Top 10 Active Directory Interview Questions And Answers - Part 2 | Tech Aarya Blog - AD L3 Interview

 Top 10 Active Directory Interview Questions And Answers - Part 2 | Tech Aarya Blog - AD L3 Interview

Question 11 - How do you force replication between two domain controllers in a site?

Answer –

Step 1 Log in to one of your DCs and open Active Directory Sites and Services.

Step 2 Navigate to the site for which you’d like to replicate the domain controllers. Expand it by clicking the arrowhead next to the site name. Expand the Servers. Expand the DC which you’d like to replicate. Click on NTDS Settings.

Step 3 In the right pane, right-click on the server and select Replicate Now.

Step 4 Depending on how many DCs there are, this could take less than a second to a few minutes. When it is complete, you’ll see the notification, “Active Directory Domain Services has replicated the connections.”. Click OK to finish.

 

Question 12 - How do you change the schedule for replication between two domain controllers in a site?

Answer –

Step 1 Start the Microsoft Management Console (MMC) Active Directory Sites and Services snap-in. (Select Programs, Step 2 Administrative Tools, Active Directory Sites and Services from the Start menu.)

Step 3 Expand the Sites branch to show the various sites.

Step 4 Expand the site that contains the domain controllers. (The default site Default-First-Site-Name might be your only site.)

Step 5 Expand the servers.

Step 6 Select the server you want to configure replication to, and expand it.

Step 7 Double-click NTDS Settings for the server.

Step 8 Right-click the server you want to set replication from.

Step 9 Select Properties from the context menu.

Step 10 Select the Active Directory Service connection tab.

Step 11 Click Change Schedule.

Step 12 Modify the replication as necessary (see the Screen), and Click OK.

Question 13 - How do you rename a site?

Answer - When you install your first domain controller, the domain controller creates the default site Default-First-Site-Name. This name isn’t helpful, so you might want to rename it.

 

Step 1 Start the Microsoft Management Console (MMC) Active Directory Sites and Services snap-in. (Select Programs, Step 2 Administrative Tools, Active Directory Sites and Services from the Start menu.)

Expand the Sites branch.

Step 3 Right-click the site you want to rename (i.e., Default-First-Site-Name), and select Rename, as the Screen shows. (Alternatively, select the site and press F2.)

Step 4 Enter the new name, and press Enter.

 

Question 14 - What DNS Records are added in DNS When you create a Domain?

Answer –

1 - SOA (start of authority) record: In an AD-integrated zone, each DC/DNS server will have an SOA record with the server’s own IP address in its data field. This indicates that the server hosts a writeable copy of the zone. In a non-AD-integrated zone, only the primary server will host a writeable copy of the zone, so it will be the only server with an SOA record.

2 - NS (name server) records: There should be one of these for each DNS server in the domain.

3 - A (host) records: Each DC should have two host records in this location: one for the DC’s unique hostname and one for the domain. The latter records will have the name (same as parent folder). The data field of each of these records should contain the DC’s IP address.

 

Question 15 – How to perform AD Online defragmentation manually 2K3?

Answer –

Using a graphical user interface

Open LDP.

From the menu, select Connection → Connect.

For Server, enter the name of the target domain controller.

For Port, enter 389.

Click OK.

From the menu, select Connection → Bind.

Enter credentials of a user from one of the administrator groups.

Click OK.

From the menu, select Browse → Modify.

Leave the Dn blank.

For Attribute, enter DoOnlineDefrag.

For Values, enter 180.

For Operation, select Add.

Click Enter.

Click Run.

 

Question 16 - How do you audit Specifc Active Directory Objects?

Answer –

In order to Audit Active Directory you first you need to enable the Auditing for objects in Active Directory.

Step 1 To configure auditing for specific Active Directory objects:

Step 2 Select Start > Programs > Administrative Tools, and then select Active Directory Users and Computers.

Step 3 Make sure that you select Advanced Features on the View menu.

Step 4 Right-click the Active Directory object that you want to audit, and then select Properties.

Step 5 Select the Security tab, and then select Advanced.

Step 6 Select the Auditing tab, and then select Add.

Step 7 Take one of the following actions:

Type the name of either the user or the group whose access you want to audit in the Enter the object name to select box, and then select OK.

In the list of names, double-click either the user or the group whose access you want to audit.

Select either the Successful or the Failed check box for the actions that you want to audit, and then select OK.

Step 8 Select OK, and then select OK.

 

Question 17 - How do I check my AD replication status?

Answer - Running the repadmin /showrepl can help you view the replication status.

If you would like an overall replication health summary, the command repadmin /replsummary should help.

 

Question 18 - How do I fix Active Directory replication issues?

Answer - To diagnose replication errors, users can run the AD status replication tool that is available on DCs or read the replication status by running repadmin /showrepl.

To view only the replication errors, use the command: repadmin /showrepl /errorsonly

 

Question 19 - How do you force AD replication?

Answer - To force replication between two domain controllers, run the following command on the DC you wish to update:

repadmin /syncall <DC-name> /AeD

In case you want to make changes on a DC and push replication to other DCs, the following command should do the trick:

repadmin /syncall <DC-name> /APeD

 

Question 20 - How often does AD replication occur?

Answer - Intra-site replication: With the exception of critical directory updates that are replicated immediately, the source DC updates changes to its closest replication partner every 15 seconds.

 

Inter-site replication: By default, the replication interval is 180 minutes and can be adjusted to be as low as 15 minutes.

 

Question 21 - What is the default replication time for Active Directory?

Answer -  Intra-site replication: With the exception of critical directory updates that are replicated immediately, the source DC updates changes to its closest replication partner every 15 seconds.

 

Inter-site replication: By default, the replication interval is 180 minutes and can be adjusted to be as low as 15 minutes.

 

To change the default replication time, users can go into the Active Directory Sites and Services snap-in → Inter-site transport container → IP container → Site link you want to modify the interval on → Enter your desired value besides "Replicate every" → Save changes

Top 10 Active Directory Interview Questions And Answers - Part 1 - Tech Aarya Blog

 Top 10 Active Directory Interview Questions And Answers - Part 1 - Tech Aarya Blog

Question 1 What are the (Flexible Single Master Operation) FSMO roles?

Answer: There Total 5 FSMO Roles, 2 On Forest Level And 3 on Domain Lavel

Forest Level Roles are Schema Master and Domain Naming Master

Domain Level Roles are PDC Emulator, RID Master and Infrastructure Master

 

Question 2 What role does a PDC emulator play?

Answer The DC with the Primary Domain Controller Emulator role is the authoritative DC in the domain. The PDC Emulator responds to authentication requests, changes passwords, and manages Group Policy Objects. And the PDC Emulator tells everyone else what time it is! It’s good to be the PDC.

 

Question 3 How do you change the RID Master FSMO?

Answer

Step 1. Start the Microsoft Management Console (MMC) Active Directory Users and Computers snap-in on the domain controller (DC). (From the Start menu, select Programs, Administrative Tools, Active Directory Users and Computers.)

Step 2.In the leftmost pane, right-click the domain, and select Connect to Domain Controller.

Step 3. Select the DC you want to make the Flexible Single-Master Operation (FSMO) role owner, as the Screen shows, and click OK.

Step 4. Right-click the domain again, and select Operations Master from the context menu.

Step 5. Select the RID Pool tab.

Step 6. You’ll see the name of the machine that holds the RID Master FSMO role

Step 7. To make a change, click Change.

Step 8. Click OK in the confirmation dialog box.

Step 9. Finally, you’ll see a dialog box confirming the role change.

 

Question 4: How do you change the PDC Emulator FSMO?

Answer

Step 1. Start the Microsoft Management Console (MMC) Active Directory Users and Computers snap-in on the domain controller (DC). (From the Start menu, select Programs, Administrative Tools, Active Directory Users and Computers.)

Step 2.In the leftmost pane, right-click the domain, and select Connect to Domain Controller.

Step 3. Select the DC you want to make the Flexible Single-Master Operation (FSMO) role owner, as the Screen shows, and click OK.

Step 4. Right-click the domain again, and select Operations Master from the context menu.

Step 5. Select the PDC tab

Step 6. You’ll see the name of the machine that holds the PDC Emulator FSMO role

Step 7. To make a change, click Change.

Step 8. Click OK in the confirmation dialog box.

Step 9. Finally, you’ll see a dialog box confirming the role change.

 

Question 5: What is multi-master replication?

Answer The replication model used in Active Directory Domain Services is called multi-master loose consistency with convergence. In this model, the directory can have many replicas, a replication system propagates changes made at any given replica to all other replicas. The replicas are not guaranteed to be consistent with each other at any particular time ("loose consistency"), because changes can be applied to any replica at any time ("multi-master")

 

Question 6 How do you move a server to a different site?

Answer Step 1. Start the Microsoft Management Console (MMC) Active Directory Sites and Services snap-in. (From the Start menu, select Programs, Administrative Tools, Active Directory Sites and Services Manager.)

Step 2. Expand the Sites container.

Step 3. Expand the site that currently contains the server, and expand the Servers container.

Step 4. Right-click the server, and select Move from the context menu, as the Screen shows.

Step 5. You’ll see a list of all the sites. Select the new target site, and click OK.

 

Question 7 How can a server belong to more than one site?

Answer By default, a server belongs to only one site. However, you might want to configure a server to belong to multiple sites.

 

Because sites are necessary for replication, for clients to find resources, and to decrease traffic on intersite connections, simply modifying a site’s membership might cause performance problems.

 

To configure a server for multiple site membership, perform the following steps.

 

Step 1 Log on to the server you want to join multiple sites.

Step 2Start regedt32.

Step 3 Go to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ServicesNetlogon\Parameters registry entry.

Step 4Select Add Value from the Edit menu.

Step 5 Enter the name

SiteCoverage

and the type

REG_MULTI_SZ

Step 6 Click OK.

Step 7 Enter the names of the sites to join, each on a new line. (Press Shift + Enter to move to the next line.)

Step 8 Click OK.

Step 9 Close the registry editor.

 

This process doesn’t create the objects in Active Directory (AD) to evaluate the sites. You must add these objects manually.

 

Question 8 How do you back up Active Directory and the System State?

Answer Active Directory is backed up as part of the System State on a domain controller whenever you perform a backup using Windows Server Backup, Wbadmin.exe, or PowerShell

 

The bare minimum you need to back up to protect essential Active Directory data on a domain controller is the System State. The System State includes the following list plus some additional items depending on the roles that are installed:

 

Domain controller: Active Directory DC database files (NTDS.DIT), boot files & system protected files, COM+ class registration database, registry, system volume (SYSVOL)

Domain member: Boot files, COM+ class registration database, registry

A machine running cluster services: Additionally backs up cluster server metadata

A machine running certificate services: Additionally backs up certificate data

 

Question 9 How do you allow modifications to the schema?

Answer The schema is extensible, which means that you can change it. However, modifying the schema is dangerous because doing so affects the entire domain forest. Microsoft doesn’t recommend schema modification.

 

If you insist on modifying the schema, you can use the GUI or edit the registry. To use the GUI, you must first register the .dll file for the Microsoft Management Console (MMC) snap-in. Go to a command prompt, and enter

 

regsvr32 schmmgmt.dll

 

Use MMC to start the Schema Manager. Next, add the Active Directory Schema snap-in to the Schema Manager. (From the Start menu, select Run, and enter MMC

 

From the Console menu, select Add/Remove Snap-in. Click Add, and select Active Directory Schema. Finally, click Add, Close, OK.)

 

Step 1 Start the MMC Active Directory Schema snap-in on the domain controller (DC).

Step 2In the leftmost pane, right-click Active Directory Schema, and select Operations Master from the context menu.

Step 3 You’ll see the name of the machine that holds the domain name operations Flexible Single-Master Operation (FSMO) role, as the Screen shows.

Step 4 Select the checkbox labeled The Schema may be modified on this server.

Step 5 Click OK in the confirmation dialog box.

 

Another way to modify the schema is to edit the registry.

 

Step 1 Start regedit.

Step 2Go to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters registry entry.

Step 3 Double-click Schema Update Allowed (of type REG_DWORD).

Step 4 Set the value to 1.

Step 5 Click OK.

Step 6 Close the registry editor.

 

 

Question 10 What are Tombstone objects? Follow up Question – What are “Lingering objects”?

Answer

When you delete an object from the Active Directory (AD) database, it’s marked as a tombstone object instead of being fully removed. By default, each tombstone object remains in the database for 180 days. Once this tombstone’s lifetime value is exceeded, the tombstone object is automatically deleted by the garbage collection process. Administrators can change the default tombstone lifetime value by using the ADSI Edit tool.

A lingering object is a deleted AD object that re-appears (“lingers”) on the restored domain controller (DC) in its local copy of Active Directory. This can happen if, after the backup was made, the object was deleted on another DC more than than 180 days ago.

Top 100 AD Interview Questions For Interviewers | Active Directory L3 Interview Questions #TechAarya

 Top 100 AD Interview Questions For Interviewers | Active Directory L3 Interview Questions #TechAarya

1. What are the (Flexible Single Master Operation) FSMO roles in Windows 2000/3?
2. What role does a PDC emulator play in the native mode?
3. How do you change the RID Master FSMO?
4. How do you change the PDC Emulator FSMO?
5. What is multi-master replication?
6. How do you move a server to a different site?
7. How can a server belong to more than one site?
8. How do you back up Active Directory and the System State?
9. How do you allow modifications to the schema?
10. What are Tombstone objects? Follow up Q – What are “Lingering objects”?
11. When do you switch a Windows 2000/3 domain to native mode?
12. How do you force replication between two domain controllers in a site?
13. How do you change the schedule for replication between two domain controllers in a site?
14. How do you rename a site?
15. What DNS entries does Windows 2000/3 add when you create a domain?
16. How do you manually de-fragment Active Directory?
17. How do you audit Active Directory?
18. How do you enable circular logging for Active Directory?
19. What tools are available for monitoring or changing replication?
20. How does intra site replication work in Windows 2000/3?
21. How can you set the RPC port that intra site replication uses?
22. How do you remove a nonexistent domain controller?
23. How do you remove a nonexistent domain from Active Directory?
24. How do you create a new site link?
25. How do you disable site link transitivity?
26. How do you create a site link bridge?
27. How do you specify a bridgehead server?
28. How do you change my Windows 2000/3 domain’s NetBIOS name?
29. How do you monitor when the Knowledge Consistency Checker runs?
30. Why is placing the “Sysvol”directory on a separate partition a good practice?
31. When should you manually de-fragment a domain controller (DC)?
32. How can you determine whether the new Global Catalog (GC) is ready to service clients?
33. How can you check the status of the Relative Identifier (RID) pool on a domain controller (DC)?
34. What are the Relative Identifiers (RIDs) of a domain's built-in accounts?
35. Can you switch an Active Directory (AD) domain from native mode back to mixed mode?
36. How can you reset the Directory Service Restore Mode Administrator password?
37. What are the Windows Server 2003 forest modes?
38. What are the Windows Server 2003 domain modes?
39. How can you move a computer account from one domain to another?
40. What types of trust relationships does Windows Server 2003 support?
41. Explain the Group Scopes in Windows 2003 AD
42. Explain the Types of AD Groups that can created in Windows 2003 AD
43. I am trying to create a new universal user group. Why can’t I?
44. What is a Creator Owner Account in Windows?
45. What is the difference between Enterprise Admins & Domain Admins account in Active Directory?
46. What are the differences between Group Policy, Registry-based policy, and Security policy?
47. Is there a maximum number of Group Policy objects that I can store in a domain?
48. What is the maximum number of Group Policy objects a user or computer can process?
49. Can I apply a Group Policy object directly to a security group?
50. Explain GPMC & RSOP in windows 2003?
51. What is the difference between Assign and Publish Application through GPO?
52. What permissions are necessary for Group Policy to apply to a user or computer?
53. Where are group policies stored ?
54. What’s contained in administrative template conf.adm
55. Explain the Enforce and Block Inheritance features available when managing GPO precedence
56. What is the significance of SYSVOL directory in AD?
57. List out the important ports used in AD communications
58. What is a site?
59. Differentiate between Intra-site replication can be done between the domain controllers in the same site
60. What is USN with reference to Active Directory?
61. What is KCC?
62. What are the protocols used by Active Directory for replication?
63. Explain the Active Directory Partitions
64. What is the name of AD Database and what is the default location of AD Database?
65. What are FSMO roles and brief them all
66. What is a Global Catalog?
67. What is universal group membership cache in windows 2003?
68. Can I place Global Catalog and Infrastructure Master Role on the same server? Justify your answer
69. Give the names of few standard commands / tools from MS to troubleshoot AD related issues?
70. What types of trust relationships are supported in Windows 2003
71. Can we establish trust relationship between two forests?
72. What is Active Directory?
73. What is LDAP?
74. Can you connect Active Directory to other 3rd-party Directory Services? Name a few options
75. Where is the AD database held? What other folders are related to AD?
76. What is the SYSVOL folder?
77. Name the AD NCs and replication issues for each NC
78. What are application partitions? When do I use them
79. How do you create a new application partition
80. How do you view replication properties for AD partitions and DCs?
81. What is the function of Global Catalog in an AD forest?
82. How do you view all the GCs in the forest?
83. Why not make all DCs in a large forest as GCs?
84. Trying to look at the Schema, how can I do that?
85. What are the Support Tools? Why do I need them?
86. What is LDP? What is REPLMON? What is ADSIEDIT? What is NETDOM? What is REPADMIN?
87. What are AD sites? What are they used for?
88. What's the difference between a site link's schedule and interval?
89. What is the KCC?
90. What is the ISTG? Who has that role by default?
91. What are the requirements for installing AD on a new server?
92. What can you do to promote a server to DC if you're in a remote location with slow WAN link?
93. How can you forcibly remove AD from a server, and what do you do later? Can I get user passwords from the AD database?
94. What tool would I use to try to grab security related packets from the wire?
95. Name some OU design considerations
96. What is tombstone lifetime attribute?
97. What do you do to install a new Windows 2003 DC in a Windows 2000 AD?
98. What do you do to install a new Windows 2003 R2 DC in a Windows 2003 AD?
99. How would you find all users that have not logged on since last month?
100. What are the DS* commands?
101. What's the difference between LDIFDE and CSVDE? Usage considerations?
102. What are the FSMO roles? Who has them by default? What happens when each one fails?
103. What FSMO placement considerations do you know of?
104. I want to look at the RID allocation table for a DC. What do I do?
105. What's the difference between transferring a FSMO role and seizing one? Which one should you NOT seize? Why?
106. How do you configure a "stand-by operation master" for any of the roles?
107. How do you backup AD?
108. How do you restore AD?
109. How do you change the DS Restore admin password?
110. Why can't you restore a DC that was backed up 4 months ago?
111. What are GPOs?
112. Explain the loop back processing feature in Group Policy
113. What is universal group membership cache in windows 2003?
114. In one particular DC, OU got accidentally deleted by admin. In another DC, the same OU was getting updated? What will happen in this scenario? How to restore the deleted OU?
115. Can we delete an object attribute in AD? How to delete?
116. 1000 computers are there in a OU. Policy needs to be applied only for 500 computers without disturbing the setup how to apply policy?
117. Explain the domain Controller location process in Windows 2003

ITIL Framework Overview

 

ITIL Framework Overview

What is ITIL Framework?

The Information Technology Infrastructure Library (ITIL) framework is a set of best-practice procedures and processes for IT and digital service management. It is a framework used by a huge range of organizations to ensure IT services are fully aligned to an organization's key goals.

 

What are 5 Stages of ITIL?

There are five stages of the ITIL service lifecycle:

Service Strategy.
Service Design.
Service Transition.
Service Operation.
Continual Service Improvement

 

26 processes which have been segregated into 5 service lifecycle stages. These are:

1.      Service Strategy

2.      Service Design

3.      Service Transition

4.      Service Operations

5.      Continual Service Improvement (CSI)

Let’s now drill deeper into each of these stages of the ITIL 

 

 

Service Strategy

This is the initial stage of the ITIL® service lifecycle. This stage helps organizations in identifying their business mission and vision. This also helps in developing strategies to meet customer requirements and priorities by analyzing the current market needs and existing offerings. The Service Strategy stage is composed of 5 ITIL® processes which I have discussed below in detail:

1. Service Portfolio Management

This process mainly focuses on the management of the IT service’s portfolios which are offered. Service Portfolio Management process guarantees that the delivered services stay aligned with the goals of Service Strategy. This process is made up of 4 sequential activities which are, defining the services, analyzing services, approving and chartering services.

2. Financial Management

This process focuses on financial spending and various services in a business such as budgeting, accounting, and charging activities and many more. Financial Management also takes care of the costs that are required to provide services while maximizing its value. This process is made up of three sequential activities which are budgeting, accounting, and charging.

3. Strategy Management for IT Services

This process performs an analysis of the IT services to know their overall market position. Four sequential activities are performed in these processes which are, performing a strategic assessment, generating a strategy, executing strategy, measuring and evaluating.

4. Demand Management

This process is used to assesses the current customer demand against the services which are being provided to them. Demand Management focuses solely on understanding the customer’s demands and coordinating it with the capacity, availability, and types of services that are provided. There are four sequential activities that are performed in this process which are identifying sources of demand and forecasting, analyzing the patterns of business activity and user profiles, developing differentiated offerings and managing operational demand.

5. Business Relationship Management

This is the final process in the ITIL Service Strategy stage. Activities like creation and management of customer relationships, comprehension of customer needs, and implementation of required services to meet those needs are performed in Business Relationship Management process. The three sequential activities that are performed in this process are request and complaint handling, identifying opportunities, and managing business relationships.

---

Service Design

This is the second stage of the ITIL® service lifecycle. This is the stage of designing processes and functions. In this, service management processes, technology, infrastructure, and products are planned and designed thoroughly in order to meet both customers as well as business demands. This stage is composed of 8 ITIL processes which I have discussed below in detail:

1. Service Level Management

This process basically involves planning for defining the targets for the overall organizational service delivery and then measuring their performance. For easier measurement and comparison of services against the actual service performance the Service Level Agreements (SLAs) are used which help in deciding the service level goals. In other words, this process is made up of four sequential activities, which are understanding requirements and drafting SLA’s, negotiating the SLA’s, defining and standardizing the SLA’s, and monitoring and reporting service performance.

2. Service Catalog Management

This process mainly ensures that there is an updated service catalog available with easy accessibility to the services that are required by the customers to remain productive. There are four sequential activities followed in this process, which are documenting service definition and description, agreeing on service catalog contents, and producing and maintaining the service catalog.

3. Capacity Management

This process helps a business to meet its requirements by ensuring that the involved systems are operating their optimum capacity. There are five sequential activities that complete this process. These activities are monitoring capacity and performance data, analyzing the capacity data, investigating capacity issues, defining and revising capacity plans, and reviewing and optimizing capacity.

4. Availability Management

This process ensures that the required services are available to the customer at any point in time. There are four sequential activities that are performed in this process namely monitoring availability, analyzing availability data, investigating service unavailability, availability planning, and reviewing availability and testing.

5. IT Service Continuity Management

This process mainly focuses on risk management and business continuity. This process is made up of three sequential activities, which are developing requirements and continuity plans, implementing continuity plans, and invoking the continuity plan.

6. Information Security Management

This process centres on providing protection to the system and data along with people has access to them. Information Security Management includes activities like intrusion detection, limitation, and prevention, as well as minimizing the damage and fixing problems. There are five sequential activities performed in this process which understand security requirements, producing security policies, implementing security policies, assessing information assets and risks, and reviewing security controls.

7. Supplier Management

This process mainly monitors all supplier relationships which also include recording whether the involved parties are adhering to contracts and agreements. This process is made up of five sequential activities that are, defining requirements, evaluating suppliers, selection of suppliers, manage performance, and renewing/ terminating contracts.

8. Design Coordination

This process takes care of the management of the service design phase by monitoring the resource availability and various service needs in order to determine whether the design is of optimum quality and effective enough to deliver the needs. The four sequential activities that form this process are defining policies and methods, planning resources and capabilities, managing design risks, and improving service design.

---

Service Transition

This is the third stage of the ITIL® service lifecycle. This is the stage of project management where it focuses on maintaining the current state of service all while deploying the new organizational changes as well as managing services via transitions/discontinuations. It also helps in risk mitigation. The Service Transition stage is composed of 7 ITIL processes which I have discussed below in detail:

1. Change Management

This process ensures that with the changes in the business needs, the services remain scalable and reliable. This process is made up of five sequential activities which are registration and categorization, risk and impact analysis, approval, coordinate change build and test, authorize change deployment, and finally review and close change record

2. Change Evaluation

This process includes anticipation and management of changes, as well as evaluation of the changes that will help in moving forward. The three sequential activities that form this process are planning evaluation, evaluating predicted performance, and evaluating actual performance.

3. Release and Deployment Management

This process takes care of software deployment while ensuring that the business changes have minimal impact on the presently active production environment. There are five sequential activities that are performed in this process which are release planning, build and test release, deploying, early life support, and reviewing and closure.

4. Service Validation and Testing

This process provides details of the testing and measuring results as well as helps in making decisions regarding service changes and continuation. Five sequential activities are performed in this process which are, planning and designing tests, verifying test plans and designs, preparing test environments, performing tests, evaluating exit criteria, and cleaning test environments and closure.

5. Service Asset and Configuration Management

This process is mainly responsible for the management of the configuration items (CIs) attributes, status, owner, relationships, and change/activity history, etc. There are five sequential activities in this process, namely management and planning, CI identification, CI control, Status accounting and reporting, and verification and accounting.

6. Knowledge Management

This process involves gathering and assembling of useful knowledge that will be further used in resolving the issues by technicians and customers. This process is made up of five sequential activities which are defining knowledge management strategy, identifying and gathering data sources, drafting knowledge, technical reviews, editorial reviews, and lastly publishing.

7. Transition Planning and Support

This process is less common and is implemented to plan for the transition of a new or updated service into production. There are five sequential activities that are performed in this process, namely, defining transition strategy, preparing for service transition, planning and coordinating service transition, and monitoring and reporting progress.

---

Service Operations

This is the fourth stage of the ITIL service lifecycle. This stage offers various ways to manage the smooth delivery of the services on a regular basis. The ultimate objective of this stage is to provide value to the customers. This stage keeps tabs on the changes in the business needs based on the ever-changing technologies in today’s market. The Service Operation stage is composed of 5 ITIL processes which I have discussed below in detail:

1. Incident Management

This process takes immediate action to restore the interruptions in service due to various incidents such as password resets, printer failures, or an error message, etc. There are five sequential activities in this process, namely, registering & categorizing the incident, prioritizing, investigating and diagnosing, resolution, and finally closure.

2. Problem Management

This process focuses on pinpointing and preventing recurrence of the problems and incidents. There are five sequential activities performed in this process, which are problem detection and logging, categorizing, investigating and diagnosing, and problem resolution and closure.

3. Event Management 

This process checks and analyzes all the service events that may occur from various applications, monitoring solutions, and other systems to take necessary actions to ensure service continuity. Five sequential activities performed in this process are event notification, detecting the event, correlating and filtering events, categorizing events, and lastly reviewing event and closure.

4. Access Management

This process prevents unauthorized system access by allowing access only to legitimate users. This process is made up of five sequential activities that are accessing requisition, verifying and validating, provision of rights, monitoring the access, tracking the access and finally de-provisioning the access.

5. Service Request Fulfilment

This process receives, logs, prioritizes and resolves various service requests that are often received by the service desk. There are five sequential activities in this process that are, requesting registration, validating request, categorizing and prioritizing requests, reviewing and authorizing requests, and request closure.

Continual Service Improvement

This is the final stage of the ITIL® service lifecycle. This stage introduces the improvements and policy changes/ updates within the ITIL® process framework for service growth and enhancement. This stage basically pinpoints the areas of improvements and the effects of those improvements you have made by analyzing the metrics. It thoroughly analyses the reasons for success as well as the failure of each business which further helps in identifying the market trends, bottlenecks, and flaws. This stage guides a business in making changes that will improve its business processes. The Continual Service Improvement stage is made up just one process which is discussed below:

1. Seven-Step Improvement

This process is made up of seven sequential steps which are identifying the strategy for improvement, defining what you will measure, gathering data, processing data, analyzing information and data, presenting and using information, and implementing improvement.

 

The key components of the ITIL 4 framework are the ITIL service value system (SVS) and the four dimensions model. 
ITIL Four Dimensions

·         Organizations and People.

·         Information and Technology.

·         Partners and Suppliers.

·         Value Streams and Processes

 

 

Top 10 Free System Administrator Tools | 10 Must-Have Tools For System Admins

Top 10 Free System Administrators Tools

Wireshark SysAdmin monitoring tool that can check network traffic at a granular level across multiple platforms (Windows, macOS, Unix). Because of its well-developed features, WireShark is not only popular among System Administrators, but it’s used for educational purposes as well. RSAT Tools for Windows 10 Remote Server Administration Tools (RSAT) enables IT administrators to remotely manage roles and features on Windows Servers and remotely manage Active Directory from their Windows 10 Professional or Enterprise workstations. Basically, with RSAT you have all Windows Server administration tools on your workstation, so you don’t need to RDP into your servers at all. That makes your Windows Server management more secure. Tools from the Sysinternals Suite The Sysinternals Suite is used for troubleshooting problems and investigating security breaches on computers running Microsoft operating systems. There are more than 40 tools in six categories: You can download the tools individually from Microsoft’s website, or you can download all of them in a single Sysinternals Suite. Notepad ++ Notepad ++ is one of the best text editors ever. It is great for working with code. It has a medium dependent interface, custom highlighting of code syntax, collapsible blocks, and support for regular expressions in searches. But the best thing is that it has a really fast response time when opening large files. Therefore, it is very handy when sysadmins need to investigate huge log files. Netwrix Account Lockout Examiner Netwrix Account Lockout Examiner is a free tool that enables IT administrators and help desk staff identify lockout root causes in a single keystroke. You can see what makes the same account lock out repeatedly without having to dig into cryptic event logs — just enter the username and click the button. PuTTy PuTTY is a great terminal emulator that’s extremely lightweight and fast. It supports the SSH, SCP and rlogin protocols; multiple operating systems, including both Windows and Linux; and many variations on the secure remote terminal. PuTTY provides user control over the SSH encryption key and protocol version, as well as alternate ciphers such as 3DES, Arcfour, Blowfish, DES, and public-key authentication. The network communication layer supports IPv6. FileZilla Filezilla is an GPL licensed FTP client and Server. It's ability to connect to SSH secured hosts makes it a great choice if you need to give access to client more comfortable with GUI than CLI interfaces. TreeSize Treesize is a NTFS file space viewer that helps visualize space usage in a Windows Explorer like view. Treesize works off of the Master File Table of the target machine, letting you read results faster and without the need for content read permissions. 7-Zip An open source windows compression utility. 7-zip works extremely fast on even very large zip files and can produce self extracting archives in the 7z format. KeePass An opensource password manager, KeePass lets you generate strong random passwords per site or application. Stored securely, KeePass lets you maintain secure passwords without have to remember hundreds of 20 character plus password or even worse - writing one down. If you need to share your password file with others, or access it from multiple locations, keep it on a DataAnywhere share. Few Others to Mention: mRemoteNG CloneZilla ISPConfig3 Mosh MailFlow Monitor PDQ Inventory and Deploy Uptime Robot