词条 | Flexible single master operation |
释义 |
Flexible Single Master Operations (FSMO, F is sometimes floating ; pronounced Fiz-mo), or just single master operation or operations master, is a feature of Microsoft's Active Directory (AD).[1] As of 2005, the term FSMO has been deprecated in favour of operations masters.{{cn|date=May 2018}} FSMO is a specialized domain controller (DC) set of tasks, used where standard data transfer and update methods are inadequate. AD normally relies on multiple peer DCs, each with a copy of the AD database, being synchronized by multi-master replication. The tasks which are not suited to multi-master replication and are viable only with a single-master database are the FSMOs.[2] FSMO rolesPer-domain rolesThese roles are applicable at the domain level (i.e., there is one of each for every domain in a forest):
per-forest rolesThese roles are unique at the forest level (both are located in the forest root domain):
Moving FSMO roles between domain controllersBy default AD assigns all operations master roles to the first DC created in a forest. To provide fault tolerance, there should be multiple domain controllers available within each domain of the Forest. If new domains are created in the forest, the first DC in a new domain holds all of the domain-wide FSMO roles. This is not a satisfactory position if the domain has a large number of domain controllers. Microsoft recommends the careful division of FSMO roles, with standby DCs ready to take over each role. The PDC emulator and the RID master should be on the same DC, if possible. The Schema Master and Domain Naming Master should also be on the same DC. When a FSMO role is transferred to a different DC, the original FSMO holder and the new FSMO holder communicate to ensure no data is lost during the transfer. If the original FSMO holder experienced an unrecoverable failure, another DC can be made to seize the lost roles; however, there is a risk of data loss because of the lack of communications. Seizing roles from a domain controller instead of transferring it prevents that domain controller from hosting that FSMO role again, except for the PDC Emulator and Infrastructure Master Operation roles. Corruption can occur within Active Directory. FSMO roles can be easily moved between DCs using the AD snap-ins to the MMC or using FSMO Roles and Global CatalogCertain FSMO roles depend on the DC being a Global Catalog (GC) server as well. When a Forest is initially created, the first Domain Controller is a Global Catalog server by default. The Global Catalog provides several functions. The GC stores object data information, manages queries of these data objects and their attributes as well as provides data to allow network logon. Often all domain controllers are also global catalog servers. If this is not the case, the Infrastructure Master role must not be housed on a domain controller which also houses a copy of the global catalog in a multi-domain forest, as the combination of these two roles on the same host will cause unexpected (and potentially damaging) behaviour in a multi-domain environment.[7][8] However, The Domain Naming Master role should be housed on a DC which is also a GC. References1. ^{{cite web|url=http://www.petri.co.il/understanding_fsmo_roles_in_ad.htm|title=Understanding FSMO Roles in Active Directory - Petri|date=8 January 2009|work=petri.co.il|accessdate=22 July 2016}} 2. ^ {{cite web | title = Windows 2000 Active Directory FSMO roles | url = http://support.microsoft.com/kb/197132/en-us | publisher = Microsoft Corporation | date = 2007-02-23 | quote = To prevent conflicting updates in Windows 2000, the Active Directory performs updates to certain objects in a single-master fashion. [...] Because an Active Directory role is not bound to a single DC, it is referred to as a Flexible Single Master Operation (FSMO) role. }} 3. ^{{cite web|url=http://social.technet.microsoft.com/wiki/contents/articles/8863.time-service-configuration-on-dc-with-pdc-emulator-fsmo-role.aspx|title=Time Service Configuration on DC with PDC Emulator FSMO Role - TechNet Articles - United States (English) - TechNet Wiki|work=microsoft.com|accessdate=22 July 2016}} 4. ^{{cite web|url=https://msdn.microsoft.com/en-us/library/cc223752.aspx|title=[MS-ADTS]: PDC Emulator FSMO Role|work=microsoft.com|accessdate=22 July 2016}} 5. ^[https://social.technet.microsoft.com/Forums/windows/en-US/b77a7e5c-590e-4d23-a9cb-8c4c0f403baf/forestdnszones-and-domaindnszones-have-wrong-infrastructure-role-record?forum=winserverDS TechNet: ForestDNSZones and DomainDNSZones have wrong infrastructure role record] 6. ^{{Cite web|url=http://support.microsoft.com/kb/255504|title=Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller|last=|first=|date=|website=support.microsoft.com|publisher=|language=|archive-url=|archive-date=|dead-url=|access-date=2017-01-18}} 7. ^{{Cite web|url=https://support.microsoft.com/kb/248047|title=Phantoms, tombstones and the infrastructure master|last=|first=|date=|website=support.microsoft.com|publisher=|language=|archive-url=|archive-date=|dead-url=|access-date=2017-01-18}} 8. ^{{Cite web|url=https://support.microsoft.com/en-us/kb/223346|title=FSMO placement and optimization on Active Directory domain controllers|last=|first=|date=|website=support.microsoft.com|publisher=|language=|archive-url=|archive-date=|dead-url=|access-date=2017-01-18}} External links
2 : Active Directory|Microsoft server technology |
随便看 |
|
开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。