Term
|
Definition
| Cached copy of a user’s logon credentials that have been stored on the user’s local workstation. |
|
|
Term
|
Definition
| Time difference between any client or member server and the domain controllers in a domain. |
|
|
Term
|
Definition
| Role that has the authority to manage the creation and deletion of domains, domain trees, and application data partitions in the forest. Upon creation of any of these, the Domain Naming Master ensures that the name assigned is unique to the forest. |
|
|
Term
|
Definition
| Global catalog service that listens on port 3268 to respond to requests to search for an object in Active Directory. |
|
|
Term
|
Definition
| Attribute has been stored in the partial attribute set and replicated to all global catalog servers in the forest. |
|
|
Term
|
Definition
| Domain-specific role that is responsible for reference updates from its domain objects to other domains. This assists in tracking which domains own which objects. |
|
|
Term
| partial attribute set (PAS) |
|
Definition
| Partial copy of all objects from other domains within the same forest. This partial copy of forest-wide data includes a subset of each object’s attributes. |
|
|
Term
| Primary Domain Controller (PDC) Emulator |
|
Definition
| Role that provides backward compatibility with Microsoft Windows NT 4.0 domains and other down-level clients. |
|
|
Term
| relative identifier (RID) |
|
Definition
| Variable-length number that is assigned to objects at creation and becomes part of the object’s security identifier (SID). |
|
|
Term
| Relative Identifier (RID) Master |
|
Definition
| Role that is responsible for assigning relative identifiers to domain controllers in the domain. Relative identifiers are variable-length numbers assigned by a domain controller when a new object is created. |
|
|
Term
|
Definition
| Active Directory role that has forest-wide authority to manage changes to the Active Directory schema. |
|
|
Term
| security identifier (SID) |
|
Definition
| Variable-length number used to uniquely identify an object throughout the Active Directory domain. Part of the SID identifies the domain to which the object belongs, and the other part is the RID. |
|
|
Term
|
Definition
| Forced, ungraceful transfer of a role. This procedure is used only in the event of a catastrophic failure of a domain controller that holds a FSMO role. |
|
|
Term
|
Definition
| Move a role to a new domain controller. |
|
|
Term
|
Definition
| Memberships stored in the global catalog. A universal group can contain users, groups, and computers from any domain in the forest. In addition, universal groups, through their membership in domain local groups, can receive permissions for any resource anywhere in the forest. |
|
|
Term
| universal group membership caching |
|
Definition
| Stores universal group memberships on a local domain controller that can be used for logon to the domain, eliminating the need for frequent access to a global catalog server. |
|
|
