managing operations masters
TRANSCRIPT
-
8/14/2019 Managing Operations Masters
1/12
Managing Operations Masters
-
8/14/2019 Managing Operations Masters
2/12
Introduction to Operations Masters
Only a Domain Controller That Holds a Specific Operations MasterRole Can Perform Associated Active Directory ChangesChanges Made by an Operations Master Are Replicated to OtherDomain ControllersAny Domain Controller Can Hold an Operations Master RoleOperations Master Roles Can Be Moved to Other Domain Controllers
Replication
Single Master Operations
OperationsMaster
-
8/14/2019 Managing Operations Masters
3/12
Operations Master Default Locations
First Domain Controllerin the Forest Root Domain
Domain-wide RolesRID masterPDC emulatorInfrastructuremaster
Forest-wide RolesSchema masterDomain namingmaster
Domain-wide RolesRID masterPDC emulatorInfrastructuremaster
-
8/14/2019 Managing Operations Masters
4/12
Schema Master
Controls All Updates to the Schema Replicates Updates to All Domain Controllers in the Forest Allows Only the Members of the Schema Admin Group to Make
Modifications to the Schema
Schema Master Replication
-
8/14/2019 Managing Operations Masters
5/12
Domain Naming Master
Controls the Addition or Removal of Domainsin the Forest
NewDomain
DomainNamingMasterGlobal CatalogServer
-
8/14/2019 Managing Operations Masters
6/12
-
8/14/2019 Managing Operations Masters
7/12
RID Master
Move
Allocates Blocks of RIDs to Each DomainController in Its Domain
Prevents Object Duplication if Objects Movefrom One Domain Controller to Another
Object SID = Domain SID +RID
RID Master
Block of RIDs
Move
RID Allocation
-
8/14/2019 Managing Operations Masters
8/12
Infrastructure Master
Updates References to Objects and GroupMemberships from Other Domains
InfrastructureMaster
Global Group Nestedinto Domain Local Group
Move
GUIDSID
New DN
GroupMembership List
-
8/14/2019 Managing Operations Masters
9/12
Determining the Holder of an OperationsMaster Role
To Find the Location of an Operations Master RoleTo Find the Location of an Operations Master Role
Use Active Directory Users and Computers to FindRID master
PDC emulator Infrastructure master
Use Active Directory Domains and Trusts to FindDomain naming master
Use Active Directory Schema Snap-in to FindSchema master
-
8/14/2019 Managing Operations Masters
10/12
Best Practices
Do Not Perform Frequent Role Transfers
Transfer Operations Master Roles Before Demoting a DomainController
Consider the Network Traffic for Password Changes When Assigningthe PDC Emulator to a Domain Controller
Review the Best Placement of Role Holders Periodically
Assign the Schema and Domain Naming Master Roles to the SameDomain Controller
Place a Global Catalog Server in the Same Site As the InfrastructureMaster
-
8/14/2019 Managing Operations Masters
11/12
Review
Introduction to Operations Masters Operations Master Roles Managing Operations Master Roles Managing Operations Master Failures Best Practices
-
8/14/2019 Managing Operations Masters
12/12
Thank You