FSMO Role Basics
Domain FSMO Roles
Forest Level FSMO Roles
Scenarios
100

Which Two FSMO roles are forest level

Schema, Domain Naming

100

What is the default length of a kerberos Ticket?

10 hours

100

when can there ever be two domain names that are the same? (or can there be...?)

NO

100

Your time is not set correctly? what should you check

group discussion

200

What are the three Domain level

Infrastructure, Rid Master, PDC Emulator 

200

What is the time Difference between kerberos tickets that will still allow authentication?

-lt 5 Mins 

200

if you want a newer Microsoft technology incorporated in your domain, what will you have to do at the forest level? 

Extend the Schema

200

You are not able to join a machine to the domain how odd.. What do you think it could be?

group discussion

300

This is the pool needed to allocated to new objects?

RID Pool

300

The Rid makes up the second part of this 

Global Unique Identified GUID

300

Which device or server at the forest level reaches out to get time if NT5DS is configured?

root level PDC E
300

you get a call from one of our Hubs. They have had a power-outage and now cannot power up their stacks. Also they have the FSMO role Holders? What should you do?

Group Discuss

400

What is the Query for finding the FSMO Roles

Netdom query FSMO

400

What does the trees sit inside of?

The forest

400

If a new domain controller is being built, and it is the first server for the domain which FSMO role does it reach out too?

Domain Naming Master

400

You see that Kerberos Authentication is failing at multiple sites. When you run a "klist" in Powershell it is determined there is a time mismatch. What could cause this? what would we want to check?

group Discuss

500

This is the Model that made FSMO roles come about?

Multi-master model

500

what is the name of the list of attributes held on global catalogs 

Partial Attribute list 

500

If you are on a child domain and you transfer or seize FSMO roles does it move the forest level roles as well?

No

500

you are a Enterprise Admin for a bank. the bank has a paretn company greedybastards.com. they have two child domains westealhouses.greedybastards.com and westealfarms.greedybastards.com. you notice time is off on all domains and is causing havoc in both branches. what do you do?

NTP/NT5DS group Discuss

M
e
n
u