PLAN ACTIVE DIRECTORY TESTOUT SERVER PRO 2016 IDENTITY

  • Slides: 17
Download presentation
PLAN ACTIVE DIRECTORY TESTOUT SERVER PRO 2016: IDENTITY

PLAN ACTIVE DIRECTORY TESTOUT SERVER PRO 2016: IDENTITY

Manage FSMO roles. Transfer RID and PDC masters. Transfer the Infrastructure master. Troubleshoot Operations

Manage FSMO roles. Transfer RID and PDC masters. Transfer the Infrastructure master. Troubleshoot Operations masters. Manage Global Catalog Servers. Configure Global Catalog Servers. Enable Universal Group Membership Caching. TESTOUT SERVER PRO 2016: IDENTITY

Lightweight Directory Access Protocol (LDAP) User Datagram Protocol (UDP) Global Catalog (GC) Universal Group

Lightweight Directory Access Protocol (LDAP) User Datagram Protocol (UDP) Global Catalog (GC) Universal Group Membership Caching (UGMC) TESTOUT SERVER PRO 2016: IDENTITY

Lightweight Directory Access Protocol (LDAP): The primary global catalog protocol that specifies directory communications.

Lightweight Directory Access Protocol (LDAP): The primary global catalog protocol that specifies directory communications. User Datagram Protocol (UDP): UDP is an alternative communications protocol to Transmission Control Protocol (TCP) used primarily for establishing low-latency and losstolerating connections between applications on the internet. TESTOUT SERVER PRO 2016: IDENTITY

Global Catalog (GC): A database that contains a partial replica of every object from

Global Catalog (GC): A database that contains a partial replica of every object from every domain within a forest. A server that holds a copy of the Global Catalog is a global catalog server. Universal Group Membership Caching (UGMC): Universal Group Membership Caching caches the group membership of universal groups. During logon, universal group membership is checked for the user. TESTOUT SERVER PRO 2016: IDENTITY

Flexible Single Master Operations TESTOUT SERVER PRO 2016: IDENTITY

Flexible Single Master Operations TESTOUT SERVER PRO 2016: IDENTITY

FSMO Roles Forest-Wide Schema Master Domain-Wide Domain Naming Master Only one of each per

FSMO Roles Forest-Wide Schema Master Domain-Wide Domain Naming Master Only one of each per forest TESTOUT SERVER PRO 2016: IDENTITY RID Master Infrastructure Master Only one of each per domain PDC Emulator

Only one per forest. The only read/write copy. A template for Active Directory. Changes

Only one per forest. The only read/write copy. A template for Active Directory. Changes affect all existing and future Active Directory objects. Can only be edited by members of the Schema Admins group. TESTOUT SERVER PRO 2016: IDENTITY

Ensures each domain in the forest has a unique name. Only one per forest.

Ensures each domain in the forest has a unique name. Only one per forest. TESTOUT SERVER PRO 2016: IDENTITY

Distributes RIDs to domain controllers. RIDs: Are unique numbers used to generate unique SIDs.

Distributes RIDs to domain controllers. RIDs: Are unique numbers used to generate unique SIDs. Are never re-used. Are distributed in blocks of 500. Must be running to promote a server. TESTOUT SERVER PRO 2016: IDENTITY

Infrastructure Master updates the Global Catalog. Do not install on Global Catalog server unless

Infrastructure Master updates the Global Catalog. Do not install on Global Catalog server unless there is only one domain controller in the domain. TESTOUT SERVER PRO 2016: IDENTITY

Provides integration with Windows NT 4. 0 domains are no longer supported. Is preferred

Provides integration with Windows NT 4. 0 domains are no longer supported. Is preferred for security updates Password resets Account lockouts Provides synchronization and consistency Such as: Group Policy updates Distributed file system (DFS) replication Time synchronization TESTOUT SERVER PRO 2016: IDENTITY

Provides faster searching in forests. Provides a searchable catalog of all objects in every

Provides faster searching in forests. Provides a searchable catalog of all objects in every domain. Retrieves the Universal Group Membership from AD during logon. Work best when there is one in each site. Otherwise, enable Universal Group Membership Caching on the domain controllers at the site. Eliminates the dependency on the availability of a global catalog server during logons. Resolves logon requests locally from cached information. TESTOUT SERVER PRO 2016: IDENTITY

Forest Schema Master Domain Naming Maser Domain RID Master Infrastructure Master PDC Emulator Global

Forest Schema Master Domain Naming Maser Domain RID Master Infrastructure Master PDC Emulator Global Catalog Servers TESTOUT SERVER PRO 2016: IDENTITY

TESTOUT SERVER PRO 2016: IDENTITY

TESTOUT SERVER PRO 2016: IDENTITY

Do the following labs: 2. 2. 5 Transfer RID and PDC Masters 2. 2.

Do the following labs: 2. 2. 5 Transfer RID and PDC Masters 2. 2. 6 Transfer the Infrastructure Master 2. 2. 7 Troubleshoot Operations Masters 2. 2. 10 Configure Global Catalog Servers 2. 2. 11 Enable Universal Group Membership Caching TESTOUT SERVER PRO 2016: IDENTITY

What is the purpose of an operation master role server? What is the function

What is the purpose of an operation master role server? What is the function of a PDC emulator? What does the infrastructure master do? Which operations master roles are located at the forest level? How many of these roles are there in a forest? How many domain operations masters are in a forest? You are installing a new domain controller in a new domain in an existing forest. How many operations master roles will that server hold? What might happen if the RID master becomes unavailable? Which role(s) should be placed on a global catalog server? Which roles should not? What is the difference between transferring a role and seizing a role? TESTOUT SERVER PRO 2016: IDENTITY

PLAN ACTIVE DIRECTORY TESTOUT SERVER PRO 2016 IDENTITYPLAN ACTIVE DIRECTORY TESTOUT SERVER PRO 2016 IDENTITY
PLAN ACTIVE DIRECTORY TESTOUT SERVER PRO 2016 IDENTITYPLAN ACTIVE DIRECTORY TESTOUT SERVER PRO 2016 IDENTITY
PLAN ACTIVE DIRECTORY TESTOUT SERVER PRO 2016 IDENTITYPLAN ACTIVE DIRECTORY TESTOUT SERVER PRO 2016 IDENTITY
INSTALL ACTIVE DIRECTORY TESTOUT SERVER PRO 2016 IDENTITYINSTALL ACTIVE DIRECTORY TESTOUT SERVER PRO 2016 IDENTITY
INSTALL ACTIVE DIRECTORY TESTOUT SERVER PRO 2016 IDENTITYINSTALL ACTIVE DIRECTORY TESTOUT SERVER PRO 2016 IDENTITY
LOGO 13 Active Directory Active Directory Active DirectoryLOGO 13 Active Directory Active Directory Active Directory
OSP 324 Active Directory Active Directory Active DirectoryOSP 324 Active Directory Active Directory Active Directory
SIM 323 Active Directory Active Directory Active DirectorySIM 323 Active Directory Active Directory Active Directory
MANAGE ACTIVE DIRECTORY OBJECTS TESTOUT SERVER PRO 2016MANAGE ACTIVE DIRECTORY OBJECTS TESTOUT SERVER PRO 2016
MANAGE ACTIVE DIRECTORY OBJECTS TESTOUT SERVER PRO 2016MANAGE ACTIVE DIRECTORY OBJECTS TESTOUT SERVER PRO 2016
MANAGE ACTIVE DIRECTORY OBJECTS TESTOUT SERVER PRO 2016MANAGE ACTIVE DIRECTORY OBJECTS TESTOUT SERVER PRO 2016
MANAGE ACTIVE DIRECTORY OBJECTS TESTOUT SERVER PRO 2016MANAGE ACTIVE DIRECTORY OBJECTS TESTOUT SERVER PRO 2016
MANAGE ACTIVE DIRECTORY OBJECTS TESTOUT SERVER PRO 2016MANAGE ACTIVE DIRECTORY OBJECTS TESTOUT SERVER PRO 2016
n n Active Directory Directory Directory Directory Windowsn n Active Directory Directory Directory Directory Windows
Active Directory Active Directory Directory service for WindowsActive Directory Active Directory Directory service for Windows
ACTIVE DIRECTORY FEDERATION SERVICES AD FS TESTOUT SERVERACTIVE DIRECTORY FEDERATION SERVICES AD FS TESTOUT SERVER