>How do I use Registry keys to remove a user from a group?
In Windows Server 2003, you can use the dsmod command-line utility with the -delmbr switch to remove a group member from the command line. You should also look into the freeware utilities available from www.joeware.net . ADFind and ADMod are indispensable tools in my arsenal when it comes to searching and modifying Active Directory.
>Why are my NT4 clients failing to connect to the Windows 2000 domain?
Since NT4 relies on NetBIOS for name resolution, verify that your WINS server (you do have a WINS server running, yes?) contains the records that you expect for the 2000 domain controller, and that your clients have the correct address configured for the WINS server.
>How do you view replication properties for AD partitions and DCs?
By using replication monitor
go to start > run > type repadmin
go to start > run > type replmon
>Why can’t you restore a DC that was backed up 4 months ago?
Because of the tombstone life which is set to only 60 days.
>Different modes of AD restore ?
A nonauthoritative restore is the default method for restoring Active Directory. To perform a nonauthoritative restore, you must be able to start the domain controller in Directory Services Restore Mode. After you restore the domain controller from backup, replication partners use the standard replication protocols to update Active Directory and associated information on the restored domain controller.
An authoritative restore brings a domain or a container back to the state it was in at the time of backup and overwrites all changes made since the backup. If you do not want to replicate the changes that have been made subsequent to the last backup operation, you must perform an authoritative restore. In this one needs to stop the inbound replication first before performing the An authoritative restore.
>How do you configure a stand-by operation master for any of the roles?
# Open Active Directory Sites and Services.
# Expand the site name in which the standby operations master is located to display the Servers folder.
# Expand the Servers folder to see a list of the servers in that site.
# Expand the name of the server that you want to be the standby operations master to display its NTDS Settings.
# Right-click NTDS Settings, click New, and then click Connection.
# In the Find Domain Controllers dialog box, select the name of the current role holder, and then click OK.
# In the New Object-Connection dialog box, enter an appropriate name for the Connection object or accept the default name, and click OK.