Exercise: Unit 5
AD FSMO Role Management Research: Alternate Methods
Please respond in detail with clarifying questions, recommendations and/or considerations to the following:
To: IT Admin
I need to determine which DCs currently hold which roles and determine which DCs are Global Catalog Servers. I also need to develop a plan for failure of a role holder. I know there are multiple ways to accomplish this task but I’m not sure the best tools for any given scenario? Would you use ntdsutil or MMC Snap-ins? What about dcdiag? Any advice or suggestions would be appreciated!
1 page, Microsoft Word, double-spaced, 12 pt. font
My response is below
Active Directory is a multimaster database which means that updates can be made by any writeable DC. Some sensitive operations need to be controlled more stringently than others, such as schema management and adding or removing additional domains from an AD forest. These specified roles are called Flexible Single Master Operations. This means only one DC in the replica ring can provide a particular operation.
To find which roles a DC currently hold you can use the ntdsutil. There are other ways to find which roles a DC currently holds. By default the first domain controller installed in the forest root domain is designated as a global catalog server. The Primary Domain Controller and the RID should be on the same DC if possible. The PDC role is mostly used of all FSMO roles and has the widest range of functions.