Lzdkfvnlkfsbnslfkbndlkndlfbn Lzdkfvnlkfsbnslfkbndlkndlfbn Lzdkfvnlkfsbfdlkndlfbn Lzdkfvnlkfsbnsl
Total Page:16
File Type:pdf, Size:1020Kb
LAB 4 GLOBAL CATALOG AND FLEXIBLE SINGLE MASTER OPERATIONS (FSMO) ROLES
This lab contains the following projects and activities:
Project 4.1 The Global Catalog and Windows Server 2003 Domain Functional Level
Project 4.2 Enabling Universal Group Membership Caching
Project 4.3 Working with Flexible Single Master Operations Roles
Lab Review Questions
Lab Challenge Using the DNS Console to Verify Global Catalog Records on the DNS Server 4.1
Lab Challenge Verifying FSMO Role Holders with DCDIAG 4.2
Lab Challenge Determining Whether an Attribute Is Replicated in the Global Catalog 4.3
1 2 Planning, Implementing, and Maintaining Windows Server Active Directory Infrastructure Lab Manual
Project 4.1 The Global Catalog and the Windows Server 2008 Domain Functional Level Overview Your manager wants to know what would happen if the global catalog server in your environment fails. She has asked you to run some tests on your test network to determine the effect of an unavailable global catalog server on the success or failure of network logons. In addition, she would like you to test the implications of raising the domain and forest functional levels to Windows Server 2008. Outcomes After completing this exercise, you will know how to: Raise the domain functional level. Raise the forest functional level. Test client dependency on the global catalog server. Completion time 40 minutes Precautions On the odd-numbered computer (RWDCxx), log on using administrative credentials in the domainxx.local domain. On the even-numbered computer (RWDCyy), log on using administrative credentials in the childyy.domainxx.local domain. You must complete the Lab Cleanup exercises from Lab 3 before performing these exercises.
Would you be able to raise the forest functional level to Question Windows Server 2008 at this point? 1
Would you be able to raise the forest functional level to Questio Windows Server 2008 at this point? Why or why not? n 2
Would you be able to reverse this change at this point? Questio n 3
What happens at this point? Question 4
What happens at this point? Question 5 Global Catalog and Flexible Single Master Operations (FSMO) Roles 3
Why are you able to log on using this account? Questio n 6
What happens at this point? Questio n 7
What happens at this point? Question 8
Project 4.2 Enabling Universal Group Membership Caching Overview Your manager wants to know if the universal group membership caching feature will alleviate her concerns about user logon dependency on the global catalog. You decide to run an experiment in your test lab to see how universal group membership caching works in the event of a global catalog failure. Outcomes After completing this exercise, you will know how to: Enable universal group membership caching. Completion time 25 minutes Precautions Some of the steps in this exercise should only be performed on one computer in each pair. You will be informed which computer, odd or even, to use in the first step of each portion of this exercise.
Was the logon successful? Question 9
Did this logon succeed, even though the global catalog server Questio is not available? n 10
Why does this logon attempt fail? Questio n 11 4 Planning, Implementing, and Maintaining Windows Server Active Directory Infrastructure Lab Manual
Project 4.3 Working with Flexible Single Master Operations Roles Overview Your manager tells you that the computer holding the schema operations master role must be replaced soon. She asks you to transfer that role to another server for a short period until a new domain controller can be put in place. Outcomes After completing this exercise, you will know how to: Transfer a FSMO role to another server. Completion time 15 minutes Precautions N/A
What FSMO roles are assigned to the odd-numbered Question computer? 12
What FSMO roles are assigned to the even-numbered Questio computer? n 13
LAB REVIEW QUESTIONS
Completion time 15 minutes 1. In your own words, describe what you learned by completing this lab.
2. You are the network administrator for an Active Directory domain that has five domain controllers. The domain functional level is set to Windows Server 2003. Only one domain controller is configured as a global catalog server. If that global catalog server fails, will it prevent users from logging onto the network?
3. How many FSMO roles would you find in an Active Directory forest that has one parent domain and two child domains? Global Catalog and Flexible Single Master Operations (FSMO) Roles 5
LAB USING THE DNS CONSOLE TO VERIFY GLOBAL CHALLENGE CATALOG RECORDS ON THE DNS SERVER 4.1 Overview Another administrator says he is having trouble resolving some issues with a global catalog server that he just removed from the network. He wants you to check on the global catalog servers that are registered with the DNS server. You decide to use the DNS console to check these records. Outcomes After completing this exercise, you will know how to: Verify DNS records for global catalog servers. Completion time 10 minutes Precautions N/A
LAB LOCATE FSMO ROLES USING DCDIAG CHALLENGE 4.2 Overview Your manager tells you that another administrator transferred various FSMO roles as an experiment. She asks you to verify which servers hold all of the FSMO roles. You want to use DCDiag to output the FSMO role holders to a file named FSMO.txt on the C:\ drive. Outcomes After completing this exercise, you will know how to: Use DCDiag to list the FSMO role holders. Completion time 10 minutes Precautions N/A
LAB Determining Whether an Attribute is Replicated in CHALLENGE the Global Catalog 4.3 Overview Your manager wants to know if the sIDHistory attribute is maintained in the global catalog server. Outcomes After completing this exercise, you will know how to: View the properties of an Active Directory attribute. Completion time 20 minutes Precautions To use the Active Directory Schema snap-in, you must register it by keying regsvr32 schmmgmt.dll at the command line.