🔧 Windows Administrator – L2/L3 Interview Questions & Answers
Preparing for a Windows Administrator L2/L3 interview
requires a solid understanding of both foundational and advanced system
administration concepts. Candidates are expected to demonstrate hands-on
expertise with Active Directory, Group Policy, DNS, DHCP, FSMO roles, and
server performance troubleshooting. Key areas include managing user
authentication, configuring and securing servers, monitoring system health,
resolving login issues, and handling tasks like patching, RDP configuration,
and backup strategies. Interviewers often assess knowledge of tools like Event
Viewer, Task Manager, Performance Monitor, and command-line utilities (e.g., dcdiag,
repadmin). Scenario-based questions test the ability to diagnose issues like
BSODs, high CPU usage, or replication failures. A strong candidate for an L2/L3
role must also understand RAID configurations, system imaging with Sysprep, and
have experience working in virtual environments (Hyper-V/VMware). Effective
troubleshooting skills, attention to detail, and familiarity with security best
practices are essential for success in these roles.
1. What are FSMO roles in Active Directory?
- Schema
Master
- Domain
Naming Master
- RID
Master
- PDC
Emulator
- Infrastructure MasterThey are divided between forest-wide and domain-wide roles.
2. What is the difference between a domain, tree, and
forest in AD?
Answer:
- Domain:
A logical group of network objects (users, computers).
- Tree:
A group of one or more domains in a contiguous namespace.
- Forest:
A collection of trees that share a global catalog and schema but are not
in the same namespace.
3. What are the types of profiles in Windows?
Answer:
- Local
Profile – Stored on local machine.
- Roaming
Profile – Stored on network and downloaded at login.
- Mandatory
Profile – A read-only profile that resets after logout.
4. What is the difference between NTFS and Share
permissions?
Answer:
- NTFS
Permissions – Apply to local and remote users, and are more granular.
- Share
Permissions – Apply only when accessing via network.
Note: NTFS and Share permissions combine to determine effective permissions (most restrictive applies).
5. How do you troubleshoot a user unable to log in to the
domain?
Answer:
- Check
network connectivity (ping DC).
- Ensure
correct username/password.
- Check
AD account status (locked/disabled).
- Verify
DNS settings.
- Review
Event Viewer for logon failures.
6. What is a GPO, and how is it applied?
Answer:
GPO (Group Policy Object) manages users and computers centrally. It's applied
in the order:
Local > Site > Domain > OU (LSDOU)
Policies later in the order override previous ones if conflicting.
🔧 Windows Administrator – L2/L3 Interview Questions & Answers
2. Which role plays the vital role?
3.Why domain time synchronization require?
4.What is KCC?
5.In global catalogue server which role will not work?
6.What is the difference between IIS 5.0 and IIS 6.0 ?
7.What is MTA?
8.What is the role of Application pool in IIS server?
9.What is the Event ID no. for abnormal shut down ?
10. How to make communicate between difference subnets in DHCP server?
7. What is the difference between a hotfix, patch, and
service pack?
Answer:
- Hotfix
– Fixes specific issues.
- Patch
– Regular update for bugs/security.
- Service
Pack – Collection of patches/hotfixes.
8. What is WSUS and why is it used?
Answer:
WSUS (Windows Server Update Services) allows centralized patch
management of Windows systems. It downloads updates from Microsoft and
distributes them to client PCs.
9. How do you troubleshoot high CPU usage on a Windows
Server?
Answer:
- Use Task
Manager / Resource Monitor.
- Identify
consuming processes.
- Check
Event Viewer for errors.
- Investigate
scheduled tasks or antivirus scans.
- Use Performance
Monitor (PerfMon) for long-term trends.
10. Explain the difference between RDP and VNC.
Answer:
- RDP
(Remote Desktop Protocol) – Native to Windows, uses port 3389.
- VNC
– Cross-platform, less secure by default, used in heterogeneous
environments.
11.How many types of Host records are there?
12.What you need to create alias ?
13.What is DHCP relay agent and How to configure it?
11. What is sysprep, and when would you use it?
Answer:
Sysprep (System Preparation Tool) prepares a Windows image for cloning
and deployment by removing unique system identifiers (like SID).
12. What is RAID and what are the different levels?
Answer:
RAID (Redundant Array of Independent Disks) provides data redundancy and/or
performance:
- RAID 0
– Striping (performance, no redundancy)
- RAID 1
– Mirroring
- RAID 5
– Striping with parity
- RAID
10 – Mirror + Stripe
13. How would you handle a BSOD (Blue Screen of Death)?
Answer:
- Record
the error code (STOP code).
- Check
Event Viewer & minidump files.
- Run
memory and disk checks (e.g., chkdsk, sfc /scannow, memtest).
- Review
recent driver/patch changes.
14. How do you promote a server to Domain Controller?
Answer:
- Install
the AD DS role.
- Run dcpromo
(legacy) or use Server Manager → Promote to Domain Controller.
- Follow
the wizard to configure DNS, GC, and replication.
15. What ports must be open for Active Directory to
function properly?
Answer:
- TCP/UDP
389 – LDAP
- TCP
636 – LDAP SSL
- TCP
3268 – Global Catalog
- TCP 88
– Kerberos
- TCP
445 – SMB
- UDP
123 – NTP
14.What is the different types of groups in active directory?
14.Which domain component takes care of replication?
15.What is smart host?
16. How do you reset a local admin password if locked
out?
Answer:
- Boot
into recovery mode or WinPE.
- Use
Command Prompt to access system files.
- Rename
utilman.exe to cmd.exe, reboot, use net user to reset.
Note: Use only in approved recovery scenarios.
17. How do you clone a Windows Server VM in
Hyper-V/VMware?
Answer:
- Shutdown
source VM.
- Copy
or create a snapshot/template.
- Use
sysprep before cloning to avoid SID conflicts.
- Customize
the clone (hostname, IP, etc.).
18. What is DHCP and how does it work?
Answer:
DHCP (Dynamic Host Configuration Protocol) automatically assigns IP addresses
and other network configuration. Process involves:
DORA – Discover → Offer → Request → Acknowledge
19. What are the differences between L2 and L3 roles in
Windows Administration?
Answer:
- L2:
Handles user tickets, system monitoring, routine maintenance, and
patching.
- L3:
Escalation support, root cause analysis, system architecture, automation,
and advanced troubleshooting.
20. How would you secure a Windows Server?
Answer:
- Apply
latest patches.
- Disable
unnecessary services.
- Implement
GPOs and firewall rules.
- Enable
auditing and logging.
- Use
secure authentication methods (MFA, lockout policies).
21. What are common Active Directory replication issues
and how do you troubleshoot them?
Answer:
- Tools:
repadmin /replsummary, Event Viewer, dcdiag.
- Common
causes: DNS misconfig, time sync, network issues, or lingering objects.
Social Plugin