Which domain controller should you identify?

Your network contains an Active Directory forest. The forest contains a single domain named contoso.com. The domain contains four domain controllers.

The domain controllers are configured as shown in the following table.

All domain controllers are DNS servers.

You plan to deploy a new domain controller named DC5 in the contoso.com domain.

You need to identify which domain controller must be online to ensure that DC5 can be promoted successfully to a domain controller.

Which domain controller should you identify?
A . DC1
B . DC2
C . DC3
D . DC4

Answer: D

Explanation:

Relative ID (RID) Master:

Allocates active and standby RID pools to replica domain controllers in the same domain. (corp.contoso.com).

Must be online for newly promoted domain controllers to obtain a local RID pool that is required to advertise or when existing domain controllers have to update their current or standby RID pool allocation.

The RID master is responsible for processing RID pool requests from all domain controllers in a particular domain. When a DC creates a security principal object such as a user or group, it attaches a unique Security ID (SID) to the object. This SID consists of a domain SID (the same for all SIDs created in a domain), and a relative ID (RID) that is unique for each security principal SID created in a domain. Each DC in a domain is allocated a pool of RIDs that it is allowed to assign to the security principals it creates. When a DC’s allocated RID pool falls below a threshold, that DC issues a request for additional RIDs to the domain’s RID master. The domain RID master responds to the request by retrieving RIDs from the domain’s unallocated RID pool and assigns them to the pool of the requesting DC At any one time, there can be only one domain controller acting as the RID master in the domain.

The Infrastructure Master C The purpose of this role is to ensure that cross-domain object references are correctly handled. For example, if you add a user from one domain to a security group from a different domain, the Infrastructure Master makes sure this is done properly. As you can guess however, if your Active Directory deployment has only a single domain, then the Infrastructure Master role does no work at all, and even in a multi-domain environment it is rarely used except when complex user administration tasks are performed, so the machine holding this role doesn’t need to have much horsepower at all.

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments