1. Categories >> Software >> Operating Systems >> Windows >> Windows AllOther
  2. Suggest New Category

What are FSMO Roles? List them

Question Posted / pradeep kumar

Answer Posted / pradeep kumar

FSMO - Stands for Flexible Single Master Operation.


The purpose of this FSMO is to avoid the conflicts through
out the forest . Conflicts will be like domain names,
Objects, Fields ..etc.

Usually FSMO broadly divided into 5 Roles.

1. Schma Master Role
2. Domain Naming Master Role

3. RID - Relative Identifier.
4. PDC Emulator.
5. Infrastructure.

You can easily differentiate the first one and two will be
Forest wide and the rest 3,4 and 5 will be domain wide.

Schma Master :- Operations that involve expanding user
properties e.g. Exchange 2003 / forestprep which adds
mailbox properties to users. Rather like the Domain naming
master, changing the schema is a rare event. However if you
have a team of Schema Administrators all experimenting with
object properties, you would not want there to be a mistake
which crippled your forest. So its a case of Microsoft know
best, the Schema Master should be a Single Master Operation
and thus a FSMO role.

Domain Naming Master - Ensures that each child domain has a
unique name. How often do child domains get added to the
forest? Not very often I suggest, so the fact that this is
a FSMO does not impact on normal domain activity. My point
is it's worth the price to confine joining and leaving the
domain operations to one machine, and save the tiny risk of
getting duplicate names or orphaned domains.

# PDC Emulator - Most famous for backwards compatibility
with NT 4.0 BDC's. However, there are two other FSMO roles
which operate even in Windows 2003 Native Domains,
synchronizing the W32Time service and creating group
policies. I admit that it is confusing that these two jobs
have little to do with PDCs and BDCs.

RID Master - Each object must have a globally unique number
(GUID). The RID master makes sure each domain controller
issues unique numbers when you create objects such as users
or computers. For example DC one is given RIDs 1-4999 and
DC two is given RIDs 5000 - 9999.
Infrastructure Master - Responsible for checking objects in
other other domains. Universal group membership is the most
important example. To me, it seems as though the operating
system is paranoid that, a) You are a member of a Universal
Group in another domain and b) that group has been assigned
Deny permissions. So if the Infrastructure master could not
check your Universal Groups there could be a security breach.

Is This Answer Correct ?    32 Yes 7 No



Post New Answer       View All Answers


Please Help Members By Posting Answers For Below Questions

What is a system 32 error?

557

How do I fix a hard drive error?

613

Can I use ssd for storage?

608

Which is the best hard drive to buy?

555

Can dll files be edited?

622




How much faster is a ssd than a hdd?

629

What are the two parts of a file path?

546

Is it possible to get source code from exe file?

576

How do you compare documents?

639

What are setup files?

557

What are the different windows accessories?

624

Why do we get internal server error?

592

How do I run a command prompt as administrator?

586

how to take a backup of adc

2684

Is it ok to disable all startup programs?

564