+
MOAC Active Directory 4

MOAC Active Directory 4

Rating:
Rating
(0)
Author: Jacob Sorem
Description:
  • Work with the Global Catalog, including troubleshooting tips
  • Enable Universal Group Membership Caching
  • Working with FSMO roles

In this lab we start by raising the Domain Function Level. You would only do this if you have removed all legacy domain controllers in your network.  Then we look at a couple of scenarios where the global catalog is not available.  Finally, we work on transferring FSMO roles from within command line.

(more)
See More
Try a College Course Free

Sophia’s self-paced online courses are a great way to save time and money as you earn credits eligible for transfer to over 2,000 colleges and universities.*

Begin Free Trial
No credit card required

25 Sophia partners guarantee credit transfer.

221 Institutions have accepted or given pre-approval for credit transfer.

* The American Council on Education's College Credit Recommendation Service (ACE Credit®) has evaluated and recommended college credit for 20 of Sophia’s online courses. More than 2,000 colleges and universities consider ACE CREDIT recommendations in determining the applicability to their course and degree programs.

Tutorial

Project 4.1 Parts A, B, and C

Even though I started with the domain function level at Windows Server 8, I show you how you would raise the domain and forest levels.

Project 4.1 Parts D, E, F, and G

Here we test a Global Catalog failure. This could be the result of poor communication between sites and the Global Catalog server or a failure of the Global Catalog Server. Fixing a Global Catalog failure could be as simple as enabling the global catalog on another server.

I will admit that I have not looked into why we can still log into the top Domain Controller with a domain account even if the Global Catalog is off. Theoretically, I don't think we can. My theory is that since it is the primary DC that holds all the AD information, that logging in still works. When I resolve this conflict within the lab, I will edit this entry.

Project 4.2

If logon issues persist because of communication issues with the bridgehead server, Universal Group Membership Caching can be a good solution. In this lab, we figure out how to do this. There are drawbacks to using this feature. Can you see them?

Project 4.3

FSMO roles are something you will only likely have to deal with if you run into a catastrophic failure. Since this is all accomplished in PowerShell, make sure you are exact in your commands. Spelling and syntax have to be exact! Also, be sure you are reading the directions carefully as well as paying attention to the outputs. There si a step late in the project that may not work correctly if you are not logged in with the correct account.