host configuration protocol is used to automatically assign