Term
|
Definition
Cached copy of a user’s logon credentials that have been stored on the user’s local workstation. |
|
|
Term
|
Definition
Time difference between any client or member server and the domain controllers in a domain. |
|
|
Term
|
Definition
Role that has the authority to manage the creation and deletion of domains, domain trees, and application data partitions in the forest. Upon creation of any of these, the Domain Naming Master ensures that the name assigned is unique to the forest. |
|
|
Term
|
Definition
Global catalog service that listens on port 3268 to respond to requests to search for an object in Active Directory. |
|
|
Term
|
Definition
Attribute has been stored in the partial attribute set and replicated to all global catalog servers in the forest. |
|
|
Term
|
Definition
Domain-specific role that is responsible for reference updates from its domain objects to other domains. This assists in tracking which domains own which objects. |
|
|
Term
partial attribute set (PAS) |
|
Definition
Partial copy of all objects from other domains within the same forest. This partial copy of forest-wide data includes a subset of each object’s attributes. |
|
|
Term
Primary Domain Controller (PDC) Emulator |
|
Definition
Role that provides backward compatibility with Microsoft Windows NT 4.0 domains and other down-level clients. |
|
|
Term
relative identifier (RID) |
|
Definition
Variable-length number that is assigned to objects at creation and becomes part of the object’s security identifier (SID). |
|
|
Term
Relative Identifier (RID) Master |
|
Definition
Role that is responsible for assigning relative identifiers to domain controllers in the domain. Relative identifiers are variable-length numbers assigned by a domain controller when a new object is created. |
|
|
Term
|
Definition
Active Directory role that has forest-wide authority to manage changes to the Active Directory schema. |
|
|
Term
security identifier (SID) |
|
Definition
Variable-length number used to uniquely identify an object throughout the Active Directory domain. Part of the SID identifies the domain to which the object belongs, and the other part is the RID. |
|
|
Term
|
Definition
Forced, ungraceful transfer of a role. This procedure is used only in the event of a catastrophic failure of a domain controller that holds a FSMO role. |
|
|
Term
|
Definition
Move a role to a new domain controller. |
|
|
Term
|
Definition
Memberships stored in the global catalog. A universal group can contain users, groups, and computers from any domain in the forest. In addition, universal groups, through their membership in domain local groups, can receive permissions for any resource anywhere in the forest. |
|
|
Term
universal group membership caching |
|
Definition
Stores universal group memberships on a local domain controller that can be used for logon to the domain, eliminating the need for frequent access to a global catalog server. |
|
|