Distributed Networks Distributed Networks

Physical Structure  «Prev  Next»
Lesson 7 Operations masters
Objective Define operations masters.

AD operations master

An Operations master is a domain controller that has been assigned one or more special roles in an Active Directory domain.
Because there is no primary domain controller (PDC) in Windows 2000, operations masters fill the various roles performed by the PDC in NT 4.0 networks.
Because changes to the directory database can be made simultaneously at multiple domain controllers, operations masters are needed for operations that have consequences for the whole domain (like deleting a domain or changing the schema).
The operations master provides a lockout mechanism to ensure that changes get propagated properly. So if you want to make a change to the schema, for instance, you must do so from the schema master (or the domain controller you're using must request permission from the schema master).
The domain controllers that are assigned these roles, perform single-master operations. These operations are not permitted to occur simultaneously on different controllers on the network. This is to avoid changes being made out of order, which would result in incorrect updates on some of the domain controllers.

Rules for the operations master roles

There are three rules governing the operations master roles:

Role Description
Roles are Proprietary The domain controller that controls the particular operation owns the operations master role for that operation.
Transferable Ownership of these operations master roles can be transferred to other domain controllers.
Exclusive However, only one domain controller can own an operations master role at one time.

The five operations master roles

Every Active Directory forest must have domain controllers that fulfill each of the five operations master roles. This does not mean every forest must have five separate domain controllers. The same domain controller can fill more than one role at a time. The roles are:
  1. Schema master
  2. Domain naming master
  3. Relative identifier (RID) master
  4. PDC emulator
  5. Infrastructure master
View Table
Click the View Table link above code to see a table that discusses each of these master roles in more detail.

Transferring and seizing single master operations roles

When you add additional domain controllers to a domain, you can transfer the single master operations roles from the original domain controller to other domain controllers.
In addition, when you need to take a domain controller that holds a single master operations role offline, you should transfer its single master operations role to another domain controller so that the single master services continue uninterrupted.
You may also seize single master operation roles. If a domain controller that holds a single master operations role becomes unavailable and cannot be brought back online within an acceptable amount of time, you must seize that single master operations role with another domain controller.
Seizing the role of the RID master, domain naming master, or schema master is a drastic step that should be considered only if the current operations master will never be available again.
The Slide Show below will show you how to implement both of these processes.

Domain naming master
Active Directory Domains and Trusts
Schema master
Active Directory Schema
RID master
Active Directory Users and Computers
PDC emulator
Active Directory Users and Computers
Infrastructure master
Active Directory Users and Computers     

Transferring Seizing Operations Roles
The next lesson wraps up this module.

Active Directory Operations

Click the Exercise link below to complete the matching exercise.
Active Directory Operations