Register now or log in to join your professional community.
To ensure the availability of active directory over the network you can add additional domain controllers. You can add adc in the same site as well other sites.
Additional DC will help be until the main server become ready ,
The Roles
There are five FSMO roles, two per forest, three in every Domain. A brief summary of the role is below.
The Roles
There are five FSMO roles, two per forest, three in every Domain. A brief summary of the role is below.
The schema is shared between every Tree and Domain in a forest and must be consistent between all objects. The schema master controls all updates and modifications to the schema.
When a new Domain is added to a forest the name must be unique within the forest. The Domain naming master must be available when adding or removing a Domain in a forest.
Allocates RIDs to DCs within a Domain. When an object such as a user, group or computer is created in AD it is given a SID. The SID consists of a Domain SID (which is the same for all SIDs created in the domain) and a RID which is unique to the Domain.
When moving objects between domains you must start the move on the DC which is the RID master of the domain that currently holds the object.
The PDC emulator acts as a Windows NT PDC for backwards compaitbility, it can process updates to a BDC.
It is also responsible for time syncronising within a domain.
It is also the password master (for want of a better term) for a domain. Any password change is replicated to the PDC emulator as soon as is practical. If a logon request fails due to a bad password the logon request is passed to the PDC emulator to check the password before rejecting the login request.
The infrastructure master is responsible for updating references from objects in its domain to objects in other domains. The global catalog is used to compare data as it recieves regular updates for all objects in all domains.
Any change to user-group references are updated by the infrastructure master. For example if you rename or move a group member and the member is in a different domain from the group the group will temporarily appear not to contain that member.
Unless there is only one DC in a domain the Infrastructure role should not be on the DC that is hosting the global catalog. If they are on the same server the infrastructure master will not function, it will never find data that is out of date and so will never replicate changes to other DCs in a domain.
If all DCs in a domain also host a global catalog then it does not matter which DC has the infrastrucure master role as all DCs will be up to date due to the global catalog.
Good answer but Brother Adeel and Ahmed dont forget to transfer the roles. you should remember important5 FSMO roles.
The RolesThere are five FSMO roles, two per forest, three in every Domain. A brief summary of the role is below.
The schema is shared between every Tree and Domain in a forest and must be consistent between all objects. The schema master controls all updates and modifications to the schema.
When a new Domain is added to a forest the name must be unique within the forest. The Domain naming master must be available when adding or removing a Domain in a forest.
Allocates RIDs to DCs within a Domain. When an object such as a user, group or computer is created in AD it is given a SID. The SID consists of a Domain SID (which is the same for all SIDs created in the domain) and a RID which is unique to the Domain.
When moving objects between domains you must start the move on the DC which is the RID master of the domain that currently holds the object.
The PDC emulator acts as a Windows NT PDC for backwards compaitbility, it can process updates to a BDC.
It is also responsible for time syncronising within a domain.
It is also the password master (for want of a better term) for a domain. Any password change is replicated to the PDC emulator as soon as is practical. If a logon request fails due to a bad password the logon request is passed to the PDC emulator to check the password before rejecting the login request.
The infrastructure master is responsible for updating references from objects in its domain to objects in other domains. The global catalog is used to compare data as it recieves regular updates for all objects in all domains.
Any change to user-group references are updated by the infrastructure master. For example if you rename or move a group member and the member is in a different domain from the group the group will temporarily appear not to contain that member.
Unless there is only one DC in a domain the Infrastructure role should not be on the DC that is hosting the global catalog. If they are on the same server the infrastructure master will not function, it will never find data that is out of date and so will never replicate changes to other DCs in a domain.
If all DCs in a domain also host a global catalog then it does not matter which DC has the infrastrucure master role as all DCs will be up to date due to the global catalog.
Many Thanks. Muhammad Tahir
Additional DC will not help until your planning is not good to keep the FSMO roles, because by default ADC will not hold any FSMO roles.
Additional DC will help be until the main server become ready
Create First DC in your domain and than create another ADC for fault tolerance and high Availability. if one DC goes down another one with work for your organization.
You can configure Secondry DC for relaiablity, but you should configure the first DC first.
Do you need help in adding the right keywords to your CV? Let our CV writing experts help you.