3825 West Cheyenne Avenue, Suite 600 North Las Veas, Neva!a 8"032 NT#330 Client$Server Net%or&in II Wee& 5, 'nit 5 ( )lo*al Catalo an! +le,i*le Sinle -ater ./erations 0+S-.1 2oles Exercise +or this 3,ercise Please evaluate the information provided and after reading in the lessons for this week, answer the scenario deliverables. This exercise is due at the beginning of the next class meeting. Unit 5. Exercise 1. AD FSMO Role Management Research: Alternate Methods Course .*4ectives an! Learnin .utco5es In this Exercise, ou will determine the best tools for determining !"#$ roles and develop a plan for the failure of a role holder. Assin5ent 2e6uire5ents %eview to the following scenario& ' (unior IT administrator has been tasked with documenting current !"#$ %ole )olders and *+ "ervers, as well as documenting procedures for responding to !"#$ %ole unavailabilit and sends the following email& ,,, To& IT 'dmin I need to determine which D+s currentl hold which roles and determine which D+s are *lobal +atalog "ervers. I also need to develop a plan for failure of a role holder. I know there are multiple was to accomplish this task but I-m not sure the best tools for an given scenario. /ould ou use ntdsutil or ##+ "nap,ins. /hat about dcdiag. 'n advice or suggestions would be appreciated0 1unior 'dmin ,,, %espond with practical steps and2or a recommended approach to the problem& Su*5ission 2e6uire5ents 3,4 pages, #icrosoft /ord Double,spaced Times 5ew %oman, 34 pt. font 6tili7e 'P' 8 formatting Ensure that ou include a cover page and reference page. 5T399: +lient,"erver 5etworking II Page 3 of 4 /eek ;, <:,8=: >esson 9 "teve Todd Davonte Brown Active Directory is a multimaster database which means that updates can be made by any writeable DC. Some sensitive operations need to be controlled more stringently than others, such as schema management and adding or removing additional domains from an AD forest. These specified roles are called Flexible Single aster !perations "FS!#. This means only one DC in the replica ring can provide a particular operation. To find which roles a DC currently hold you can use the ntdsutil. From the start menu, $ey roles and press enter, $ey connections press enter, $ey connect to server and server name and domain press enter, $ey %uit and press enter, $ey select operation target press enter, $ey list roles for connected server and press enter and %uit. There are other ways to find which roles a DC currently holds, such as& 'ou must $now the default settings. (y default the first domain controller installed in the forest root domain is designated as a global catalog server. Schema snap)in, AD Domains and Trusts snap)in, And for *+D, ,DC emulator and +nfrastructure use AD users and configuration snap)in. 'ou will need to develop plan in the event that a role holder fails. -ere are some suggestions. The ,rimary Domain Controller ",DC# and the *elative +dentifier aster "*+D# should be on the same DC if possible. The ,DC role is mostly used of all FS! roles and has the widest range of functions. The Schema aster and Domain .aming aster should be on the same DC. -ope this helped you out in doing the tas$ you needed to do than$ you and have a nice day. 5T399: +lient,"erver 5etworking II Page 4 of 4 /eek ;, <:,8=: >esson 9 "teve Todd