Term
| Name the Forest Level FSMOs |
|
Definition
| Schema and the Domain Naming Master |
|
|
Term
| Name the Domain-Level FSMOs |
|
Definition
| RID(Relative Identifier) Master, Infrastructure Master, PDC emulator |
|
|
Term
| Why do they called the roles single operation masters |
|
Definition
| some roles cannot be performed by multimaster replication |
|
|
Term
| What is another characteristic associated with the DC performing the FSMO |
|
Definition
|
|
Term
| What is the Domain Naming Master Role |
|
Definition
| Adds/Removes domains to/from the forest |
|
|
Term
| What is the Infrastructure Master Role |
|
Definition
| Tracks changes to objects in other domains that are member of groups in it's own domain(that is why you shouldnt make an Infrastructure Master a GC unless ALL DCs are GCs) |
|
|
Term
| What are the Roles that the PDC emulator FSMO performs |
|
Definition
| Emaulating the PDC for compatibility,Special Password update handling,Default target for GPO updates,Master Time Source,Master Domain Browser |
|
|
Term
| What happens when you try and add a domain to a forest and the Infrastructure Master is not availbable` |
|
Definition
|
|
Term
|
Definition
You can think of the infrastructure master as a tracking device for group members
from other domains. When those members are renamed or moved in the other domain, the
infrastructure master identifies the change and makes appropriate changes to group
memberships so that the memberships are kept up to date. |
|
|
Term
| What happens when a user changes a password or the password is reset |
|
Definition
| the change is instantly replicated to the PDC Emulator |
|
|
Term
| What is the behavior of a DC that is unaware of a rencent password reset/change on the user |
|
Definition
| before authentication is denied the authentication request is sent to the PDC Emulator which returns a respond to the DC of a success/failure |
|
|
Term
| What is the happens when you open the GPME as it relates to the FSMOs |
|
Definition
| the GPME binds to the PDC Emulator as the changes are made on the PDC Emulator to ensure that all DCs maintain a current GPO structure |
|
|
Term
| What is the Domain Master Browser |
|
Definition
| This is maintained by the PDC Emulator and is populated by choosing Networks in Windows |
|
|
Term
| What FSMOs should you co-locate |
|
Definition
Schema and Domain Naming on a GC(Domain Maning MUST be on A GC to keep track on Domains)
RID Master and the PDC Emulator
Infrastructure should not be on a GC unless ALL DCs are GCs(In which case the infrastructre master role becomes obsolete) |
|
|
Term
|
Definition
| The RID and PDC Emulator Master roles should be WELL CONNECTED/DIRECT REPLICATION PARTNERS if they are not located |
|
|
Term
| Where can you view and change the Domain-Level FSMOs |
|
Definition
| Right click the Server in ADAC |
|
|
Term
| Where can you view and change the Forest-Level FSMOs |
|
Definition
the Domains and Trust snap-in can be used to view/change the Domain Naming
you must register the schema by regsvr32 schmmgmt.dll then and the Active Directory Schema snapin to an MMC then right click the Active Directory Schema Node |
|
|
Term
| What to can you use to identify Operations Masters |
|
Definition
ntdsutil
roles
connections
connect to serverDomainControllerFQDN:portnumber
quit
select operation target
list roles for connected server
quit
quit
quit
• dcdiag /test:knowsofroleholders /v
• netdom query fsmo |
|
|
Term
| What are the steps to tranferring a FSMO |
|
Definition
Make sure the target DC is up to date with replication of the current FSMO holder
Open a tool that shows you the current FSMO holder(ADAC,ADDT,AD Schema Snapin)
Click Change(the target and the current FSMO HOlder will be online and the target start performing the operation masters role) |
|
|
Term
| What cmoond line tool can you use to seize an AD rule |
|
Definition
|
|
Term
|
Definition
| If you have sufficient time to bring the current FSMO holder online,wait. FSMO Seizure is a drastic operation and should not be taken lightly |
|
|
Term
|
Definition
| you are seizing the Operation Masters token |
|
|
Term
| Which of the Domain-Level FSMOs cannot be transferred back to the original FSMO Holder |
|
Definition
| Both the PDC and Infrastructure Masters can be transferred back but the RID Master role cannot be transferred back and the original FSMO Holder MUST remain offline |
|
|
Term
| Can forest level FSMOs be retransferred back |
|
Definition
|
|
Term
| What is the effect of a failed Infrastructure Role |
|
Definition
A failure of the infrastructure master will be noticeable to names of group members from other domains appear as if
group membership is incorrect although |
|
|
Term
| What is the NTDSUtil command to seize a FSMO |
|
Definition
ntdsutil
roles
connections
connect to server DomainControllerFQDN
quit
seize role:
• schema master
• domain naming master
• RID master
• PDC
• infrastructure master |
|
|
Term
| What are the three FSMOs that cannoot be returned |
|
Definition
| Schema Master,Domain Naming,RID Masters |
|
|
Term
| What commande must you run on a decommissioned DC containing a FSMO |
|
Definition
| dcpromo /forceremoval(to force the removal of AD when not connected to the domain |
|
|
