Flexible Single Master Operation (FSMO) Roles Overview

Up next...

Transferring FSMO (Flexible Single Master Operations) Roles

Welcome to the Active Directory Fundamentals course. This course will teach you everything you need to know about...

Saving Progress...

In this lecture we’re going to learn about FSMO roles. This becomes relevant when you have more than one Domain Controller within your active directory domain.

FSMO (commonly referred to as “fis-mo”) stands for Flexible Single Master Operation. These roles can be assigned to different Domain Controllers and prevent multiple domain controllers from simultaneously making changes to the same resources.

The five FSMO roles are as follows:

Schema Master – one per forest
Domain Naming Master – one per forest
Relative ID (RID) Master – one per domain
Primary Domain Controller (PDC) Emulator – one per domain
Infrastructure Master – one per domain

Schema Master

This role determines what server is responsible for managing the Active Directory Schema for your Active Directory forest.

Domain Naming Master

This role is responsible for the directory partitions within your forest. One example of when you use the Domain Naming Master role is when you create or remove an active directory domain within a forest.

RID (Relative ID) Master

This role is responsible for assigning blocks of SIDs (security Identifiers) to your Domain Controller so they can assign them to newly created Active Directory objects.

PDC (Primary Domain Controller) Emulator

Generally you would expect DC01 to hold the PDC Emulator role. This is the primary DC in your domain. It’s responsible for authentication requests, password changes, GPOs (group policy objects), and the time server for your domain.

Infrastructure Master

The infrastructure master translates GUIDs (Globally Unique Identifiers), SIDs (Security Identifiers), and DNs (Distinguished Names) between the domains in your forest. If this role is not properly working then sometimes you will see an objectSid in instead of a name in an ACL (access control list)

Saving Progress...

4.7 3 votes

Lesson Rating

0 Comments

Inline Feedbacks

View all comments

Dashboard

Active Directory & Identity with Windows Server

0/1 Lessons

Course Introduction
• 2min

0 / 1 lessons complete

Course Overview
Free lesson

Text | 2 min

Getting Started with Active Directory Domain Services
• 52min

0 / 6 lessons complete

Section Overview
Free lesson

Text | 1 min

Installing the ADDS (Active Directory Domain Services) Server Role

Video | 7 min

Promote the Server to a Domain Controller

Video | 7 min

Forests, Trees and Domains

Video | 2 min

Windows Domain Quiz

Quiz | 5 min

Lab: Installing the Active Directory Domain Services

Lab | 30 min

Introduction to Active Directory Users & Computers
• 1hr 24min

0 / 10 lessons complete

Section Overview
Free lesson

Text | 2 min

Organizational Units (OUs) and Containers

Video | 5 min

Creating, managing and deleting OUs

Video | 5 min

Creating User Accounts with Active Directory

Video | 8 min

Searching for Objects in Active Directory

Video | 6 min

Resetting User Passwords and Unlocking Accounts in Active Directory

Video | 6 min

Understanding Groups and Memberships

Video | 11 min

Disabling and Deleting User Accounts

Video | 6 min

Active Directory Quiz

Quiz | 5 min

Lab: Active Directory Users and Computers

Lab | 30 min

Adding a Second Domain Controller
• 1hr 31min

0 / 7 lessons complete

Notice of change in Lab Names

Text | 2 min

Section Overview
Free lesson

Video | 2 min

Promoting Our Second Domain Controller

Video | 13 min

Flexible Single Master Operation (FSMO) Roles Overview
Free lesson

Video | 4 min

Transferring FSMO (Flexible Single Master Operations) Roles

Video | 5 min

Adding a Second Domain Controller Quiz

Quiz | 5 min

Lab: Adding a Second Domain Controller

Lab | 60 min

Active Directory Backups
• 1hr 24min

0 / 5 lessons complete

Creating an Active Directory / System State Backup

Video | 4 min

Restoring an Active Directory Backup

Video | 7 min

Creating and Restoring Active Directory Snapshots

Video | 8 min

Active Directory Backups Quiz

Quiz | 5 min

Lab: Active Directory Backups

Lab | 60 min

How to Administrate Active Directory with Windows PowerShell
• 1hr 58min

0 / 7 lessons complete

Enabling Script Execution for PowerShell

Video | 6 min

Listing AD Users with PowerShell

Video | 14 min

Creating AD Users with PowerShell
Free lesson

Video | 10 min

Creating User Accounts from a CSV (Comma Separated Value) File

Video | 15 min

Move All Disable Users to Disabled Users OU with PowerShell

Video | 8 min

AD PowerShell Quiz

Quiz | 5 min

Lab: ADUC PowerShell Automation

Lab | 60 min

Administrating AD SS (Active Directory Sites and Services)
• 1hr 3min

0 / 5 lessons complete

Active Directory Sites and Services - Section Overview
Free lesson

Video | 8 min

Configuring Our ITFROUTE01 Server to act as a Router

Video | 11 min

Configuring Active Directory Sites and Services

Video | 9 min

Administrating AD SS Quiz

Quiz | 5 min

Lab: Configure ADDS Between Two Subnets

Lab | 30 min

Active Directory Trusts
• 54min

0 / 5 lessons complete

Window Trusts Explained
Free lesson

Video | 6 min

Configuring DNS Settings for Active Directory Trusts

Video | 6 min

Establish a Two-way Active Directory Trust

Video | 7 min

Active Directory Trusts Quiz

Quiz | 5 min

Lab: Establish a two-way AD Trust

Lab | 30 min

Modifying the Active Directory Schema
• 43min

0 / 3 lessons complete

Add Custom Attributes to Active Directory Users

Video | 8 min

Active Directory Schema Quiz

Quiz | 5 min

Lab: Extending the Active Directory Schema

Lab | 30 min

Course Conclusion
• 2min

0 / 1 lessons complete

Course Conclusion

Text | 2 min