pass4sure 70-640 windows server 2008
DESCRIPTION
Take a start with Pass4sureexam Microsoft 70-640 practice exam and combine it with 70-640 study guide - Passing 70-640 test with splendid MCITP: Enterprise Administrator on Windows Server 2008 success in first trial is guaranteed http://www.pass4sureexam.co/70-640.htmlTRANSCRIPT
![Page 1: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/1.jpg)
IntroducingGlobal Catalog and Flexible Single Master Operations (FSMO) Roles
70-640
http://www.pass4sureexam.co/70-640.html
![Page 2: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/2.jpg)
Skills MatrixTechnology Skill Objective Domain Objective #Configuring Additional Global Catalog Servers
Configure the global catalog
2.5
Placing FSMO Role Holders Configure operations masters
2.6
http://www.pass4sureexam.co/70-640.html
![Page 3: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/3.jpg)
Global Catalog• Critical component of Active Directory.• Acts as a central repository by holding:
– A complete copy of all objects from the host server’s local domain.– A partial copy of all objects from other domains within the same
forest• Used for logon, object searches, and universal group
memberships.
http://www.pass4sureexam.co/70-640.html
![Page 4: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/4.jpg)
Global Catalog• Global catalog placement considerations
include:– The speed and reliability of the WAN link.– The amount of traffic that will be generated by
replication.– The size of the global catalog database.
• When a user initiates a search for an object in Active Directory, the request is automatically sent to TCP port 3268.• Global catalogs are identified with DNS through
the SRV records (global catalog, or _gc, service).
http://www.pass4sureexam.co/70-640.html
![Page 5: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/5.jpg)
Universal Group Membership Caching• Available with Windows Server 2003 and Windows Server 2008.• Used for sites that do not have a global catalog server
available.• Stores universal group memberships on a local domain
controller that can be used for logon to the domain, eliminating the need for frequent access to a global catalog server.
• Allows domain controllers to process a logon or resource request without the presence of a global catalog server. – Assuming a user has successfully logged on when a global
catalog server was available and universal group membership caching was enabled.
http://www.pass4sureexam.co/70-640.html
![Page 6: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/6.jpg)
Universal Group Membership Caching• Enabled on a per-site basis. • By default, cache is refreshed every eight hours.
http://www.pass4sureexam.co/70-640.html
![Page 7: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/7.jpg)
Universal Group Membership Caching
• It eliminates the need to place a global catalog in a remote location where the link speed is slow or unreliable.
• It provides better logon performance for users with cached information.
• If the global catalog is located across a WAN link, cached credentials can replace the need to have logon traffic sent across a slow or unreliable link.
• It minimizes WAN usage for replication traffic because the domain controller does not have to hold information about forest-wide objects.
• In addition, these remote domain controllers are not listed in DNS as providers of global catalog services for the forest, further reducing bandwidth constraints.
![Page 8: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/8.jpg)
Global Catalog and Universal Group Caching• If universal group caching is not available to record the
user’s information into cache and the global catalog server goes offline, the logon attempt will fail.
http://www.pass4sureexam.co/70-640.html
![Page 9: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/9.jpg)
Global Catalog• By default, the first domain controller installed in the forest
root domain is designated as a global catalog server. • Any or all domain controllers in a domain can be
designated as global catalog server.
http://www.pass4sureexam.co/70-640.html
![Page 10: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/10.jpg)
Configuring an Additional Global Catalog Server
• Use Active Directory Sites and Services from the Administrative Tools folder.
![Page 11: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/11.jpg)
Enabling Universal Group Membership Caching
• Use Active Directory Sites and Services.
![Page 12: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/12.jpg)
Flexible Single Master Operations (FSMO) Roles• To keep a tight control on certain sensitive or special
operations, Active Directory uses Flexible Single Master Operations (FSMO) roles.– Relative Identifier Master.– Infrastructure Master.– Primary Domain Controller (PDC) Emulator.– Domain Naming Master.– Schema Master.
http://www.pass4sureexam.co/70-640.html
![Page 13: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/13.jpg)
Relative Identifier (RID) Master• Domain specific (one per domain).• Responsible for assigning relative identifiers to domain
controllers in the domain. • Relative identifiers are variable-length numbers assigned
by a domain controller when a new object is created.
http://www.pass4sureexam.co/70-640.html
![Page 14: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/14.jpg)
Infrastructure Master• Domain specific (one per domain).• Responsible for reference updates from its domain objects
to other domains. – Assists in tracking which domains own which objects.
http://www.pass4sureexam.co/70-640.html
![Page 15: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/15.jpg)
Primary Domain Controller (PDC) Emulator• Domain specific (one per domain).• Provides backward compatibility with Microsoft
Windows NT 4.0 domains and other down-level clients. • Manages account lockouts.• Manages time synchronization for the domain.• Managers password changes.
– When a password is changed, it provides immediate replication to other domain controllers in the domain.
• Managing edits to Group Policy Objects (GPOs)http://www.pass4sureexam.co/70-640.html
![Page 16: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/16.jpg)
Domain Naming Master• Forest specific (one per forest).• Has the authority to manage the creation and deletion of
domains, domain trees, and application data partitions in the forest. – When any of these is created, the Domain Naming Master ensures
that the name assigned is unique to the forest.
http://www.pass4sureexam.co/70-640.html
![Page 17: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/17.jpg)
Schema Master• Forest specific (one per forest).• Responsible for managing changes to the Active Directory
schema.
http://www.pass4sureexam.co/70-640.html
![Page 18: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/18.jpg)
Flexible Single Master Operations (FSMO) Roles• When you install the first domain controller in a new forest,
that domain controller holds both of the forest-wide FSMOs as well as the three domain-wide FSMOs for the forest root domain.
http://www.pass4sureexam.co/70-640.html
![Page 19: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/19.jpg)
Managing FSMO Roles• Role transfer - Used to move a FSMO role gracefully from
one domain controller to another. • Role seizure - Used only when you have experienced a
failure of a domain controller that holds a FSMO role and you forced an ungraceful transfer.
http://www.pass4sureexam.co/70-640.html
![Page 20: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/20.jpg)
Viewing or transferring Domain-Wide FSMO Role Holders
• Open the Active Directory Users and Computers MMC snap-in.• Right-click the Active
Directory Users and Computers node, click All Tasks, and select Operations Masters.
![Page 21: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/21.jpg)
Viewing or Transferring the Domain Naming Master FSMO Role Holder
• In Active Directory Domains and Trusts, right-click the Active Directory Domains and Trusts node and select Change Operations Master.
http://www.pass4sureexam.co/70-640.html
![Page 22: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/22.jpg)
Viewing or Transferring the Schema Master FSMO Role Holder• Open the Active Directory Schema snap-in.• Right-click Active Directory Schema from the console tree
and select Change Operations Master. • Remember that before you can access the Active Directory
Schema snap-in, you need to register the schmmgmt.dll DLL file using the following syntax:
regsvr32 schmmgmt.dll
http://www.pass4sureexam.co/70-640.html
![Page 23: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/23.jpg)
Seizing a FSMO Role• Use the ntdsutil command to access the fmso maintenance
prompt and use the seize command.
http://www.pass4sureexam.co/70-640.html
![Page 24: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/24.jpg)
Summary• The global catalog server acts as a central repository for
Active Directory by holding a complete copy of all objects within its local domain and a partial copy of all objects from other domains within the same forest.• The global catalog has three main functions: the facilitation
of searches for objects in the forest, resolution of UPN names, and provision of universal group membership information.
http://www.pass4sureexam.co/70-640.html
![Page 25: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/25.jpg)
Summary• A global catalog should be placed in each site when
possible. As an alternate solution when a site is across an unreliable WAN link, universal group membership caching can be enabled for the site to facilitate logon requests.
http://www.pass4sureexam.co/70-640.html
![Page 26: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/26.jpg)
Summary• Global catalog placement considerations include the speed
and reliability of the WAN link, the amount of traffic that will be generated by replication, the size of the global catalog database, and the applications that might require use of port 3268 for resolution.• Operations master roles are assigned to domain controllers
to perform single-master operations.
http://www.pass4sureexam.co/70-640.html
![Page 27: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/27.jpg)
Summary• The Schema Master and Domain Naming Master roles are
forest-wide. – Every forest must have one and only one of each of these roles.
• The RID Master, PDC Emulator, and Infrastructure Master roles are domain-wide. – Every domain must have only one of each of these roles.
http://www.pass4sureexam.co/70-640.html
![Page 28: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/28.jpg)
Summary• The default placement of FSMO roles is sufficient for a
single-site environment.– However, as your network expands, these roles should be divided to
increase performance and reliability.
http://www.pass4sureexam.co/70-640.html
![Page 29: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/29.jpg)
Summary• FSMO roles can be managed in two ways:
– Role transfer - Transfer a FSMO role to other domain controllers in the domain or forest to balance the load among domain controllers or to accommodate domain controller maintenance and hardware upgrades.
– Role seizure - Seize a FSMO role assignment when a server holding the role fails and you do not intend to restore it. • Seizing a FSMO role is a drastic step that should be
considered only if the current FSMO role holder will never be available again.
![Page 30: Pass4sure 70-640 Windows Server 2008](https://reader031.vdocument.in/reader031/viewer/2022020201/568c540a1a28ab4916bd35a0/html5/thumbnails/30.jpg)
Summary• Use repadmin to check the status of the update sequence
numbers (USNs) when seizing the FSMO role from the current role holder. • Usentdsutil to actually perform a seizure of the FSMO role.
http://www.pass4sureexam.co/70-640.html