Skip to main content

ما هى ال FSMO Roles


بأختصار ال FSMO Roles هى اختصار ل Flexible Single Operation Master
و هى عباره عن 5 Roles فى ال Active Directory
و هما بينقسموا لقسمين

A - Forest Roles

1- Schema Master Role
و هى ال Role اللى بتتحكم فى ال schema و بيكون فى Schema Master Role
واحد فى ال Forest بيكون موجود على Domain Controller
و بيتم التحكم فيها من خلال ال Active Directory Schema Snap in in MMC
بس بعد ما يتعمل Schema Register بواسطه الامر التالى من ال Cmd
regsvr32 schmmgmt.dll

2-Domin Naming Master

و هى ال Role المسئوله عن تسميه ال Domains و بتتأكد ان مفيش 2 Domain
ليهم نفس الاسم فى ال Forest
و بيتم التحكم فيها من خلال ال Active Directory Domains & Trusts

B- Domain Roles

1-PDC Emulator
و هى ال Role اللى بتتحكم فى ال Password change فى ال domain
و بتتحكم فى ال time synchronization و هى تعتبر المكان الافتراضى
لل GPO's و هى تعتبر Domain Role مش زى الاتنين الاولانيين
و بيتم التحكم فيها من خلال ال Active directory Users & Computers
عن طريق عمل كليك يمين على اسم الدومين و نختار operations master
فى تاب ال PDC Emulator نعمل change

2-RID Master
و هى ال Role اللى بتضمن ان كل object فى ال Active Directory ليه unique identifier
و ال RID بيعتبر الجزء الثانى من ال SID بتاع ال object
و بيتم التحكم فيها زى ال PDC بس مع اختلاف اختيار تاب ال RID

3- Infrastructure Master
ال Role دى بتتحكم فى عمليه ال Group Mempership خصوصا لو كان فى User
Member of جروب موجود فى دومين تانيه
و بيتم التحكم فيها زى ال PDC بس مع اختلاف اختيار تاب ال Infrastrucure Master

فى ملاحظه بسيطه : يفضل ان ال Global Catalog يكون على DC منفصل عن
ال DC اللى عليه ال Infrastructure Master عشان ممكن تحصل مشاكل
لأن الاتنين تقريبا بيقوموا بنفس الوظيفه و هى ال Group Membership translation
فممكن يحصل conflict ما بين الاتنين و تحصل مشاكل فيفضل الفصل ما بين الاتنين
الا لو كان فى DC واحد بس فى الدومين فحيبقى الاتنين مع بعض


Popular posts from this blog

Recreating a missing VMFS datastore partition in VMware vSphere 5.x and 6.x

    Symptoms A datastore has become inaccessible. A VMFS partition table is missing.   Purpose The partition table is required only during a rescan. This means that the datastore may become inaccessible on a host during a rescan if the VMFS partition was deleted after the last rescan. The partition table is physically located on the LUN, so all vSphere hosts that have access to this LUN can see the change has taken place. However, only the hosts that do a rescan will be affected.   This article provides information on: Determining whether this is the same problem Resolving the problem   Cause This issue occurs because the VMFS partition can be deleted by deleting the datastore from the vSphere Client. This is prevented by the software, if the datastore is in use. It can also happen if a physical server has access to the LUN on the SAN and does an install, for example.   Resolution To resolve this issue: Run the  partedUtil  command on the host with the issues and verify if your output

Unlock the VMware VM vmdk file

  Unlock the VMware VM vmdk file Kill -9 PID Sometimes a file or set of files in a VMFS become locked and any attempts to edit them or delete will give a device or resource busy error, even though the vm associated with the files is not running. If the vm is running then you would need to stop the vm to manipulate the files. If you know that the vm is stopped then you need to find the ESX server that has the files locked and then stop the process that is locking the file(s). 1. Logon to the ESX host where the VM was last known to be running. 2.  vmkfstools -D /vmfs/volumes/path/to/file  to dump information on the file into /var/log/vmkernel 3.  less /var/log/vmkernel  and scroll to the bottom, you will see output like below: a. Nov 29 15:49:17 vm22 vmkernel: 2:00:15:18.435 cpu6:1038)FS3: 130: <START vmware-16.log> b. Nov 29 15:49:17 vm22 vmkernel: 2:00:15:18.435 cpu6:1038)Lock [type 10c00001 offset 30439424 v 21, hb offset 4154368 c. Nov 29 15:49:17 vm22 vmkernel: gen 664