Term
|
Definition
| Translator between GUID's, SID's, DN's (Distinguished Names, for foreign domain objects. --- Each domain, including the root domain, has an IM. --If you’re in a single domain forest, the IM has no work to do, since there are no foreign objects to translate. It is then okay to put IM role on any DC. Even if that DC has the gloal catalog. |
|
|
Term
|
Definition
| For a forest with multiple domains, if there’s even one domain controller that doesn’t have the global catalog on it, then you need to put the infrastructure master role on a domain controller that does not have the global catalog. The IM role needs to be on a DC that does not have the Global Catalog. |
|
|
Term
|
Definition
| As Domains join or leave the forest, the Domain Naming Master makes update into Active directory. Only this Dc actually commits those changes into AD. |
|
|
Term
|
Definition
| This DC also commits changes to Application Partitions. Like the Schema Master, this is at the root level and only needed once across all domains. |
|
|
Term
|
Definition
Flexible Single Master Operations.
Schema Master, Domain Naming, Infrastructure, Relative ID (RID), Primary Domain Controller (PDC) Emulator |
|
|
Term
| FSMO roles needed in every domain in the forest |
|
Definition
Infrastructure Master
Relative ID Master (RID)
Primary Domain Controller Master (PDC) |
|
|
Term
|
Definition
| Made up of the domain identifier (domain ID), and the relative ID (RID). The relative ID master, or RID master, hands out batches of relative IDs to individual domain controllers |
|
|
Term
|
Definition
| Every domain in a forest must have a domain controller with the RID master FSMO role assigned to it. It is recommended that the RID master FSMO role be assigned to whichever domain controller has the PDC emulator FSMO role. |
|
|
Term
|
Definition
| The Unique Part of a Security Identifier is Assigned from the Relative ID (RID) Master |
|
|
Term
| Primary Domain Controller Emulator (PDC) 1 |
|
Definition
| The Domain Controller (DC) That is the Primary Domain Controller (PDC) Emulator is the Authoritative DC in a Domain |
|
|
Term
| Primary Domain Controller Emulator (PDC) 2 |
|
Definition
| The PDC emulator updates passwords for users and computers. The PDC emulator is consulted to determine if the password has been changed without the replica DC’s knowledge |
|
|
Term
| Primary Domain Controller Emulator (PDC) 3 |
|
Definition
| PDC maintains accurate time which the domain is regulated by. If multiple domains, Root PDC role is authoritative for time. Each domain needs a PDC. |
|
|
