Presentation is loading. Please wait.

Presentation is loading. Please wait.

FSMO Roles and Global Catalog Servers

Published byAbigayle Mathews Modified over 6 years ago

Similar presentations

Presentation on theme: "FSMO Roles and Global Catalog Servers"— Presentation transcript:

1 FSMO Roles and Global Catalog Servers
2.2 Plan Active Directory FSMO Roles and Global Catalog Servers TestOut Server Pro 2016: Identity

2 Section Skill Overview
Enable Universal Group Membership Caching. TestOut Server Pro 2016: Identity

3 Key Terms Universal Group Membership Caching (UGMC)
TestOut Server Pro 2016: Identity

4 Key Definitions User Datagram Protocol (UDP): UDP is an alternative communications protocol to Transmission Control Protocol (TCP) used primarily for establishing low-latency and loss- tolerating connections between applications on the internet. TestOut Server Pro 2016: Identity

5 Key Definitions Universal Group Membership Caching (UGMC): Universal Group Membership Caching caches the group membership of universal groups. During logon, universal group membership is checked for the user. TestOut Server Pro 2016: Identity

6 FSMO Roles Flexible Single Master Operations
TestOut Server Pro 2016: Identity

7 FSMO Roles and Global Catalog Servers
Forest-Wide Domain-Wide Domain Naming Master Schema Master RID Master Infrastructure Master PDC Emulator Only one of each per forest Only one of each per domain TestOut Server Pro 2016: Identity

8 Schema Master Only one per forest. The only read/write copy.
A template for Active Directory. Changes affect all existing and future Active Directory objects. Can only be edited by members of the Schema Admins group. TestOut Server Pro 2016: Identity

9 Domain Naming Master Ensures each domain in the forest has a unique name. Only one per forest. TestOut Server Pro 2016: Identity

10 RID Master Distributes RIDs to domain controllers. RIDs:
Are unique numbers used to generate unique SIDs. Are never re-used. Are distributed in blocks of 500. Must be running to promote a server. TestOut Server Pro 2016: Identity

11 Infrastructure Master
Infrastructure Master updates the Global Catalog. Do not install on Global Catalog server unless there is only one domain controller in the domain. TestOut Server Pro 2016: Identity

12 PDC Emulator Provides integration with Windows NT 4.0 domains
NT 4.0 domains are no longer supported. Is preferred for security updates Password resets Account lockouts Provides synchronization and consistency Such as: Group Policy updates Distributed file system (DFS) replication Time synchronization TestOut Server Pro 2016: Identity

13 Global Catalog Servers
Provides faster searching in forests. Provides a searchable catalog of all objects in every domain. Retrieves the Universal Group Membership from AD during logon. Work best when there is one in each site. Otherwise, enable Universal Group Membership Caching on the domain controllers at the site. Eliminates the dependency on the availability of a global catalog server during logons. Resolves logon requests locally from cached information. TestOut Server Pro 2016: Identity

14 Summary Domain RID Master Infrastructure Master PDC Emulator Global Catalog Servers TestOut Server Pro 2016: Identity

15 Operations Master Roles Management Facts
TestOut Server Pro 2016: Identity

16 In-Class Practice Do the following labs:
Enable Universal Group Membership Caching TestOut Server Pro 2016: Identity

17 Class Discussion What is the difference between transferring a role and seizing a role? TestOut Server Pro 2016: Identity

Download ppt "FSMO Roles and Global Catalog Servers"

Similar presentations

Active Directory and Group Policy Blackhat Amsterdam Raymond Forbes.

Active Directory and Group Policy Blackhat Amsterdam Raymond Forbes.
Lesson 16: Configuring Domain Controllers

Lesson 16: Configuring Domain Controllers
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Understanding Active Directory

Understanding Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
Vikram Thakur Introduction to Active Directory Structure.

Vikram Thakur Introduction to Active Directory Structure.
Module 1: Installing Active Directory Domain Services

Module 1: Installing Active Directory Domain Services
11 REVIEWING MICROSOFT ACTIVE DIRECTORY CONCEPTS Chapter 1.

11 REVIEWING MICROSOFT ACTIVE DIRECTORY CONCEPTS Chapter 1.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 7: Active Directory Replication.

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 7: Active Directory Replication.
Understand Active Directory Infrastructure

Understand Active Directory Infrastructure
Active Directory Boundaries - Purpose Replication Boundaries Security Boundaries.

Active Directory Boundaries - Purpose Replication Boundaries Security Boundaries.
Active Directory Operations Masters. Overview  Active Directory updates generally multimaster Changes can be made on any DC  Some exceptions — single.

Active Directory Operations Masters. Overview  Active Directory updates generally multimaster Changes can be made on any DC  Some exceptions — single.
Maintaining Active Directory Domain Services

Maintaining Active Directory Domain Services
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Designing Authentication for a Microsoft Windows 2000 Network Designing Authentication in a Microsoft Windows 2000 Network Designing Kerberos Authentication.

Designing Authentication for a Microsoft Windows 2000 Network Designing Authentication in a Microsoft Windows 2000 Network Designing Kerberos Authentication.
Module 8: Implementing the Placement of Domain Controllers.

Module 8: Implementing the Placement of Domain Controllers.
Session 7 Windows Platform Eng. Dina Alkhoudari. Learning Objectives Active Directory review Managing users and groups Single Master Operations Delegation.

Session 7 Windows Platform Eng. Dina Alkhoudari. Learning Objectives Active Directory review Managing users and groups Single Master Operations Delegation.
Company Confidential 1 A Course on Global Catalog And Flexible Single Master Operations (Fsmo) Roles Prepared for: *Stars* New Horizons Certified Professional.

Company Confidential 1 A Course on Global Catalog And Flexible Single Master Operations (Fsmo) Roles Prepared for: *Stars* New Horizons Certified Professional.
Operations Master / FSMO Roles in Active Directory : Suhail Ashfaq Butt.

Operations Master / FSMO Roles in Active Directory : Suhail Ashfaq Butt.

Similar presentations

Ads by Google