Active Directory—3rd lecture

                      Role of Active Directory 


  1. Transfer of Roles
  2. Seize of Roles

In Active Directory there are six Roles.

   Operation Masters

  1. Naming Master
  2. Schema Master
  3. RID Master
  4. PDC Emulator
  5. Infrastructure Master
  6. Global catalog
One to five master is  Flexible Single Master Operation Roles (FSMO Roles)
and the last one is Multi-Master Operations Roles.

1). Naming Master

  • Check and Maintain the Uniqueness of the Domain Name in the Whole Forest
  • It is Responsible for Adding, Removing and  Renaming the domain names in the whole Forest.

2). Schema Master

  • The schema is a set of Rules which is used to define the structure of Active Directory.
  • The schema contains Definition of all the Objects which are stored in Active Directory
  • The schema is further classified into
    —Classes
              *Class is a template which is used to create an Object.
    —Attributes
             *Attributes are Properties of an Objects.
note:-Operation Masters    Naming Master and Schema master both are forest-wide Roles FRDC.

3). RID Master

  • RID stands for Relative Identifiers
  • It assigns unique ID's (RIDs) to the Objects which are created in the  domain
  • Allocates pool of Relative ID's (RIDs) to all Domain controllers within a Domain
  • SID + Domain ID+ RID
To check SID open cmd
dsget user cn=sam,cn=users,dc=preem,dc=com -sid
whoami /user

4). PDC Emulator (Primary Domain Controller)

  • Acts as a PDC for Windows NT4.0 BDC's in the Domain
  • Processes all password updates for clients
  • Receives immediate updates from another domain controller when a user's password is changed
  • If Synchronizes time between the Domain controllers

5).Infrastructure Master

  • Infrastructure Master Maintains and updates the universal Group membership information
  • It is used for inter-domain Operations

Roles of Active Directory

Operation Master
Naming Master and Schema Master is forest-wide Roles
RID Master, PDC Emulator, and Infrastructure are Domain Wide Roles

Transfer of Roles 

  1. configure Sys1 DC primary server
  2. System2  ADC backup server
  3. System1 DC login as administrator
  4. open  the cmd  type command net accounts
  5. check role primary
  6. Type on below command 
  7. NTDSUTIL
  8. Roles
  9. connecting
  10. connect to server sys2
  11. Quit
  12. transfer naming master hit enter click yes
  13. transfer Schema master hit enter click yes
  14. transfer RID master hit enter click yes
  15. transfer PDC  hit enter click yes
  16. transfer Infrastructure  master hit enter click yes
  17. Quit hit ok
  18. Quit hit ok

verification

  1. In Sys1 type net accounts- backup
  2. In Sys2 type net accounts - Primary

Seize of Roles(if  DC is not working )

  1. shut down the DC primary server
  2. In ADC backup server login as administrator
  3. open the cmd net accounts - Backup
  4. Type on below command 
  5. NTDSUTIL
  6. Roles
  7. connecting
  8. connect to server sys2
  9. Quit
  10. Seize naming master hit enter click yes
  11. Seize Schema master hit enter click yes
  12. Seize RID master hit enter click yes
  13. Seize PDC  hit enter click yes
  14. Seize Infrastructure  master hit enter click yes
  15. Quit hit ok
  16. Quit hit ok

Manual Replication

  1. Check the connectivity and communication
  2. In Sys DC open the ADSS console wait it will take the same time
  3. sites>Default first site name>server>Sys1>NTDS setting(select)
  4. Right side click on Sys2 accounts and Replicate now click ok
CMD netdom query FSMO

Comments

Post a Comment

Popular posts from this blog