Experimental background:
In a large enterprise, in order to better manage the human and material resources within the organization, you can deploy a multi-domain scenario based on the Active Directory, such as creating a subdomain or a domain tree. But it's just that all of the domain controllers are organized together for hierarchical management, and how is the reliability of each domain controller guaranteed? This requires adding additional domain controllers, and friends who have built a secondary domain controller know that the same domain controllers have equal status and are not as important as DNS and secondary DNS. As a result, there are problems: replication is required to ensure the consistency of the Active Directory database (Ntds.dit). Generic replication is multiple-host replication, but some changes are not appropriate for multiple-host replication, and therefore require a domain controller called the operations master to accept requests for such changes. At a more time, considering the reliability and security of the operations master, you need to move the operations master to a high performance domain controller.
Also, more often than not, we need to back up and restore the database of the Active Directory to ensure the security and reliability of the domain controller.
Experimental purposes:
1. Understand the role of 5 kinds of operations master in Forest
2, the use of graphical interface or command to transfer 5 operations master role
3, the actual Combat Activity Directory database maintenance (backup and restore (not authorized and authorized))
Experiment Network topology: