2282a_03_
TRANSCRIPT
-
8/10/2019 2282A_03_
1/31
-
8/10/2019 2282A_03_
2/31
-
8/10/2019 2282A_03_
3/31
-
8/10/2019 2282A_03_
4/31
-
8/10/2019 2282A_03_
5/31
-
8/10/2019 2282A_03_
6/31
-
8/10/2019 2282A_03_
7/31
-
8/10/2019 2282A_03_
8/31
-
8/10/2019 2282A_03_
9/31
-
8/10/2019 2282A_03_
10/31
-
8/10/2019 2282A_03_
11/31
-
8/10/2019 2282A_03_
12/31
-
8/10/2019 2282A_03_
13/31
-
8/10/2019 2282A_03_
14/31
-
8/10/2019 2282A_03_
15/31
-
8/10/2019 2282A_03_
16/31
-
8/10/2019 2282A_03_
17/31
-
8/10/2019 2282A_03_
18/31
-
8/10/2019 2282A_03_
19/31
-
8/10/2019 2282A_03_
20/31
-
8/10/2019 2282A_03_
21/31
-
8/10/2019 2282A_03_
22/31
-
8/10/2019 2282A_03_
23/31
-
8/10/2019 2282A_03_
24/31
-
8/10/2019 2282A_03_
25/31
-
8/10/2019 2282A_03_
26/31
-
8/10/2019 2282A_03_
27/31
Lesson: Placing Single Operations Masters
Operations Master RolesGuidelines for Placing Forest-Level Single OperationsMasters
Guidelines for Placing Domain-Level Single Operations
Masters
-
8/10/2019 2282A_03_
28/31
Operations Master Roles
Level Role Service
Domainlevel
PDC emulator
Acts as the PDC for Windows NT 4.0 BDCs in the domainProcesses all password updates for clients not runningActive Directory client softwareReceives immediate updates from other domain
controllers when a users password is changed
RID masterAllocates relative IDs (RIDs) to all domain controllersEnsures that all security principals have a uniqueidentifier
Infrastructuremaster
Maintains a list of security principals from other domainsthat are members of groups in its domain
Forest level
Schemamaster Controls changes to the schema
Domainnaming master
Controls the Addition and removal of domains to and fromthe forest
Guidelines for Placing Forest Level Single Operations
-
8/10/2019 2282A_03_
29/31
If all domain controllers in the forest root domain are alsoglobal catalog servers:
Guidelines for Placing Forest-Level Single OperationsMasters
Leave all operations master roles on the first domaincontrollerDesignate the second domain controller as the standbyoperations master
If one or more domain controllers in the forest root domain donot host global catalog servers:
Move all operations master roles to a domain controller thatis not configured as a global catalog serverDesignate a third domain controller that is not configuredas a global catalog server as the standby operations master
Guidelines for Placing Domain Level Single Operations
-
8/10/2019 2282A_03_
30/31
Guidelines for Placing Domain-Level Single OperationsMasters
Leave the three domain-level operations master roles on the firstdomain controller and ensure that it is never configured as aglobal catalog server if any domain controllers in the regionaldomains do not host the global catalog
Place the domain-level roles in a site that contains a large numberof users from that domain and is well connected to other locations
Always designate a standby operations master
Place all three domain-level roles on a single domain controller
Leave the three domain-level roles on the first domain controller inthe domain if all domain controllers in the domain will host theglobal catalog
-
8/10/2019 2282A_03_
31/31
Lab A: Designing a Site Infrastructure