[Samba] samba4 replication issues | sam.ldb inconsistency
Achim Gottinger
achim at ag-web.biz
Wed Jul 9 08:56:37 MDT 2014
Am 09.07.2014 14:54, schrieb L.P.H. van Belle:
> FSMO Roles are not "just" a setting..
>
> This is a most importent part..
> You can set different FSMO Roles on different DC's ist not just for 1 server.
>
> You have 5 FSMO roles.
>
> Schema master FSMO role holder is the DC responsible for performing updates to the directory schema
>
> Domain naming master role holder is the DC responsible for making changes to the forest-wide domain name space of the directory
>
> RID master FSMO role holder is the single DC responsible for processing RID Pool requests from all DCs within a given domain. It is also responsible for removing an object from its domain and putting it in another domain during an object move.
>
> PDC emulator is necessary to synchronize time in an enterprise. Windows includes the W32Time (Windows Time) time service that is required by the Kerberos authentication protocol.
> it also handles : Password changes, Account lockouts are processed by PDC
> and the PDC performas the functions that a MS NT4.0 Bases PDC did.
>
> Infrastructure master should be held by a domain controller that is not a Global Catalog server(GC).
> ( which is almost never the case )
>
> above is mostly a copy of :
> http://support.microsoft.com/kb/197132
>
>
> Louis
>
>
What i meant was that the branches with fsmo related information get
replicated accross all addc's. So in case you transfer an role the
branches do not need to get transfered it's just an setting in the ldap
tree which changes.
More information about the samba
mailing list