Omarsoft For IT Solutions (Java Codes ,C#.NET Codes , ASP.NET Codes ,VB.NET Codes ,Oracle Database Administration, Real Application Cluster , Remote Support, Cloud Services , Networks ,Virtualization....
  • الأنظــمــة المكتبية        Windows App Programming
  • أنظــمـةالويــب        Web based systems programming
  • تطبيقات الهواتف الذكية     smartphones programming
  • إدارة قواعــــــد البيــــــــــــــــانات        Database Administration
  • إدارة الشبكـــــــــــــــــــــــــــــــــات        Networks Administration
  • إدارة الســـيــرفرات (ويب - محلية)  Servers Administration
  • إدارة مخـــــــــــــــــازن البيــــــــــــانات     Storage Administration
  •             N Computing & 2X Application services

    Social Icons


Active Directory Interview Questions And Answers I

Question # 1
Explain Active Directory?
"Active Directory is the directory service used in Windows 2000 Server and is the foundation of Windows 2000 distributed networks."
The core of Active Directory is a combination of an LDAP server and MIT Kerberos 5 KDC running on a Windows 2000 server acting as a domain controller that work as a unit to provide authentication ("Who are you?") and authorization ("What are you allowed to do?") information within a group of interlinked systems.
Above and beyond that, the LDAP "face" of this structure behaves as an enterprise-wide distributed database that not only contains Windows-specific information but can be extended to incorporate user-defined data as well.
The AD is held together by DNS, which is used not only to locate specific machines within the AD but also to locate which functions of the AD are running on which domain controllers.

Question # 2
What is Forest?
The term "forest" is used to describe a collection of AD domains that share a single schema for the AD. All DC's in the forest share this schema and it is replicated in a hierarchical fashion among them.  The preferred model for Windows 2000 AD is to have an organization use a single forest that spans an entire enterprise.
While not an administrative block by themselves, forests are a major boundary in that only limited communication is available between forests. For example, it is difficult for a user in one forest to access a resource in another forest.
It is very difficult to integrate forests at this time because of potential problems reconciling schema differences between two forests.

Question # 3
What is Domains in Active Directory?
In Windows 2000, a domain defines both an administrative boundary and a security boundary for a collection of objects that are relevant to a specific group of users on a network. A domain is an administrative boundary because administrative privileges do not extend to other domains. It is a security boundary because each domain has a security policy that extends to all security accounts within the domain. Active Directory stores information about objects in one or more domains.
Domains can be organized into parent-child relationships to form a hierarchy. A parent domain is the domain directly superior in the hierarchy to one or more subordinate, or child, domains. A child domain also can be the parent of one or more child domains, as shown below.

Question # 4
What is Organizational Units?
OU's have many of the attributes of an NT 4 domain. However, instead of requiring server resources to create and support, they are a logical construct within the Active Directory so an OU does not have to support and maintain a domain controller.
OU's are created by an administrator of an AD domain and can be freely named (and renamed). The OU can then be populated objects of many types including computers, groups, printers, users and other sub-OU's.
The real power of an OU is that once it is established, the administrator of its "parent" can delegate administrative authority -- in total or in part -- to any user or group that is in the AD.
When this happens, the designated user/group gains complete administrative authority over all objects in their OU and thus has all of the rights and abilities that a Windows NT domain administrator would have as well as some new ones such as the ability to further segment their OU into sub-OU's and delegate authority over those sub-elements as they see fit.

Question # 5
What is the Group Policy?

Group Policy is one of the most exciting -- and potentially complex -- mechanisms that the Active Directory enables. Group policy allows a bundle of system and  user settings (called a "Group Policy Object" or GPO) to be created by an administrator of a domain or OU and have it automatically pushed down to designated systems.
Group Policy can control everything from user interface settings such as screen background images to deep control settings in the client such as its TCP/IP configuration and authentication settings. There are currently over 500 controllable settings.  Microsoft has provided some templates as well to provide a starting  point for creating policy objects.
A significant advantage of group policy over the old NT-style policies is that the changes they make are reversed when the policy no longer applies to a system. In  NT 4, once a policy was applied to a system, removing that policy did not by itself roll back the settings that it imposed on the client. With Windows 2000, when a specified policy no longer applies to a system it will revert to its previous state without administrative interference.
Multiple policies from different sources can be applied to the same object. For example, a domain might have one or more domain-wide policies that apply to all systems in the domain. Below that, systems in an OU can also have policy objects applied to it, and the OU can even be further divided into sub-OU's with their own policies.
This can create a very complex web of settings so administrators must be very careful when creating these multiple layers of policy to make sure the end result -- which is the union of all of the applicable policies with the "closest" policy taking priority in most cases -- is correct for that system. In addition, because Group  policy is checked and applied during the system boot process for machine settings and again during logon for user settings, it is recommended that GPO's be applied to a computer from no more than five "layers" in the AD to keep reboot and/or login times from becoming unacceptably long.

Question # 6
What is Empty Root Domain?
The "empty root domain" is an AD design element that has become increasingly popular at organizations with decentralized IT authority such as universities.
The empty root domain acts as a placeholder for the root of Active Directory, and does not typically contain any users or resources that are not required to fulfill this roll [sic]. [...] Only those privileges that have tree or forest-wide scope are restricted to the empty root domain administrators. Departmental administrators can work independently of other departments.
This politically neutral root domain provides a central source of authority and policy enforcement, and provides a single schema and global catalog that allows users  to find resources anywhere in the university/district/state system. Individual IT departments retain a significant degree of independence and can control their own users and resources without having to worry that actions by administrators in other departments will disrupt their domain.

Question # 7
What is Mixed Mode?
Allows domain controllers running both Windows 2000 and earlier versions of Windows NT to co-exist in the domain. In mixed mode, the domain features from previous versions of Windows NT Server are still enabled, while some Windows 2000 features are disabled. Windows 2000 Server domains are installed in mixed mode by default. In mixed mode the domain may have Windows NT 4.0 backup domain controllers present. Nested groups are not supported in mixed mode.

Question # 8
What is Native Mode?
When all the domain controllers in a given domain are running Windows 2000 Server. This mode allows organizations to take advantage of new Active Directory features such as Universal groups, nested group membership, and inter-domain group membership.

Question # 9
What is LDAP?
LDAP is the directory service protocol that is used to query and update AD. LDAP naming paths are used to access AD objects and include the following:
•    Distinguished names
•    Relative Distinguished names

Question # 10
Minimum Requirement for Installing AD?
1.    Windows Server, Advanced Server, Datacenter Server
2.    Minimum Disk space of 200MB for AD and 50MB for log files
3.    NTFS partition
4.    TCP/IP Installed and Configured to use DNS
5.    Administrative privilege for creating a domain in existing network

Question # 11
How will you verify whether the AD installation is proper?
1.    Verify SRV Resource Records
After AD is installed, the DC will register SRV records in DNS when it restarts. We can

check this using DNS MMC or nslookup command. Using MMC
If the SRV records are registered, the following folders will be there in the domain folder in Forward Lookup Zone.
•    msdes
•    sites
•    tcp
•    adp
Using nslookup
>ls -t SRV Domain
If the SRV records are properly created, they will be listed.
2.    Verifying SYSVOL
If SYSVOL folder is not properly created data stores in SYSVOL such are scripts, GPO, etc will not be replicated between DCs.
First verify the following folder structure is created in SYSVOL Domain
Staging Staging areas Sysvol
Then verify necessary shares are created.
>net share
It should show two shares, NETLOGON and SYSVOL
3.    Verifying Database and Log files
Make sure that the following files are there at %systemroot%ntds Ntds.dit, Edb.*, Res*.log

Question # 12
Explain Active Directory schema?
The Active Directory schema is the set of definitions that defines the kinds of objects, and the types of information about those objects, that can be stored in Active Directory. The definitions are themselves stored as objects so that Active Directory can manage the schema objects with the same object management operations used for managing the rest of the objects in the directory.
There are two types of definitions in the schema: attributes and classes. Attributes and classes are also referred to as schema objects or metadata.
Attributes are defined separately from classes. Each attribute is defined only once and can be used in multiple classes. For example, the Description attribute is used in many classes, but is defined once in the schema, assuring consistency.

Question # 13
Can you explain LDAP?
The Lightweight Directory Access Protocol, or LDAP , is an application protocol for querying and modifying data using directory services running over TCP/IP

Question # 14
What is Domain Controller?
In an Active directory forest, the domain controller is a server that contains a writable copy of the Active Directory Database participates in Active directory replication and controls access to network resource.

Question # 15
Define Active Directory?
An active directory is a directory structure used on Microsoft Windows based computers and servers to store information and data about networks and domains.

Question # 16
Why we need Netlogon?
Maintains a secure channel between this computer and the domain controller for authenticating users and services. If this service is stopped, the computer may not authenticate users and services, and the domain controller cannot register DNS records."

Question # 17

Define Kerberos?
Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography.

Question # 18
Explain What are the standard Port numbers?
SMTP - 25,
POP3 - 110,
IMAP4 - 143,
RPC - 135,
LDAP - 389,
SSL - 443,
HTTP - 80,
RDP - 3389,
DNS - 53,
DHCP - 67,68, FTP-21,
Secure LDAP - 636, Kerberos - 88,
NNTP - 119,
TFTP - 69,
SNMP - 161.

Question # 19
What is DNS Scavenging?
Scavenging will help you clean up old unused records in DNS.

Question # 20
Explain Where is the AD database held? What other folders are related to AD?
%SystemRoot% tdsNTDS.DIT.
Edb*.log is the transaction log file. Each transaction file is 10 megabytes (MB). When Edb.log file is full, active directory renames it to Edbnnnnn.log, where nnnnn  is an increasing number starts from 1.
Edb.chk is a checkpoint file which is use by database engine to track the data which is not yet written to the active directory database file. The checkpoint file act as a pointer that maintains the status between memory and database file on disk. It indicates the starting point in the log file from which the information must be recovered if a failure occurs.
Res1.log and Res2.log: These are reserved transaction log files. The amount of disk space that is reserved on a drive or folder for this log is 20 MB. This reserved  disk space provides a sufficient space to shut down if all the other disk space is being used.

Question # 21
How to upgrade from Windows 2003 DC to Windows 2008 DC?
Windows 2003 must be running with SP2 Run adprep /forestprep
Run adprep /domainprep
Start the installation from Windows 2008 DVD Domain level must be in Native Mode
Installation must be started from windows 2003 OS

Question # 22
What is new in Windows Server 2008 Active Directory Domain Services?
AD Domain Services auditing, Fine-Grained Password Policies,Read-Only Domain Controllers,Restartable Active Directory Domain Services

Question # 23
Explain What are RODCs? And what are the major benefits of using RODCs?
Read only Domain Controller, organizations can easily deploy a domain controller in locations where physical security cannot be guaranteed.

Question # 24
Tell me What is the SYSVOL folder?
The Sysvol folder on a Windows domain controller is used to replicate file-based data among domain controllers.  %systemroot%SYSVOL

Question # 25
Do you know How frequently is the group policy refreshed?
90 minutes give or take.

Question # 26
What is the number of permitted unsuccessful logons on Administrator account?
Unlimited. Remember, though, that it's the Administrator account, not any account that's part of the Administrators group.

Question # 27
What hidden shares exist on Windows Server 2003 installation?
Admin$, Drive$, IPC$, NETLOGON, print$ and SYSVOL.

Question # 28
What is the List Folder Contents permission on the folder in NTFS?
Same as Read & Execute, but not inherited by files within a folder. However, newly created subfolders will inherit this permission.

Question # 29
Where is GPT stored?

Question # 30
Explain GPT and GPC?
Group policy template and group policy container.

Question # 31
Tell me Where are group policies stored?

Question # 32
Explain What is the difference between local, global and universal groups?
Domain local groups assign access permissions to global domain groups for local domain resources. Global groups provide access to resources in other trusted domains. Universal groups grant access to resources in all trusted domains.

Question # 33
Define LSDOU?

It's group policy inheritance model, where the policies are applied to Local machines, Sites, Domains and Organizational Units

Question # 34
is a command line tool used to monitor and troubleshoot replication on a computer running Windows.
•    Checks replication consistency between replication partners.
•    Monitors replication status.
•    Displays replication metadata.
•    Forces replication events.

Question # 35
What is NETDOM?
NETDOM is a command-line tool that allows management of Windows domains and trust relationships

Question # 36
ADSI Edit is an LDAP editor for managing objects in Active Directory. This Active Directory tool lets you view objects and attributes that are not exposed in the Active Directory Management Console.

Question # 37
What is REPLMON?
Replmon is the first tool you should use when troubleshooting Active Directory replication issues

Question # 38
How to find FSMO roles?
Netdom  query  fsmo    OR    Replmon.exe

Question # 39
How to view all the GCs in the forest?
repadmin.exe /options * and use IS_GC for current domain options. nltest /dsgetdc:corp /GC

Question # 40
Explain Global Catalog?
A global catalog server is a domain controller that, in addition to its full, writable domain directory partition replica, also stores a partial, read-only replica of all other domain directory partitions in the forest
Global group's membership is limited to accounts from the same domain. The membership is replicated in its own domain only. Universal group's memership is limited to accounts from the same forest.The membership is replicated across the forest

Question # 41
How to view replication properties for AD partitions and DCs?

Question # 42
What is the the Directory Partitions?

Schema Partition:
Only one schema partition exists per forest. The schema partition is stored on all domain controllers in a forest. It contains definitions of all objects and attributes that can be created in the directory.
Configuration Partition:
There is only one configuration partition per forest. the configuration partition contains information about the forest-wide active directory structure. Domain Partition:
Many domain partitions can exist per forest. Domain partitions are stored on each domain controller in a given domain. A domain partition contains information  about users, groups, computers, and organizational units.
Application Partition:
It stores information about applications in Active Directory. It is replicated only to specific domain controllers.

Question # 43
How to Seize FSMO Roles?
ntdsutil - type roles - connections - connect servername - q - type seize role - at the fsmo maintenance prompt - type seize rid master

Question # 44
How to transfer FSMO Roles?
ntdsutil - type roles - connections - connect servername - q - type transfer role - at the fsmo maintenance prompt - type trasfer rid master

Question # 45
What is a Flexible Single Master Operation?
It is a role that only one DC can (or should) hold at any given time within its boundary.
Schema Master - Use MMC "Active Directory Schema Snap-in". The schema master domain controller controls all updates and modifications to the schema. Once  the Schema update is complete, it is replicated from the schema master to all other DCs in the directory.
Domain Naming Master - Use "Active Directory Domains and Trusts". It controls the addition or removal of domains in the forest. Primary Domain Controller (PDC) Emulator - Use the "ADUC" . The PDC emulator is necessary to synchronize time in an enterprise.
Relative ID Master (RID Master) - Use "ADUC". All objects have a SID and a domain SID. The RID assigns relative IDs to each domain controller. Infrastructure Master - Use the "ADUC". Updates group membership information when users from other domains are moved or renamed.
The Infrastructure Master (IM) role should be held by a domain controller that is not a Global Catalog server (GC). If the Infrastructure Master runs on a Global Catalog server it will stop updating object information because it does not contain any references to objects that it does not hold.

Question # 46
What is the ISTG - Intersite topology generator?
ISTG is responsible for creating Active Directory Replication Connection objects for appropriate bridgehead servers within its site. Intersite replication can utilize either RPC over IP or SMTP to convey replication data.
Bridgehead server - A domain controller that is used to send replication information to one or more other sites DHCP Superscope:
A rage of IP address that span several subnets. The DHCP server can assign these address to clients that are on several subnets. DHCP Scope:
A range of IP address that the DHCP server can assign to clients that are on one subnet A stub zone
It is a copy of a zone that contains only those resource records necessary to identify the authoritative Domain Name System (DNS) servers for that zone. A stub zone is used to resolve names between separate DNS namespaces. This type of resolution may be necessary when a corporate merger requires that the DNS servers for two separate DNS namespaces resolve names for clients in both namespaces.
A stub zone consists of: SOA, NS, A Records

Question # 47
What is the KCC (Knowledge consistency checker)?
The KCC generates and maintains the replication topology for replication within sites and between sites. KCC runs every 15 minutes.

Question # 48
How you add a user in ad by commandline?

Question # 49
How to do the work with human?
Its very easy please logon to and see this answer

Question # 50
What is Lightweight Directory Access Protocol?
LDAP is the directory service protocol that is used to query and update AD. LDAP naming paths are used to access AD objects and include the following:
*    Distinguished names
*    Relative Distinguished names

Question # 51
What is the minimum requirement for installing AD?
*    Windows Server, Advanced Server, Data center Server
*    Minimum Disk space of 200 MB for AD and 50 MB for log files
*    NTFS partition
*    TCP/IP Installed and Configured to use DNS
*    Administrative privilege for creating a domain in existing network

Question # 52
How will you verify whether the AD installation is proper with SRV resource records?
Verify SRV Resource Records:
After AD is installed, the DC will register SRV records in DNS when it restarts. We can check this using DNS MMC or nslookup command.

Question # 53
How to Verifying SYSVOL?
If SYSVOL folder is not properly created data stores in SYSVOL such are scripts, GPO, etc will not be replicated between DCs. First verify the following folder structure is created in SYSVOL.
*    Domain
*    Staging
*    Staging areas
*    Sysvol
Then verify necessary shares are created.

Question # 54
How to verifying database and Log files?
Make sure that the following files are there at %systemroot%ntds Ntds.dit, Edb.*, Res*.log

Question # 55
What is NTDS.DIT?
This is the AD database and stores all AD objects. Default location is SystemRoot%ntdsNTDS.DIT.
Active Directory's database engine is the Extensible Storage Engine which is based on the Jet database and can grow up to 16 TB.

Question # 56
What is NTDS.DIT schema table?
The types of objects that can be created in the Active Directory, relationships between them, and the attributes on each type of object. This table is fairly static and much smaller than the data table.

Question # 57
What is NTDS.DIT Link table?
Link Table contains linked attributes, which contain values referring to other objects in the Active Directory. Take the Member Of attribute on a user object. That attribute contains values that reference groups to which the user belongs. This is also far smaller than the data table.

Question # 58
What is NTDS.DIT Data table?
Data Table users, groups, application-specific data, and any other data stored in the Active Directory.

Question # 59
How many types of Active Directory data?
*    Active Directory has three types of data:
*    Schema information
*    Configuration information
*    Domain information

Question # 60
What is Domain information in Active Directory?
Object information for a domain. Replicates to all DCs within a domain. The object portion becomes part of GC. The attribute values only replicates within the domain.

Question # 61
Define Res1.log and Res2.log?
This is reserved transaction log files of 20 MB (10 MB each) which provides the transaction log files enough room to shutdown if the other spaces are being used.

Question # 62
What is ADS Database garbage collection process?
Garbage Collection is a process that is designed to free space within the Active Directory database. This process runs independently on every DC with a default lifetime interval of 12 hours.

Question # 63
List the main steps of Garbage collection process?
*    Removing "tombstones" from the database. Tombstones are remains of objects that have been previously deleted.
*    Deletion of any unnecessary log files.
*    The process launches a defragmentation thread to claim additional free space.

Question # 64
What is Online Defragmentation in Active Directory?
Online Defragmentation method that runs as part of the garbage collection process. The only advantage to this method is that the server does not need to be taken offline for it to run. However, this method does not shrink the Active Directory database file (Ntds.dit).

Question # 65
What is Schema information in Active Directory?
Definitional details about objects and attributes that one CAN store in the AD. Replicates to all DCs. Static in nature.

Question # 66
What is Schema Configuration in Active Directory?
Configuration data about forest and trees. Replicates to all DCs. Static as your forest is.

Question # 67
What is Offline Defragmentation in Active Directory?
Offline Defragmentation is done by taking the server offline and use Ntdsutil.exe to defragment the database. This approach requires that the ADS database be started in repair mode. The advantage to this method is that the database is resized, unused space is removed, and the size is reflected by the Ntds.dit file.

Question # 68
How to do Offline Defragmentation of Active Directory?
Active Directory routinely performs online database defragmentation, but this is limited to the disposal of tombstoned objects. The database file cannot be compacted while Active Directory is mounted.
To defrag ntds.dit offline:
*    Back up System State in the backup wizard.
*    Reboot and select Directory Services Restore Mode.
*    At the command prompt:
*    Ntdsutil
*    Files
*    Info
This will display current information about the path and size of the Active Directory database and its log files.
Compact to D:DbBackup
You must specify a directory path and if the path name has spaces, the command will not work unless you use quotation marks: Quit (till you reach the command prompt)
A new compacted database named Ntds.dit can be found in D:DbBackup.
Copy the new ntds.dit file over the old ntds.dit file. You have successfully compacted the Active Directory database.

Question # 69
Define EDB.LOG?
This is the transaction log file (10 MB). When EDB.LOG is full, it is renamed to EDBnnnn.log. Where nnnn is the increasing number starting from 1.

Question # 70
Define EDB.CHK?
This is the checkpoint file used to track the data not yet written to database file. This indicates the starting point from which data is to be recovered from the log file,  in case of failure.

Question # 71
Define Domain Forests in Active Directory?
A forest consists of multiple domain trees. The domain trees in a forest do not form a contiguous namespace but share a common schema and GC. The forest root domain is the first domain created in the forest. The root domains of all domain trees in the forest establish transitive trust relationships with the forest root domain. This is necessary for the purposes of establishing trust across all the domain trees in the forest. All of the Windows 2000 domains in all of the domain trees in a forest share the following traits:
*    Transitive trust relationships between the domains
*    Transitive trust relationships between the domain trees
*    A common schema
*    Common configuration information
*    A common global catalog
Using both domain trees and forests provides you with the flexibility of both contiguous and non-contiguous naming conventions. This can be useful in, for example, companies with independent divisions that must each maintain their own DNS names.

Question # 72
Define domain Trees in Active Directory?
Tree is a hierarchical arrangement of W2K domains that share a contiguous name space. The first domain in a domain tree is called the root domain. Additional

domains in the same domain tree are child domains. A domain immediately above another domain in the same domain tree is referred to as the parent of the child domain.  The name of the chills domain is combined with its parent domain to form its DNS name. Every child domain has a two two-way, transitive trust  relationship with its parent domain Because these trust relationships are two-way and transitive, a Windows 2000 domain newly created in a domain tree or forest immediately has trust relationships established with every other Windows 2000 domain in the domain tree or forest.
These trust relationships allow a single logon process to authenticate a user on all domains in the domain tree or forest. This does not necessarily mean that the authenticated user has rights and permissions in all domains in the domain tree. Because a domain is a security boundary, rights and permissions must be assigned on a per-domain basis.

Question # 73
Define Active Directory Schema Attributes?
Attributes are defined separately from classes. Each attribute is defined only once and can be used in multiple classes. For example, the Description attribute is used  in many classes, but is defined once in the schema, assuring consistency.

Question # 74
Define Active Directory schema?
The Active Directory schema is the set of definitions that defines the kinds of objects, and the types of information about those objects, that can be stored in Active Directory. The definitions are themselves stored as objects so that Active Directory can manage the schema objects with the same object management operations used for managing the rest of the objects in the directory.
There are two types of definitions in the schema: attributes and classes. Attributes and classes are also referred to as schema objects or metadata.

Question # 75
Define Active Directory Sites?
Site consists of one or more IP subnets connected by a high speed link. Wide area networks should employ multiple sites for efficiently handling servicing requests and reducing replication traffic. Sites map the physical structure of your network whereas domains generally map the logical structure of your organization.
Active Directory Sites and Services allow you to specify site information. Active Directory uses this information to determine how best to use available network resources.

Question # 76
What are the advantages of Active Directory Sites?
Active Directory Sites and Services allow you to specify site information. Active Directory uses this information to determine how best to use available network resources.

Question # 77
Define Active Directory Classes?
Classes, also referred to as object classes; describe the possible directory objects that can be created. Each class is a collection of attributes. When you create an object, the attributes store the information that describes the object. The User class, for example, is composed of many attributes, including Network Address, Home Directory, and so on. Every object in Active Directory is an instance of an object class.

Question # 78
Define Service requests in Active Directory?
When a client requests a service from a domain controller, it directs the request to a domain controller in the same site. Selecting a domain controller that is well-connected to the client makes handling the request more efficient.

Question # 79
What is GC in Active Directory?
GC is created automatically on the first DC in the forest. It stores a full replica of all objects in the directory for its host domain and a partial replica of all objects of every other domain in the forest. The replica is partial because it stores only some attributes for each objects.

Oracle 11g RAC Installation on Linux

Oracle 11g RAC Installation on Linux

Prepare all nodes for Cluster Software Installation:
Change /etc/hosts file to contain name of all nodes or DNS should be able to provide service name if you are not using SCAN (For 11gR2 release only).
Configure SSH
On both server run /usr/bin/ssh-keygen -t rsa from oracle account.
When prompted press enter (for now.)
all key files are located in ~/.ssh directory
1. id_rsa - is private key do not distribute.
2. is public key. (Copy this content to another server in authorzed_keys file.)
Similarly generate dsa key also and place in all nodes authorized_keys file.
Once copy is complete verify ssh is working from both server using
From node1 run ssh node2 date
From node2 run ssh node1 date

Verify that ntp server is runnin. Also make sure that both machine shows same time using following command:
date ;ssh anothernodename date
both should print same time.
If not use ntpdate command (check linux link).

Use RAID Software to create proper 3 LUNs  (check linux link for more detail.)

Configure public and private networks using /usr/sbin/system-config-network for network adapters.
Verify those adapter are up and running using ifconfig command.
if particular adapter is not up then command ifup to restart those adapter and make sure it shows correct IP addresses and those IPs are pingable.
ifup eth1
For private networks try to use network adapter that uses Interconnect/RDMA technology.

Make sure that firewall is not filtering UDP packet on private network (Because Oracle is using UDP packet for private network.)
 verify that using /etc/rc.d/init.d/iptables status command.
The following command display current iptables settings.
/sbin/iptables -L
Make backup of iptable files before you make any changes.
p>To take backup use /etc/init.d/iptables save command
then copy /etc/sysconfig/iptables BACKUPFILENAME
If you have Oracle Enterprise Linux installed then you can use Oracle public yum server to update:
To configure you can goto /etc/yum.repos.d and try following command
public-yum-el5.repo, or public-yum-ovm2.repo depending on your configuration and set enabled=1 accordingly.
Once updated correctly you can see list of packages by issuying
yum list

If vncserver is installed on server and would like to use it then you have to start vncserver if it is not running.
first time it will ask you for password.
To enable desktop on vnc server change file /root/.vnc/xstartup.
#Uncomment the following two lines for normal desktop :
exec /etc/X11/xinit/xinitrc

To generate kickstart file you can always use kickstart program.
To add/remote program on Linux with gui you can use pirut program.
You can copy all installation files on drive using following command.
mkdir /mnt/iso
mount -p loop disk1.iso /mnt/iso
copy all files to one location for example /root/binaries/linux/RPMS/
unmount /mnt/iso
Repeat above instruction for all CDs and copy it in same directory.
or use DVD drive to mount DVD media
cd /mnt
mkdir cdrom
mount /dev/cdrom /mnt/cdrom

Once files are copied you can change directory to repodata under RPMS and run following command (optional)
createrepo -g comps-rhel5-server-core.xml .
Edit yum config file from /etc/yum.repos.d and add [oel5] tag and its content in file.

name=Enterprise Linux 5
Then run yum clean all and run pirut that should give you original installation screen.

Verify partition using cat /proc/partition command.

For EMC Fibre Channel storage make sure that  EMC Navisphere agent is installed on each node. And on storage make sure that Navisphere software assign the correct storage group to each node. 
If you have SCSI storage then those devices display as sdb, sdc and so on. The LUNs on Fibre Channel storage or SCSI enclosure should also be seen as SCSI devices.
With one RAID container it should show as sda and if you have two Logical Disk Groups then those will be display as sdb and sdc. If you have Fibre Channel Controller that should show as sda and RAID group on on storage will show as emcpowera and emcpowerb as pseudo devices.
Make sure that all nodes on cluster is able to see same number of LUNs. (Duplicate mount of same lun is also not allowed so if you use multiple device path to access same storage Oracle will error out.)
If you dont see any external storage devices for a Fibre Channel system thenstop services by following commands:
service naviagent stop
service PowerPath stop
Then sync HBA driver by reloading it using
rmmod qla2300
modprobe qla2300
Above example is for QLogic HBAs
For Emulex HBA
rmmod lpfcdd
modprobe lpfcdd
Then restart services using
service PowerPath start
service naviagent start
For SCSI enclosure reboot all nodes.
For iSCSI storage use following command to stop start services
service iscsi stop
service iscsi start

Before start installation set host equivalence for oracle user from all nodes otherwise it will give an error PRVF-4007. 
exec /usr/bin/ssh-agent $SHELL

Create directory strcture for OFA on both nodes.
mkdir -p /u01/app/oracle
chown -R oracle:oinstall /u01/app/oracle
chmod -R 775 /u01/app/oracle

To install Oracle ASM libraries for Linux, make sure that you are using version that match with your kernel, use uname -r command to find your kernel information. Install the following three packages using root user on all nodes.
  • oracleasm-support - contains binary files (/usr/sbin/*) for supporting oracleasm
  • oracleasm modules - which is kernel loadable module
  • oracleasmlib - Library files needed to support oracleasm
rpm -ivh oracleasm-support-2.1.3-1.el5.i386.rpm
rpm -ivh oracleasm-2.6.18-194.el5-2.0.5-1.el5.i686.rpm
rpm -ivh oracleasmlib-2.0.4-1.el5.i386.rpm
Display configure oracle asm using
/usr/sbin/oracleasm configure
Configure oracle asm using oracleasm -i parameter
/usr/sbin/oracleasm configure -i
default user : oracle
default group : oinstall
Start Oracle ASM library driver on boot (y/n) [n]: y
Scan for Oracle ASM disks on boot (y/n) [y] : y
This load oracle ASMLib driver filesystem, creates /etc/sysconfig/oracleasm file and creates /dev/oracleasm mount point.
If there is any problem loading module then check /var/log/oracleasm log file to find out more to resolve issue.
/usr/sbin/oracleasm init to load driver.
You should see message Mounting ASMLib driver filesystem: /dev/oracleasm
In case if it fails then it will log messages like Unable to load modules "oracleasm" then run up2date -i oracleasm-`uname -r`

To add package using rpm use
rpm -ivh packagename.rpm
and to remove package use
rpm -e packagename.rpm
In case if you want to find out which packages are loaded use rpm -qa |grep -in 'oracle'

Prepare ASM volumes
Use fdisk /dev/sde to partition the volume.
create new partition using n command when ask for partittion type select primary.
select first partition by selecting 1 and then create from 1st Cylinder by typing First Cylinder value : 1
Last Cylinder or +size or +sizeM or +sizeK (xxx) :512
similarly create another partition of same size but partition number 2. (from 512 to 1024)
Once all partition created run
By using partprobe command if you are using SCSI LUN then ownership will change for kernel 2.6 and above
Then assign those partition to raw device using raw command
raw /dev/raw/raw1 /dev/sdc1
raw /dev/raw/raw2 /dev/sdd2
Perform similar action on other nodes based on their mount point(sometime it may be different because their number of disk may be different.) so finally map it on /dev/raw/rawN correctly so from all node it can access.
Also add entry in /etc/sysconfig/rawdevices
/dev/raw/raw1 /dev/sdc1
/dev/raw/raw2 /dev/sdd2
So next time it boot it will autogenerate those devices.
If you have kernel 2.6 then create file /etc/udev/rules.d/99-raw.rules (for Oracle RHE5, OEL5, and SLES9)
For example:
KERNEL=="raw[1-2]*", OWNER="oracle",GROUP="oinstall", MODE="640"
First line will take raw1 and raw2 and change ownership to oracle:oinstall and set mode to 640.
now add those disk in asm by giving the following command (You may do this for 11gR2 because OCR and Voting Disk can be placed on ASM).
/usr/sbin/oracleasm createdisk DG_CRS1 /dev/raw/raw1
To display list use
/usr/sbin/oracleasm listdisks
/usr/sbin/oracleasm configure/init/exit/scandisk/status/listdisks/querydisk/createdisk/deletedisk/renamedisk/update-driver are options
In case if you have already existing asm disk then (in case of backup restored) use /usr/sbin/oracleasm scandisk (usually from other nodes.)

Try following command to start Oracle Universal Installer.
xhost +
./runInstaller &
On Welcom click next
Specify Inventory directory and credentials
Enter Full path of the inventory directory : /u01/app/oraInventory
Specify Operating System group name :  oinstall
Click next
You will see Specify Home Details
Name: OraCrs11g_Home
Path : /u01/crs
Click next
Product-specific Prerequisite Checks will verify all setup. if anything failed then correct that and come back on this screen.
Click next
Specify Cluster Configuration
Cluster Name : clustername_cluster
Cluster Nodes :
Private Nodes :
Virtual Host Name :
Click on Add to add more nodes . for example this is two cluster nodes then

Cluster Nodes :
Private Nodes :
Virtual Host Name :
Then click OK
Click Next.
Specify Network Interface Usage
Make sure that at least one adapter is public and another adapter is set to private.
If you have network adapter that are not in use or belongs to another purpose then select do not use by clicking on edit.
If Interface_type is wrong for given adapter then change it by clicking on Edit and select from Interface Type ( Public / Private / Do Not Use).
Then click Next
OCR Config : /dev/raw/raw1
Voting Disk Location : External Redundancy : /dev/raw/raw2 (Usually these should be on different set of disks)
Make sure that both nodes under Remote Nodes are checked before resuming further.
Provide OCR and CRS drive path /dev/raw/raw1 and /dev/raw/raw2 and click Next.
After installation it will ask you to run script file /u01/app/crs/
Oracle recommend that you install OCR, OCR Mirror and Voting Disks on separate set of disks. It will impact your performance if these devices are slow.
In case if you get Shared Librarires /u01/app/crs/lib/ cannot restore segment prot after reloc: Permission denied 
Failed to upgrade Oracle Clusterware Registry configuration 
error then run the following command (Usually CentOS):
This will print as Enforcing.
After this set to permission
setenforce 0
Run getenforce and it should display Permissive and /etc/sysconfig/selinux and change SELINUX=disabled or permissive.
If vip or any node address is set wrong then you can correct it.
Make sure everything shutdown except crs stack
srvctl stop database -d dbname
srvctl stop nodeapps -n node1
srvctl stop nodeapps -n node2
To display command run as oracle user :
oifcfg getif
oifcfg delif -global eth0
oifcfg setif -global eth0/
To modify VIP address run as root
/u01/app/crs/bin/srvctl modify nodeapp -n node1 -A
Then shutdown crs using crsctl stop crs command and restart all nodes.

Create data disk if you have not create earlier (The following example create DATA1DG1 disk group on Coraid storage).
/etc/init.d/oracleasm createdisk DATA1DG1 /dev/etherd/e0.2p3
Change directory to oracle binaries directory cd binaries/database
./runInstaller &
Welcome screen click Next
Select Custom click Next
Select Oracle Base /u01/app/asm
Name OraDb11g_home1
Path /u01/app/asm/product/11gr1
Click next
Specify Hardware Cluster Installation Mode
click all nodes then next
 On product-specifc Perequisite Checks click Next if pass.
On Available product Components screen please select the components you have license for then click Next.
Select Privileged Operating System Groups
Select database administrator (OSDBA) Group : dba
Select Databae Operator (OSOPER) Group : dba
Select ASM administrator (OSASM) Group : dba
Click Next
On Create Database screen select Configure Automatic Storage Management (ASM) then click Next.
On summary page make sure that all Remote Nodes are checked then click Install
When binaries are installed on Configuraton Assistant page You will configure Listener using Oracle Net Configuration Assistant
Type LISTENER name as LISTENER clic Next
On next screen select No, I do not want to configure additional naming methods.
Database Configuration Assistant, Step 1 of 3 type SYS password and Create server parameter file (SPFILE) then clic Next
ASM Creation - It will create ASM Instance.
Run /u01/app/asm/product/11gr1/ on both nodes
Click Exit on End of Installation.

ORACLE PRVF-5436 : The NTP daemon running on one or more nodes lacks he slewing option "-x"
To resolve this editing /etc/sysconfig/ntpd to
OPTIONS="-u ntp:ntp -p /var/run/"
OPTIONS="-u ntp:ntp -p /var/run/ -x"

DBA Interview Questions

DBA Interview Questions with Answers

Can one switch to another database user without a password?
Users normally use the "CONNECT" statement to connect from one database user to another. However, DBAs can switch from one user to another without a password. Of course it is not advisable to bridge Oracle's security, but look at this example:
SQL> CONNECT / as sysdba
SQL> SELECT password FROM dba_users WHERE  username='SCOTT';
SQL> CONNECT scott/anything
OK, we're in. Let's quickly change the password back before anybody notices.
User altered.
How do you delete duplicate rows in a table?
There is a several method to delete duplicate row from the table:
delete from SHAAN t1
where  exists (select 'x' from SHAAN t2
and t2.rowid      > t1.rowid);
WHERE  rowid IN
delete from SHAAN where rowid not in
( select min(rowid)
from SHAAN group by EMPLOYEE_ID);
delete from SHAAN
where rowid not in ( select min(rowid)
from SHAAN group by EMPLOYEE_ID);
SQL> create table table_name2 as select distinct * from table_name1;
SQL> drop table table_name1;
SQL> rename table_name2 to table_name1;
What is Automatic Management of Segment Space setting?
Automatic Segment Space Management (ASSM) introduced in Oracle9i is an easier way of managing space in a segment using bitmaps. It eliminates the DBA from setting the parameters pctused, freelists, and freelist groups.
ASSM can be specified only with the locally managed tablespaces (LMT). The CREATE TABLESPACE statement has a new clause SEGMENT SPACE MANAGEMENT. Oracle uses bitmaps to manage the free space. A bitmap, in this case, is a map that describes the status of each data block within a segment with respect to the amount of space in the block available for inserting rows. As more or less space becomes available in a data block, its new state is reflected in the bitmap.
CREATE TABLESPACE myts DATAFILE '/oradata/mysid/myts01.dbf' SIZE 100M

What is COMPRESS and CONSISTENT setting in EXPORT utility?
If COMPRESS=Y, the INITIAL storage parameter is set to the total size of all extents allocated for the object. The change takes effect only when the object is imported.
Setting CONSISTENT=Y exports all tables and references in a consistent state. This slows the export, as rollback space is used. If CONSISTENT=N and a record is modified during the export, the data will become inconsistent.
What is the difference between Direct Path and Convention Path loading?
When you use SQL loader by default it use conventional path to load data. This method competes equally with all other oracle processes for buffer resources. This can slow the load. A direct path load eliminates much of the Oracle database overhead by formatting Oracle data blocks and writing the data blocks directly to the database files. If load speed is most important to you, you should use direct path load because it is faster.
What is an Index Organized Table?
An index-organized table (IOT) is a type of table that stores data in a B*Tree index structure. Normal relational tables, called heap-organized tables, store rows in any order (unsorted).
What are a Global Index and Local Index?
When you create a partitioned table, you should create an index on the table. The index may be partitioned according to the same range values that were used to partition the table. Local keyword in the index partition tells oracle to create a separate index for each partition of the table. TheGlobal clause in create index command allows you to create a non-partitioned index or to specify ranges for the index values that are different from the ranges for the table partitions. Local indexes may be easier to manage than global indexes however, global indexes may perform uniqueness checks faster than local (portioned) indexes perform them.
What is difference between Multithreaded/Shared Server and Dedicated Server?
Oracle Database creates server processes to handle the requests of user processes connected to an instance.dedicated server process, which services only one user processshared server process, which can service multiple user processes
Your database is always enabled to allow dedicated server processes, but you must specifically configure and enable shared server by setting one or more initialization parameters.
Can you import objects from Oracle ver. 7.3 to 9i?
We can not import from lower version export to higher version in fact. But not sure may be now concept is changed.
How do you move tables from one tablespace to another tablespace?
Method 1:
Export the table, drop the table, create the table definition in the new tablespace, and then import the data (imp ignore=y).
Method 2:
Create a new table in the new tablespace with the "CREATE TABLE x AS SELECT * from y" command:
CREATE TABLE temp_name TABLESPACE new_tablespace AS SELECT * FROM real_table;
Then drop the original table and rename the temporary table as the original:
DROP TABLE real_table;
RENAME temp_name TO real_table;
Note: After step #1 or #2 is done, be sure to recompile any procedures that may have been
invalidated by dropping the table. Prefer method #1, but #2 is easier if there are no indexes, constraints, or triggers. If there are, you must manually recreate them.
Method 3:
If you are using Oracle 8i or above then simply use:
SQL>Alter table table_name move tablespace tablespace_name;

How do see how much space is used and free in a tablespace?
Can view be the based on other view?
Yes, the view can be created from other view by directing a select query to use the other view data.
What happens, if you not specify Dictionary option with the start option in case of LogMinor concept?
It is recommended that you specify a dictionary option. If you do not, LogMiner cannot translate internal object identifiers and datatypes to object names and external data formats. Therefore, it would return internal object IDs and present data as hex bytes. Additionally, the MINE_VALUE andCOLUMN_PRESENT functions cannot be used without a dictionary.

What is the Benefit and draw back of Continuous Mining?

The continuous mining option is useful if you are mining in the same instance that is generating the redo logs. When you plan to use the continuous mining option, you only need to specify one archived redo log before starting LogMiner. Then, when you start LogMiner specify theDBMS_LOGMNR.CONTINUOUS_MINE option, which directs LogMiner to automatically add and mine subsequent archived redo logs and also the online catalog.
Continuous Mining is not available in Real Application Cluster.
What is LogMiner and its Benefit?
LogMiner is a recovery utility. You can use it to recover the data from oracle redo log and archive log file. The Oracle LogMiner utility enables you to query redo logs through a SQL interface. Redo logs contain information about the history of activity on a database.
Benefit of LogMiner?
1.  Pinpointing when a logical corruption to a database; suppose when a row is accidentally deleted then logMiner helps to recover the database exact time based and changed based recovery.
2.  Perform table specific undo operation to return the table to its original state. LogMiner reconstruct the SQL statement in reverse order from which they are executed.
3.  It helps in performance tuning and capacity planning. You can determine which table gets the most update and insert. That information provides a historical perspective on disk access statistics, which can be used for tuning purpose.
4.  Performing post auditing; LogMiner is used to track any DML and DDL performed on database in the order they were executed.
What is Oracle DataGuard?
Oracle DataGuard is a tools that provides data protection and ensures disaster recovery for enterprise data. It provides comprehensive set of services that create, maintain, manage, and monitor one or more standby databases to enable production Oracle databases to survive disasters and data corruption. Dataguard maintains these standsby databases as transitionally consistent copies of the production database. Then, if the production database becomes failure Data Guard can switch any standby database to the production role, minimizing the downtime associated with the outage. Data Guard can be used with traditional backup, restoration, and cluster techniques to provide a high level of data protection and data availability.
What is Standby Databases
A standby database is a transitionally consistent copy of the primary database. Using a backup copy of the primary database, you can create up to9 standby databases and incorporate them in a Data Guard configuration. Once created, Data Guard automatically maintains each standby database by transmitting redo data from the primary database and then applying the redo to the standby database.
Similar to a primary database, a standby database can be either a single-instance Oracle database or an Oracle Real Application Clusters database. A standby database can be either a physical standby database or a logical standby database:
Difference between Physical standby Logical standby databases
Provides a physically identical copy of the primary database on a block-for-block basis. The database schema, including indexes, is the same. A physical standby database is kept synchronized with the primary database, though Redo Apply, which recovers the redo data, received from the primary database and applies the redo to the physical standby database.
Logical Standby database contains the same logical information as the production database, although the physical organization and structure of the data can be different. The logical standby database is kept synchronized with the primary database though SQL Apply, which transforms the data in the redo received from the primary database into SQL statements and then executing the SQL statements on the standby database.
If you are going to setup standby database what will be your Choice Logical or Physical?
We need to keep the physical standby database in “recovery mode” in order to apply the received archive logs from the primary database. We can open “physical stand by database to “read only” and make it available to the applications users (Only select is allowed during this period). Once the database is opened in “Read only” mode then we can not apply redo logs received from primary database.
We do not see such issues with logical standby database. We can open up the database in normal mode and make it available to the users. At the same time, we can apply archived logs received from primary database.
If the primary database needed to support pretty large user community for the OLTP system and pretty large “Reporting Group” then better to uselogical standby as primary database instead of physical database.
What are the requirements needed before preparing standby database?
·   OS Architecture of primary database secondary database should be same.
·   The version of secondary database must be the same as primary database.
·   The Primary database must run in Archivelog mode.
·   Require the same hardware architecture on the primary and all standby site.
·   Does not require the same OS version and release on the primary and secondary site.
·   Each Primary and secondary database must have its own database.
What are “Failover” and “Switchover” in case of dataguard?
Failover is the operation of bringing one of the standby databases online as the new primary database when failure occurs on the primary database and there is no possibility of recover primary database in a timely manner. The switchover is a situation to handle planned maintenance on the primary database. The main difference between switchover operation and failover operation is that switchover is performed when primary database is still available or it does not require a flash back or re-installation of the original primary database. This allows the original primary database to the role of standby database almost immediately. As a result schedule maintenance can performed more easily and frequently.
When you use WHERE clause and when you use HAVING clause?
HAVING clause is used when you want to specify a condition for a group function and it is written after GROUP BY clause The WHERE clause is used when you want to specify a condition for columns, single row functions except group functions and it is written before GROUP BY clause if it is used.
What is a cursor and difference between an implicit & an explicit cursor?
A cursor is a PL/SQL block used to fetch more than one row in a Pl/SQl block. PL/SQL declares a cursor implicitly for all SQL data manipulation statements, including quries that return only one row. However, queries that return more than one row you must declare an explicit cursor or use a cursor FOR loop.
Explicit cursor is a cursor in which the cursor name is explicitly assigned to a SELECT statement via the CURSOR...IS statement. An implicit cursor is used for all SQL statements Declare, Open, Fetch, Close. An explicit cursors are used to process multirow SELECT statements An implicit cursor is used to process INSERT, UPDATE, DELETE and single row SELECT. .INTO statements.

Explain the difference between a data block, an extent and a segment.A data block is the smallest unit of logical storage for a database object. As objects grow they take chunks of additional storage that are composed of contiguous data blocks. These groupings of contiguous data blocks are called extents. All the extents that an object takes when grouped together are considered the segment of the database object.
You have just had to restore from backup and do not have any control files. How would you go about bringing up this database?I would create a text based backup control file, stipulating where on disk all the data files where and then issue the recover command with the using backup control file clause.
A table is classified as a parent table and you want to drop and re-create it. How would you do this without affecting the children tables?Disable the foreign key constraint to the parent, drop the table, re-create the table, and enable the foreign key constraint.
How to Unregister database from Rman catalog
First we start up RMAN with a connection to the catalog and the target, making a note of the DBID in the banner:
C:\>rman catalog=rman/rman@shaan target=HRMS/password@orcl3
connected to target database: W2K1 (DBID=691421794)
connected to recovery catalog database
Note the DBID from here. Next we list and delete any backupset recorded in the repository:
Next we connect to the RMAN catalog owner using SQL*Plus and issue the following statement:
SQL> CONNECT rman/rman@shaan
SQL> SELECT db_key, db_id  FROM   db
                WHERE  db_id = 1487421514;
                DB_KEY                DB_ID
----------                   ----------
                1                              691421794
The resulting key and id can then be used to unregister the database:
SQL> EXECUTE dbms_rcvcat.unregisterdatabase(1, 691421794);
PL/SQL procedure successfully completed.

Sana'a Yemen - 50th st.

+967 738166685

للاتصال بنا CONTACT US

الاسم Name

بريد إلكتروني Email *

رسالة Message *

2015-2023 © All Rights Reserved Omarsoft
Back To Top