FSMO Roles

Web Definition:

FSMO roles are five designated single-master operations that prevent conflicts and maintain consistency in Active Directory by ensuring certain sensitive changes can only be made by one authoritative server, despite AD's normal multi-master replication model.

To prevent conflicting updates in Windows, the Active Directory performs updates to certain objects in a single-master fashion. In a single-master model, only one DC in the entire directory is allowed to process updates. It's similar to the role given to a primary domain controller (PDC) in earlier versions of Windows, such as Microsoft Windows NT 3.51 and 4.0. In earlier versions of Windows, the PDC is responsible for processing all updates in a given domain.

Active Directory extends the single-master model found in earlier versions of Windows to include multiple roles, and the ability to transfer roles to any DC in the enterprise. Because an Active Directory role isn't bound to a single DC, it's referred to as an FSMO role. Currently in Windows there are five FSMO roles:

Schema master

Domain naming master

RID master

PDC emulator

Infrastructure master

Typically, an FSMO role ownership is executed only when the domain controller has replicated the naming context (NC) where the ownership is stored since the Directory Service started. Make sure that an FSMO role seizure reaches the previous owner before the role is used.

Personal Notes: