1800-209-3006
[email protected]
Contact Us
Create cloud Account

ESDS Knowledge Base

01
Jul

What is FSMO? (Flexible Single Master Operation)

0

When we talk about Active Directory Domain Controllers , replication, user authentication and group policies comes to mind, but what really it does? Who is responsible for operating the same.

The person responsible for managing the infrastructure is called FSMO (Flexible Single Master Operation). There are five levels of operations.

Schema master – Forest

The Schema Master is responsible for the attributes, records and objects made by Active Directory, and one of the main functions is the schema. We can say that the user object will have attributes such as email address, phone, etc.. The Schema can be altered by extending the functionality of AD, many tools are an extension of Microsoft’s Schema, such as System Center Configuration Manager, Exchange, OCS, etc. Lync. It is unique across the forest for no inconsistencies.

Domain Naming Master – Forest

The Domain Naming Master role is responsible for identifying (naming) the entire forest area in this function, the forest and all domain that is added in this forest and generated by the same name is unique.

PDC Emulator – Domain

The PDC Emulator is responsible for handling changes to user accounts, such as lockouts “of accounts, trust relationships with other domains and the timing of clock and etc.. It is also responsible for emulating an NT 4.0 PDC to maintain compatibility with legacy servers and older clients.

RID Master – Domain

Any DC can create new objects such as users, groups, computer accounts. Each object has an identifier, known as SID. This identifier is constructed by using the SID of the area, and a relative ID (RID).

However, after creating objects 512, a DC need to contact the RID Master to get more RIDs. This prevents two different objects and have the same RID in the entire field, mitigating problems of inconsistencies in the field.

Infrastructure Master – Domain

This rule is often known only as “cosmetic” since its function is to make sure the “Display Name” of users in a group will be updated if this attribute is changed. It is more important in environments that have multiple domains, it will ensure that all groups that a user belongs to, will reflect the correct “Display Name”.

If you want know that the dedicated server has every feature of FSMO, just run the command netdom query fsmo

You can also view some FSMO graphically. Run the administrative console of the ADDS, and select Operations Masters

Note that, not all features are displayed in graphical mode, in the case of a migration to other servers, it will be necessary to use the ntdsutil.

Hope you enjoyed!

, , , , , ,

About Post Author

Leave a Reply