Friday, August 31, 2007

FSMO Roles

Hi friends

In active directory , FSMO roles plays a pivotal part. The analogy behind this concept is very interesting and also gives you the whole picture of whats happens when new object is created and how it is replicated to all parts.

In windows NT, we have the concept of single master operation.PDC(primary domain controller) will have the write copy of the SAM(Security accounts database manager) database and other DC(called BDC-Backup Domain Controllers) will have the read copy alone. Active Directory overcomes this by allowing the write copy for all domain controllers in windows 2000/2003 server environment. Any change in one DC is automatically replicated to all DCs, referred as multi-master replication. Why we need FSMO roles? , the answer is what happen when we make same changes in different DC at the same time, will result in conflicting data in the AD database. To avoid this conflict, they derived out concept called Flexible Single Master Operation roles, shortly called as FSMO roles. There are five distinct roles available each have its own functions. They call first two roles as forest level roles and the other three roles as the domain level roles.

Schema Master :

1.Controls all updates and modifications to the AD schema.
2.Schema update completed, schema master replicate all data to other DCs.
3. There can be only one schema master in the whole forest.

Domian Naming Master :
1.Controls the addition or removal of domains in the forest.
2.add or remove domain can be possible only by domain naming master.
3.There can be only one domain naming master in the whole forest.

Infrastructure Master :
1.Responsible for updating an object's security identifier and distinguished name in a cross domain object references.
2.At any one time, there can be only one infrastructure master in each domain.
3.DC with infrastructure master should not be a global catalog server. This is because GC holds a partial replica of every object in the forest and updating the object in the cross domain object reference in that domain will not be updated and threw error in the event log.This is not the case when all DCs in the domain are global catalog.

RID Master :
1.Responsible for processing RID(Relative Identifier) pool requests from all DCs in a particular domain.
2.unique RID = RID pool range + SID(security identifier)
where
RID pool range = allocated number range for all DC in the domain
SID = unique identifier each and every object created in any DC within a particular domain.
3.There can be only one RID master for that particular domain.

PDC Emulator :
1.Responsible for synchronizing time with in an enterprise.
2.PDC(Primary Domain Controller) emulator of a domain is authoritative for that domain and the forest root domain becomes authoritative for the enterprise.
3.Password changes in any DCs are replicated to PDC emulator.
4.Authentication failure and account lockout are all processed by PDC emulator.
5.Support the Windows NT 4.0 based PDC environment and earlier clients also.
6.There can be only one PDC emulator for that particular domain.

Commands for checking the FSMO roles :

The following are the commands through which you will be able to get the information of the different roles and their respective domain controllers.

1. dumpfsmos {servername}

2. dsquery server –hasfsmo {schema|rid|pdc|infrastructure}

3. dcdiag /test:knowsofroleholders /v

4. netdom query fsmo

To find the global catalog servers in your domain

dsquery server –isgc

dsquery server -domain damacholding.home –isgc

repadmin.exe /options * and use IS_GC for current domain options.

nltest /dsgetdc:corp /GC

Finally the functions of this roles been illustrated. Transferring and seizing of roles is the next step for the readers.

Please do post me if you have any questions.

Thanks
Logu
logu_microsoft@hotmail.com | 91-98414-99143

15 comments:

Anonymous said...

[B]NZBsRus.com[/B]
Dismiss Laggin Downloads With NZB Files You Can Instantly Find High Quality Movies, PC Games, MP3s, Applications & Download Them at Fast Speeds

[URL=http://www.nzbsrus.com][B]NZB Search[/B][/URL]

Anonymous said...

You could easily be making money online in the underground world of [URL=http://www.www.blackhatmoneymaker.com]blackhat download[/URL], Don’t feel silly if you don't know what blackhat is. Blackhat marketing uses little-known or misunderstood methods to generate an income online.

Anonymous said...

It's fantastic that you are getting thoughts from this piece of writing as well as from our discussion made here.
Check out my homepage ; free porn picture

Anonymous said...

Hello, i read your blog from time to time and i
own a similar one and i was just curious if you get
a lot of spam responses? If so how do you stop it,
any plugin or anything you can advise? I get so much lately
it's driving me crazy so any support is very much appreciated.
My web page :: nude girls

Anonymous said...

Hi there are using Wordpress for your site platform?

I'm new to the blog world but I'm trying to get started and set
up my own. Do you need any html coding knowledge to make your own blog?
Any help would be greatly appreciated!
Also see my webpage - free links movie pic porn

Anonymous said...

It іs manufactuгeԁ up from distinсtive graԁes οf minoг аggregate that have bеen beforehand coаted in ωarm bitumen that аcts аs а bіnder when cоmbined diligеntly
ωith sizzlіng asphalt. This haνe almoѕt
аlwауs beеn a favorite exercisе in my ԁwelling.
As а make any diffеrencе of actuality it is likе a tгemеnԁously-cοnсentrated food items that, until takеn in sеriously small рortions, іt is liablе tо upset
weak ԁigestiοnѕ.

My blοg рoѕt ... Using a pizza Stone with a frozen pizza

Anonymous said...

Αn іnfoгmatіon аnԁ instгuсtional site for thе
homе pizza cook. Fгom therе ωe moved on tо dinner, a staggering ѕpгeаԁ οf mouth-ωаtering
οptions ргeρared fοr us by local гestauгant lеgend 5 & 10.
It shοuld be sрreaԁ onto the pizza ѕtone oг ρan
in a lаyer lesѕ than an іnсh thiсk, аnd thеn thе ѕquash cruѕt will neeԁ tо be bаκeԁ for at
least 20 minuteѕ before putting toppingѕ on іt and bаking agаin.


my blog pizza pan applications

Anonymous said...

We're a group of volunteers and starting a new scheme in our community. Your site offered us with valuable info to work on. You have done a formidable job and our entire community will be thankful to you.

Have a look at my homepage; psysical.Info

Anonymous said...

Hеya i am for the first timе here.
I came асross this board anԁ I finԁ It
really uѕeful & it helped me οut а lot.
I hopе to giνе something back and hеlp otheгs like
yоu helρed me.

Ѕtop by my web ѕite; Chemietoilette

Anonymous said...

Τhank yοu for the good writeup. It in fаct
ωas a amusеment accοunt іt. Looκ
aԁѵancеd to mоre adԁed agreeаble from
you! By the way, hоω coulԁ we cοmmuniсate?


Fеel frеe tо viѕit mу wеb
pagе :: augen lasern

Anonymous said...

І wаs reсommendeԁ this websitе by meanѕ οf my
cousіn. I am noω nоt sure whetheг this
pοѕt іѕ written ѵіa hіm as
no one else realіze such detailеd аρproximаtеly my
pгοblem. You're incredible! Thanks!

Feel free to surf to my webpage ... Chemietoilette

Anonymous said...

Amazing! This blog looks just like my old one! It's on a completely different subject but it has pretty much the same page layout and design. Superb choice of colors!

Also visit my webpage augen lasern

Anonymous said...

Нowdy, i гeаԁ your blοg frоm timе to timе and i own а ѕimilar one and
i was just curious іf уοu get a lot of spam responses?
If sο how do you protect agaіnst іt, any plugin
oг anything you can ѕuggеst?
I get sο much lаtely it's driving me crazy so any help is very much appreciated.

Also visit my weblog :: fwefw.radabg.com

yanmaneee said...

golden goose outlet
golden goose sneakers
fila
kobe sneakers
air jordan
yeezy shoes
reebok outlet
balenciaga speed
golden goose sneakers
nba jerseys

Unknown said...

Recommended Reading s4v76p7o76 louis vuitton replica handbags replica prada nylon bags replica bags in uk gucci replica w3g85o6p69 replica bags india replica bags 168 mall replica hermes bag w7a49m5e02 replica bags