1

Roles of Active Directory

Operation Master Domain Naming Master Schema Master RID Master PDC Emulator Infrastructure Master Global Catalog Domain Wide Roles Forest Wide Roles

Domain Naming Master

Checks and Maintains the Uniqueness of the Domain Names in the Whole Forest. It is Responsible for Adding, Removing and Renaming the domain names in the whole Forest. Domain Domain Naming Naming Master Master

New Domain

Schema Master

Schema is a Set of Rules which is used to define the Structure of AD Schema contains Definitions of all the Objects which are stored in AD. Classes Class is a Template which is used to Create an Object Attributes Attributes are Properties of an Object

Schema Classes Objects Attributes Properties

User Name Phone No Mobile No Address Description

User
U1 U2 U3

Computer

Printer

Share Folder

RID Master

Allocates pool of Relative IDs (RIDs) to all Domain controllers It assigns ID s to the Objects which are created in the Domain

RID RID Master Master

Pool Pool of of RIDs RIDs

RID RID allocation allocation

SID = Domain ID + RID

PDC Emulator

Acts as a PDC for Windows NT 4.0 BDC s in the domain Processes all password updates for clients not running Active Directory client software Receives immediate updates from other domain controllers when a user s password is changed It Synchronizes time between the Domain controllers.

U1-u1 U2-u2

U1-u1 U2-u2

Want to Change the Password: U1 to XYz

DC
U1 U2

ADC
U3

Zoom.com

U1-xyz U2-u2

U1-u1 U2-u2

DC
U1 U2

ADC
U3

Zoom.com

Infrastructure Master

Infrastructure Master Maintains and Updates the Universal Group Membership information It is Used for Inter-Domain Operations

10

Global Catalog

The global catalog contains Complete information of Host Domain & partial information of other domains in a forest. By searching against the GC, individual domains do not have to be queried in most cases- GC can resolve Servers that hold a copy of the global catalog are called global catalog servers.

11

Global Catalog Server

Schema

Holds Holds full full copy copy of of the the schema schema partition partition for for forest forest Holds Holds full full copy copy of of configuration configuration partition partition for for forest forest Holds Holds full full copy copy of of domain domain partition partition for for own own domain domain Holds Holds read read only only copy copy of of all all other other domain domain directory directory partitionspartitions- all all objects, objects, but but only only attributes attributes marked marked for for GC GC inclusion inclusion Contains Contains application application data data if if configured configured ForestDNSZone, ForestDNSZone, DomainDNSZone, DomainDNSZone, user-defined user-defined application application partition(s) partition(s)

Configuration

Mcse.com Ccna.com Solaris.com Application

12

Global Catalog Server

Include Include in in GC GC Telephone Telephone Email Email Name Name

Object Object Attributes

Domain

Global Catalog

Queries

Domain

Domain

Global Catalog Server

Universal Group membership when user logs on

13