Shulou(Shulou.com)06/02 Report--

1. Operating host migration and snatch commands-Ntdsutil

Ntdsutil

Roles

Connections

Connect to server hostname

Quit

Migration uses Transfer

Snatch using Seize

The migration steps are shown below:

two。 There are five types of operating hosts in the active Directory architecture:

Architecture host [forest scope]

Domain naming host [forest scope]

PDC simulator [domain scope]

RID host [domain scope]

Infrastructure host [domain scope]

[forest range]-there is only one token owned by DC in the whole forest

[domain scope]-there is only one token owned by DC in the entire domain

A: architecture host-mainly responsible for updating the architecture-add, modify and delete attributes

If you want to update the schema, you need to meet two conditions:

  1) has Scheman Admins group permissions

  2) DC that can contact the architecture host

B: domain naming host-primarily responsible for the addition and deletion of domains

For example, you need to create a subdomain, which involves domain naming hosts

Permissions required for the operation:

  1) has permissions for the Enterprise Admins group

  2) can contact the DC of the domain naming host

C:PDC simulator-support old clients, responsible for time synchronization of the entire domain, collection and distribution of group policies

D:RID host-distribute RID, to ensure the uniqueness of SID-(RID is the last part of SID)

E: infrastructure host-for GC services. The GC database contains all the objects in the entire forest

The infrastructure host in the current domain provides GC with the objects in the current domain.

3. How do I see which DC the tokens of these five operating hosts are on?

  Netdom query fsmo

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.