Locate your FSMO Role Servers

KB ID 0000221

Problem

You would like to know which servers are holding which roles. To move your FSMO Servers CLICK HERE

Solution

FSMO Servers

There are five FSMO (Flexible Single Master Operations) Roles that need to Exist in a Windows AD Forest.

  • PDC Emulator (One per domain)
  • RID Master (One per domain)
  • Schema Master (One per forest)
  • Domain Naming Master (One per forest)
  • Infrastructure Master (One per domain)

But I’ve Googled it, and it says there are Seven FSMO Roles?

To save arguments there are two further roles;

  • Domain DNS Zone Master role (One per domain)
  • Forest DNS Zone Master role (One per forest)

These two roles are not well documented, and there is no way to display or transfer them, (without using ADSIEdit.)

Locate FSMO Servers via Command

Option 1: PowerShell

Use the following commands;

Get-ADDomain | Select-Object DistinguishedName, SchemaMaster, DomainNamingMaster, InfrastructureMaster, PDCEmulator, RIDMaster

Get-ADForest | Select-Object Name,SchemaMaster, DomainNamingMaster, InfrastructureMaster, PDCEmulator, RIDMaster

Locate Forest FSMO PowerShell Locate Domain FSMO PowerShell

Option 2: Command Line

1. Start > Run cmd {enter}

2. Execute the following command. (Note: Older versions of Windows servers will need the support tools installing to run the netdom command).

In a Forest;

netdom query /domain:YOURDOMAINNAME fsmo

In a Single Domain;

netdom query fsmo

locate fsmo servers

Locate FSMO Servers Graphically

To View RID MASTER, PDC EMULATOR and INFRASTRUCTURE MASTER

1. Go to a domain controller.

2. Start > run > dsa.msc {enter}

3. Right click domain name > Operations masters

Note: You can change the server holding these roles from this console.

To view the SCHEMA MASTER graphically do the following

1. Start > Run > regsvr32 schmmgmt.dll {enter} > OK

2. Start > run > mmc {enter}.

3. File > Add / Remove Snap-In > Add > Active Directory Schema > Add Close > OK

4. Right Click “Active Directory Schema” > Operations Master.

To View the DOMAIN NAMING MASTER

1. Start > Run > domain.msc {enter}

2. Right Click “Active Directory Domains and Trusts” > Operations Master.

General Rules for FSMO Placement

If you only have 1 domain in the forest everything goes in that one domain.

If not….

Forest Root Domain gets the Domain Naming Master, and the Schema Master roles

Each Domain gets The PDC Emulator, Infrastructure Master and RID Master roles.

Though not an FSMO role each logon location should have a Global Catalogue server

(Note: Yes you can cache logon requests and have Read only domain controllers now but in an ideal world I still place a GC at each site)

FSMO Placement

1. Do not put the Infrastructure Master on a Global Catalogue Server (see below for how to see if a domain controller is a global Catalogue server).

2. The PDC Emulator and RID Master should be on the same Server, If possible NOT on a Global Catalogue Server (though not essential).

3. The Schema Master and Domain Naming Master should be on the same machine that IS a Global Catalogue Server. (This is not true if your forest functional level is Windows Server 2003).

Locate Global Catalogue Servers

To check if a domain controller is also a global catalogue server:

1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Sites and Services.

2. Double-click Sites in the left pane, and then browse to the appropriate site or click Default-first-site-name if no other sites are available.

3. Open the Servers folder, and then click the domain controller.

4. In the domain controller’s folder, double-click NTDS Settings.

5. On the Action menu, click Properties.

6. On the General tab, locate the Global Catalogue check box to see if it is selected.

Related Articles, References, Credits, or External Links

Windows Server – Locating, Transferring, and Seizing FSMO Roles

Transferring Your FSMO Roles

Author: Migrated

Share This Post On