FSMO Roles

FSMO Roles: FSMO roles is a feature in Active Directory

FSMO roles is dependent on Replication.

Flexible single master operation is a method active directory method for replication active directory tasks.

Microsoft introduced flexible single master operation (FSMO) roles in 2003.

Introduced because if Primary DC is down no changes could be made until it will up again.

Once we have install active directory it’s automatic available to Active directory.

FSMO roles give the confidence that Active directory working perfectly

FSMO having 5 Roles:

1: SCHEMA Master.

2: Domain Naming.

3: PDC Emulator.

4: RID Master.

5: Infrastructure Master.

Note: Before starting it need to understand Replication.

Replication type:

a. intrasite replication

b. intersite replication

a. intrasite replication –it’s replicate 24*7 – its also called as live replicate

b. intersite replication — replication between domain to domain call as intersite replication – replicate time between 1 tree to another tree is 180 Minutes.

        intersite replication taking maxmix 180 Minutes to replicate between each other.

Fsmo role: divided into two categories:

1. forest wide fsmo roles

        a)   schema master – perform the Read write copy  and user login operations  of active directory ,Managing attributes, its try to avoids conflict between trust domain users

             Example: if we create same user 2 both domain and tree it will automatic delete 1 user from domain between 180 Minutes.

        b)   Domain Naming – responsible to take care of not to create any same name domain and child domain, managing domain creating modification or deletion.

2. Domain wide fsmo roles

        a) PDC Emulator – if password changed it will replicate to pdc – Password Authentication/Failure control by PDC Emulator.

            /Authentication failure / PDC Primary Domain Controller (pdc) –

            it’s a time synchronize technique  – basically PDC Emulator use to manage time synchronization to all forest domain.

        b) RID Pool: maintains the global RID space for an entire domain. CN=RID Manager$,CN=System,DC=domain_name.

           RID Master allocate unique users groups and objects and etc. if RID is not running we cannot create a user or group in DC.

        c) Infrastructure Master: Help to replication user in Infrastructure , help to control the communication between domain and child domain,

           Infrastructure resolved the Access control Lists between domain and sub domains.

Leave a Reply

Your email address will not be published. Required fields are marked *