Global Catalog and Flexible Single Master Operations (FSMO) Roles

Slides:



Advertisements
Similar presentations
UNIVERSITY OF EDUCATION BY H.M.ISHTIAQ RAFIQUE. Domain Name Structure.
Advertisements

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.
Lecture 8 Active Directory Structure. Domains Domains group network objects and OUs into a unit with a security boundary. By default, security policies.
Lesson 16: Configuring Domain Controllers
Windows Server ® 2008 Active Directory ® Domain Services Infrastructure Planning and Design Series Published: February 2008 Updated: July 2009.
Chapter 6 Introducing Active Directory
7.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
8.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Lesson 19 – ADMINISTERING WINDOWS 2000 SERVER : THE BASICS.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Domain Name Server © N. Ganesan, Ph.D.. Reference.
Ch 9 Managing Active Directory User Accounts. Objectives Create Organizational Unit Creating User Accounts in Active Directory Disabling, Enabling, and.
Installing a New Windows Server 2008 Domain Controller in a New Windows Server 2008 R2.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Configuring Active Directory Certificate Services Lesson 13.
ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS
Working with Drivers and Printers Lesson 6. Skills Matrix Technology SkillObjective DomainObjective # Understanding Drivers and Devices Install and configure.
11 REVIEWING MICROSOFT ACTIVE DIRECTORY CONCEPTS Chapter 1.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 7: Active Directory Replication.
Module 5: Managing Public Folders. Overview Managing Public Folder Data Managing Network Access to Public Folders Publishing an Outlook 2003 Form Discussion:
Module 7: Implementing Sites to Manage Active Directory Replication.
Understand Active Directory Infrastructure
Active Directory Boundaries - Purpose Replication Boundaries Security Boundaries.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
Active Directory Operations Masters. Overview  Active Directory updates generally multimaster Changes can be made on any DC  Some exceptions — single.
Maintaining Active Directory Domain Services
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Implementing Active Directory Lesson 2. Skills Matrix Technology SkillObjective DomainObjective # Installing a New Active Directory Forest Configure a.
Module 7 Active Directory and Account Management.
How to configure DNS for a Windows 2000 domain? 1.Start the Install/Remove Programs Control Panel Applet (Start - Settings - Control Panel - Add/Remove.
Company Confidential 1 A Course on Global Catalog And Flexible Single Master Operations (Fsmo) Roles Prepared for: *Stars* New Horizons Certified Professional.
Operations Master / FSMO Roles in Active Directory : Suhail Ashfaq Butt.
Configuring the User and Computer Environment Using Group Policy Lesson 8.
Working with Active Directory Sites BAI516. Logical Versus Physical Structure Logical Forest Trees Domains OUs Leaf objects Physical IP Subnets/Sites.
Working with Active Directory Sites Lesson 3. Skills Matrix Technology SkillObjective DomainObjective # Introducing Active Directory Sites Configure sites2.3.
Global Catalog and Flexible Single Master Operations (FSMO) Roles
Page 1 Active Directory and DNS Lecture 2 Hassan Shuja 09/14/2004.
Troubleshooting Security Issues Lesson 6. Skills Matrix Technology SkillObjective Domain SkillDomain # Monitoring and Troubleshooting with Event Viewer.
Module 1: Implementing Active Directory ® Domain Services.
10.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 10: Planning.
Working with Active Directory Sites Lesson 3. Skills Matrix Technology SkillObjective DomainObjective # Introducing Active Directory Sites Configure sites2.3.
Windows Server 2003 站台設定與管理
Working with Disks Lesson 4. Skills Matrix Technology SkillObjective DomainObjective # Configuring Data Protection Configure data protection6.4 Using.
1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.
Optimizing Windows Vista Performance Lesson 10. Skills Matrix Technology SkillObjective DomainObjective # Introducing ReadyBoostTroubleshoot performance.
Module 12: Managing Operations Masters
Introduction to Active Directory
© Compiled by David Brewster Networking Diploma – Orange Group S Class Presentation: Operations Master Roles.
1 Chapter Overview Using Group Objects Understanding Default Groups Creating Group Objects Managing Administrative Access.
Global Catalog and Flexible Single Master Operations (FSMO) Roles BAI516.
Unit 4 NT1330 Client-Server Networking II Date: 1/13/2016
11 GLOBAL CATALOG AND FLEXIBLE SINGLE MASTER OPERATIONS (FSMO) ROLES Chapter 4.
MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition (70-294) Chapter 1: Overview of the Active.
Module 9: Managing Operations Masters. Overview Introduction to Operations Master Roles Transferring and Seizing Operations Master Roles Planning the.
Active Directory Replication (Part 1) Paige Verwolf Support Professional Microsoft Corporation © 1999 Microsoft Corporation. All rights reserved.
Global Catalog and Flexible Single Master Operations (FSMO) Roles
Active Directory and Group Policy
Objectives Differentiate between the different editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Identify concepts.
Microsoft FrontPage 2003 Illustrated Complete
Examining a Windows NT Infrastructure (2)
Microsoft Windows Server 2003 Active Directory Infrastructure
Administering Your Network
Implementing Active Directory
FSMO Roles and Global Catalog Servers
Unit 5 NT1330 Client-Server Networking II Date: 7/12/2016
Global Catalog and Flexible Single Master Operations (FSMO) Roles
Chapter 9: Managing Groups, Folders, Files, and Object Security
Planning a Group Policy Management and Implementation Strategy
Presentation transcript:

Global Catalog and Flexible Single Master Operations (FSMO) Roles Lesson 4

Skills Matrix Technology Skill Objective Domain Objective # Configuring Additional Global Catalog Servers Configure the global catalog 2.5 Placing FSMO Role Holders Configure operations masters 2.6 Skills Matrix

Understanding the Functions of the Global Catalog Facilitating searches for objects in the forest Resolving user principal names (UPNs) Maintaining universal group membership information Maintaining a copy of all objects in the domain Lesson 4

Enabling Universal Group Membership Caching Open Active Directory Sites and Services. Select the site from the console tree for which you want to enable universal group membership caching. In the details window, right-click NTDS Site Settings, and select Properties. Lesson 4

Enabling Universal Group Membership Caching (cont.) Select the Enable Universal Group Membership Caching checkbox. In the Refresh Cache From field, select a site that you wish this site to receive updates from, or leave it at <Default> to refresh from the nearest site that contains a global catalog server. Lesson 4 5

Configuring an Additional Global Catalog Server On the domain controller where you want the new global catalog, open Active Directory Sites and Services from the Administrative Tools folder. In the console tree, double-click Sites, and then double-click the site name that contains the domain controller for which you wish to add the global catalog. Lesson 4 6

Configuring an Additional Global Catalog Server (cont.) Double-click the Servers folder, and select your domain controller. Right-click NTDS Settings, and select Properties. On the General tab, select the Global Catalog checkbox to assign the role of global catalog to this server. Click OK. Lesson 4 7

Flexible Single Master Operations (FSMO) Roles Relative Identifier Master Infrastructure Master Primary Domain Controller (PDC) Emulator Domain Naming Master Schema Master Lesson 4

Managing FSMO Roles Role transfer Role seizure Lesson 4

Viewing Domain-Wide FSMO Role Holders Open the Active Directory Users and Computers MMC snap-in. Right-click the Active Directory Users and Computers node, click All Tasks, and select Operations Masters. In the Operations Master dialog box, select the tab that represents the FSMO that you wish to view. The name of the server holding your chosen role is displayed. Lesson 4

Viewing the Domain Naming Master FSMO Role Holder In Active Directory Domains and Trusts, right- click the Active Directory Domains and Trusts node, and select Change Operations Master. In the Change Operations Master dialog box, the name of the current Domain Naming Master will be displayed. Close the Change Operations Master dialog box. Lesson 4 11

Viewing the Schema Master FSMO Role Holder Open the Active Directory Schema snap-in. Right-click Active Directory Schema from the console tree, and select Change Operations Master. The name of the current Schema Master role holder is displayed in the Current Schema Master (Online) box. Close the Change Schema Master dialog box. Lesson 4

Transferring the Forest-Level FSMO Roles Open the Active Directory Users and Computers MMC snap-in. Right-click the Active Directory Users and Computers node, and select Connect To Domain. In the Connect To Domain dialog box, key the domain name, or click Browse to select the domain from the list. Click OK. Lesson 4 13

Transferring the Forest-Level FSMO Roles (cont.) In the console tree, right-click the Active Directory Users and Computers node, and select Connect To Domain Controller. Complete this dialog box by selecting the name of the domain controller that you want to become the new role holder from the dropdown list, and click OK. Lesson 4 14

Transferring the Forest-Level FSMO Roles (cont.) In the console tree, right-click the Active Directory Users and Computers node, point to All Tasks, and select Operations Masters. Select the tab that reflects the role you are transferring, and click Change. PDC Emulator RID Master Infrastructure Master Lesson 4 15

Transferring the Forest-Level FSMO Roles (cont.) In the confirmation message box, click Yes to confirm the change in roles. In the next message box, click OK. Close the Operations Master dialog box. Lesson 4 16

Transferring the Domain Naming Master FSMO Role Open the Active Directory Domains and Trusts snap-in. Right-click the Active Directory Domains and Trusts node, and select Connect To Domain Controller. Complete this dialog box by selecting the name of the domain controller that you wish to become the new Domain Naming Master from the dropdown list, and click OK. Lesson 4 17

Transferring the Domain Naming Master FSMO Role (cont.) In the console tree, right-click the Active Directory Domains and Trusts node, and select Operations Master. In the Change Operations Master dialog box, click Change. Click Close to close the Change Operations Master dialog box. Lesson 4 18

Transferring the Schema Master FSMO Role Open the Active Directory Schema snap-in. Right-click Active Directory Schema, and select Change Domain Controller. In the Change Domain Controller dialog box, choose one of the options listed. Click OK. Lesson 4 19

Transferring the Schema Master FSMO Role (cont.) In the console tree, right-click Active Directory Schema, and select Operations Master. In the Change Schema Master dialog box, click Change. Click OK to close the Change Schema Master dialog box. Lesson 4 20

Seizing a FSMO Role Lesson 4 Click Start. Key cmd, and press Enter. From the Command Prompt, key ntdsutil, and press Enter. At the ntdsutil prompt, key roles, and press Enter. Lesson 4

Seizing a FSMO Role (cont.) At the fsmo maintenance prompt, key connections, and press Enter. At the server connections prompt, key connect to server followed by the fully qualified domain name of the desired role holder, and press Enter. At the server connections prompt, key quit, and press Enter. Lesson 4 22

Seizing a FSMO Role (cont.) At the fsmo maintenance prompt, key one of the options listed, and press Enter. If an "Are you sure?" dialog box is displayed, click Yes to continue. At the fsmo maintenance prompt, key quit, and press Enter. At the ntdsutil prompt, key quit, and press Enter. Lesson 4 23

You Learned The global catalog server acts as a central repository for Active Directory by holding a complete copy of all objects within its local domain and a partial copy of all objects from other domains within the same forest. The global catalog has three main functions: the facilitation of searches for objects in the forest, resolution of UPN names, and provision of universal group membership information. Summary

You Learned (cont.) Summary A global catalog should be placed in each site when possible. As an alternate solution when a site is across an unreliable WAN link, universal group membership caching can be enabled for the site to facilitate logon requests. Summary

You Learned (cont.) Summary Global catalog placement considerations include the speed and reliability of the WAN link, the amount of traffic that will be generated by replication, the size of the global catalog database, and the applications that might require use of port 3268 for resolution. Operations master roles are assigned to domain controllers to perform single-master operations. Summary

You Learned (cont.) Summary The Schema Master and Domain Naming Master roles are forest-wide. Every forest must have one and only one of each of these roles. The RID Master, PDC Emulator, and Infrastructure Master roles are domain-wide. Every domain must have only one of each of these roles. Summary 27

You Learned (cont.) Summary The default placement of FSMO roles is sufficient for a single-site environment. However, as your network expands, these roles should be divided to increase performance and reliability. Table 4-2 provides detailed guidelines. Summary 28

You Learned (cont.) Summary FSMO roles can be managed in two ways: role transfer and role seizure. Transfer a FSMO role to other domain controllers in the domain or forest to balance the load among domain controllers or to accommodate domain controller maintenance and hardware upgrades. Seize a FSMO role assignment when a server holding the role fails and you do not intend to restore it. Seizing a FSMO role is a drastic step that should be considered only if the current FSMO role holder will never be available again. Summary 29

You Learned (cont.) Summary Use repadmin to check the status of the update sequence numbers (USNs) when seizing the FSMO role from the current role holder. Use ntdsutil to actually perform a seizure of the FSMO role. Summary 30

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.