Module 8: Implementing the Placement of Domain Controllers.
-
Upload
charles-page -
Category
Documents
-
view
231 -
download
0
Transcript of Module 8: Implementing the Placement of Domain Controllers.
![Page 1: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/1.jpg)
Module 8: Implementing the Placement of Domain
Controllers
![Page 2: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/2.jpg)
Overview
Implementing the Global Catalog in Active Directory
Determining the Placement of Domain Controllers in Active Directory
Planning the Placement of Domain Controllers
![Page 3: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/3.jpg)
Lesson: Implementing the Global Catalog in Active Directory
Review of a Global Catalog Server
How to Enable a Global Catalog Server
When to Customize a Global Catalog Server
How to Customize a Global Catalog Server
What Is Universal Group Membership Caching?
Multimedia: The Role of Universal Groups in the Logon Process
How to Enable Universal Group Membership Caching for a Site
![Page 4: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/4.jpg)
Review of a Global Catalog Server
Domain
Domain
DomainDomainDomain
Domain Domain
Global Catalog ServerGlobal Catalog Server
Global CatalogGlobal Catalog
ResultResult
QueryQuery
![Page 5: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/5.jpg)
How to Enable a Global Catalog Server
Your instructor will demonstrate how to enable a global catalog server by using Active Directory Sites and Services
Your instructor will demonstrate how to enable a global catalog server by using Active Directory Sites and Services
![Page 6: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/6.jpg)
When to Customize a Global Catalog Server
firstNamelastNameemail addressaccountExpiresdistinguishedName
firstNamelastNameemail addressaccountExpiresdistinguishedName
Common AttributesCommon Attributes
Global Catalog ServerGlobal Catalog Server
Create additionalattributes
Create additionalattributes
Add only the additional attributes that you query or refer to frequently Add only the additional attributes that you query or refer to frequently
departmentfirstNamelastNameemail addressaccountExpiresdistinguishedName
departmentfirstNamelastNameemail addressaccountExpiresdistinguishedName
Changed AttributesChanged Attributes
![Page 7: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/7.jpg)
How to Customize a Global Catalog Server
Your instructor will demonstrate how to customize a global catalog server by using Active Directory SchemaYour instructor will demonstrate how to customize a global catalog server by using Active Directory Schema
![Page 8: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/8.jpg)
What Is Universal Group Membership Caching?
At first logon, the local domain controller requests
information from the global catalog server
At first logon, the local domain controller requests
information from the global catalog server
After the first logon, the local domain controller uses the cached
copy of the universal group membership
After the first logon, the local domain controller uses the cached
copy of the universal group membership Small Site
Universal GroupsUniversal Groups
Large Site
User’s Cached Universal GroupUser’s Cached
Universal Group
![Page 9: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/9.jpg)
Multimedia: The Role of Universal Groups in the Logon Process
This presentation describes the logon process in three situations:
With the global catalog availableWith the global catalog available
Without the global catalog availableWithout the global catalog available
With universal group membership caching enabled
With universal group membership caching enabled
![Page 10: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/10.jpg)
How to Enable Universal Group Membership Caching for a Site
Your instructor will demonstrate how to enable universal group membership caching by using Active Directory Sites and Services
Your instructor will demonstrate how to enable universal group membership caching by using Active Directory Sites and Services
![Page 11: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/11.jpg)
Practice: Implementing the Global Catalog in Active Directory
In this practice, you will enable a global catalog server
![Page 12: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/12.jpg)
Lesson: Determining the Placement of Domain Controllers in Active Directory
What Is Active Directory Sizer?
Parameters for Active Directory Sizer
How to Use Active Directory Sizer
![Page 13: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/13.jpg)
What Is Active Directory Sizer?
CPU Requirement
CPU Requirement
Network RequirementNetwork Requirement
Hard Disk RequirementHard Disk Requirement
Active Directory SizerActive Directory Sizer
Memory RequirementMemory RequirementNumber of Domain
ControllersNumber of Domain
Controllers
Global Catalog Database SizeGlobal Catalog Database Size
Domain Database SizeDomain Database Size
Number of Global Catalog Servers
Number of Global Catalog Servers
Intersite Replication Bandwidth
Intersite Replication Bandwidth
Active Directory Sizer provides estimates for:Active Directory Sizer provides estimates for:
![Page 14: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/14.jpg)
Parameters for Active Directory Sizer
Users concurrently active during a peak hour Number of groups that a user belongs to Logon rate per second during a peak hour CPU utilization limit Administrative requirements DNS requirements
Users concurrently active during a peak hour Number of groups that a user belongs to Logon rate per second during a peak hour CPU utilization limit Administrative requirements DNS requirements
Example ParametersExample Parameters
AdministratorAdministrator
Active Directory SizerActive Directory Sizer
Output ReportOutput Report
![Page 15: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/15.jpg)
How to Use Active Directory Sizer
Your instructor will demonstrate how to:Your instructor will demonstrate how to:
Use Active Directory Sizer
Examine the output of Active Directory Sizer
Use Active Directory Sizer
Examine the output of Active Directory Sizer
![Page 16: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/16.jpg)
Practice: Determining the Placement of Domain Controllers in Active Directory
In this practice, you will determine the placement of domain controllers by using Active Directory Sizer
![Page 17: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/17.jpg)
Lesson: Planning the Placement of Domain Controllers
Guidelines for Placing Domain Controllers
Guidelines for Placing Global Catalog Servers
Guidelines for Enabling Universal Group Membership Caching
Guidelines for Placing Active Directory Integrated DNS Servers
![Page 18: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/18.jpg)
Guidelines for Placing Domain Controllers
Place a domain controller based on:Number of users
Site-aware applications
Server resources
Place a domain controller based on:Number of users
Site-aware applications
Server resources
Do not place a domain controller that has: Inadequate physical security
Poor computer maintenance
Do not place a domain controller that has: Inadequate physical security
Poor computer maintenance
Determine the number of domain controllers based on: Number of users
Performance characteristics
Determine the number of domain controllers based on: Number of users
Performance characteristics
![Page 19: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/19.jpg)
Guidelines for Placing Global Catalog Servers
Ensure that a global catalog server has enough disk spaceEnsure that a global catalog server has enough disk space
Ensure that a global catalog server can respond to queries immediately Ensure that a global catalog server can respond to queries immediately
Provide enough WAN bandwidthProvide enough WAN bandwidth
Make all domain controllers global catalog serversMake all domain controllers global catalog servers
Provide redundant global catalog servers Provide redundant global catalog servers
![Page 20: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/20.jpg)
Guidelines for Enabling Universal Group Membership Caching
Enable if sites meet specific conditionsEnable if sites meet specific conditions
Consider alternatives firstConsider alternatives first
Do not enable if lost connectivity would affect network resourcesDo not enable if lost connectivity would affect network resources
![Page 21: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/21.jpg)
Guidelines for Placing Active Directory Integrated DNS Servers
Place at least one DNS server in every site Place at least one DNS server in every site
Use an Active Directory integrated DNS that uses an application partitionUse an Active Directory integrated DNS that uses an application partition
Use a local DNS if an Active Directory integrated DNS is in use Use a local DNS if an Active Directory integrated DNS is in use
Configure domain controllers with IP addresses for at least two DNS serversConfigure domain controllers with IP addresses for at least two DNS servers
![Page 22: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/22.jpg)
Multimedia Practice: Placing Domain Controllers
Universal Group CachingUniversal Group Caching
Global Catalog (GC)Global Catalog (GC)
AD integrated DNS (DNS)AD integrated DNS (DNS)
Domain Controller (DC)Domain Controller (DC)
In this practice, you will plan the placement of domain controllers
DCDC
DNSDNS
GCGC
DCDC
DNSDNS
Redmond
Denver Vancouver
T1 128Kbps
![Page 23: Module 8: Implementing the Placement of Domain Controllers.](https://reader031.fdocuments.in/reader031/viewer/2022033105/56649eca5503460f94bd911d/html5/thumbnails/23.jpg)
Lab A: Implementing the Placement of Domain Controllers
Determining the Placement of Domain Controllers Using Active Directory Sizer
Enabling Universal Group Membership Caching