FSMO
------
flexible single master operations:
All DC can update user db. There is one master domain master, that can operated certian operations. five such operations are
1. schema master (forest role)
2. domain naming master(forest role)
3. RID master(domain role-present in each domain)
4. Infrastructure master(domain role-present in each domain)
5. PDC Emulator(domain role-present in each domain)
------
flexible single master operations:
All DC can update user db. There is one master domain master, that can operated certian operations. five such operations are
1. schema master (forest role)
2. domain naming master(forest role)
3. RID master(domain role-present in each domain)
4. Infrastructure master(domain role-present in each domain)
5. PDC Emulator(domain role-present in each domain)
1. Schema master control updates and notifications ( like
username group passwords) is the domain controler(dc) that has updated copy of
schema(db defination-define how the databse is designed. for example user has
UName, UPassword). All other dc are read only. BUT schema master is RW(Read
Write). For installing exchange we need eccess to schema master, as exchange
will change schema. By default the first dc is schema and domain naming master.
user accounts -stores - user phone no,add,email id etc
computer accounts - stores - computer accounts and groups ,computer name, domain name
2. Domain Naming Master: it checks the domain name configurations, just to make sure that domain names are unique and valid.
computer accounts - stores - computer accounts and groups ,computer name, domain name
2. Domain Naming Master: it checks the domain name configurations, just to make sure that domain names are unique and valid.
3. RID master(Relative Identifier Master): it allocated a pool of
mutually exclisive identifier to each dc. Security is based on RID
4. Infrastructure master: is used for intr domain operations to ensure
consistency in env, when obj are renamed or when they are moved. its work along
with global catolog(gc). Thats why if Infr Master ang gc are on the same
server, then infr Master role is switched off, because they performs same role
5. PDC Emulator: ensures that the backward compatibilty is there for
BDC(backup domain controler). When we upgrade DC of WinNT to Win2003, then PDC
Emulator will provide support
What are the FSMO Roles?
What are the FSMO Roles?
I will talk more about the specific functions of the FSMO roles in the next article in this series. I do however want to quickly mention what these roles are. As you may recall, I mentioned that there are three domain specific roles, and two forest specific roles.
The domain specific roles include the Relative identifier, the Primary Domain Controller Emulator, and the Infrastructure Master. Forest level roles include the Schema Master and the Domain Naming master. Below is a brief description of what these roles do:
Schema Master: maintains the authoritative copy of the Active Directory database schema.
Domain Naming Master: maintains the list of domains within the forest.
Relative Identifier Master: responsible for ensuring that every Active Directory object at a domain receives a unique security identifier.
Primary Domain Controller Emulator: acts as the Primary Domain Controller in domains containing domain controllers running Windows NT.
Infrastructure Master: the Infrastructure Master is responsible for updating an object’s security identifier and distinguished name in a cross domain object reference.
No comments:
Post a Comment