Scribd
Upload
48 views4 pages

The Easy Way FSMO

The document describes multiple ways to determine the Flexible Single Master Operation (FSMO) role holders in an Active Directory domain or forest. The easy way uses NetDOM queries, the common way uses the Active Directory Sites and Services MMC snap-in, and the cool way uses Ntdsutil commands. The hard way involves writing a script to query ADSI Edit and retrieve the FSMO role holders.

Uploaded by

ballscout1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
48 views4 pages

The Easy Way FSMO

The document describes multiple ways to determine the Flexible Single Master Operation (FSMO) role holders in an Active Directory domain or forest. The easy way uses NetDOM queries, the common way uses the Active Directory Sites and Services MMC snap-in, and the cool way uses Ntdsutil commands. The hard way involves writing a script to query ADSI Edit and retrieve the FSMO role holders.

Uploaded by

ballscout1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

The easy way:

NetDOM /query FSMO

The Common way:

How to Determine the RID, PDC, and Infrastructure FSMO Holders of a Selected Domain

1. Click Start, click Run, type dsa.msc, and then click OK.
2. Right-click the selected Domain Object in the top left pane, and then click Operations Masters.
3. Click the PDC tab to view the server holding the PDC master role.
4. Click the Infrastructure tab to view the server holding the Infrastructure master role.
5. Click the RID Pool tab to view the server holding the RID master role.

How to Determine the Schema FSMO Holder in a Forest


1. Click Start, click Run, type mmc, and then click OK.
On the Console menu, click Add/Remove Snap-in, click Add, double-click Active Directory Schema, click Close,
2.
and then click OK.
Right-click Active Directory Schema in the top left pane, and then click Operations Masters to view the server
3.
holding the schema master role.
NOTE: For the Active Directory Schema snap-in to be available, you may have to register the Schmmgmt.dll file. To do
this, click Start, click Run, type regsvr32 schmmgmt.dll in the Open box, and then click OK. A message is displayed
that states the registration was successful.

How to Determine the Domain Naming FSMO Holder in a Forest


1. Click Start, click Run, type mmc, and then click OK.
On the Console menu, click Add/Remove Snap-in, click Add, double-click Active Directory Domains and Trusts,
2.
click Close, and then click OK.
3. In the left pane, click Active Directory Domains and Trusts.
Right-click Active Directory Domains and Trust, and then click Operations Master to view the server holding the
4.
domain naming master role in the Forest.

The Cool Way

1. On any domain controller, click Start, click Run, type Ntdsutil in the Open box, and then click OK.
2. Type roles, and then press ENTER.
3. Type connections, and then press ENTER.
4. Type connect to server <servername>, where <servername> is the name of the server you want to use, and
then press ENTER.
5. At the server connections: prompt, type q, and then press ENTER again.
6. At the FSMO maintenance: prompt, type Select operation target, and then press ENTER again.
7. At the select operation target: prompt, type List roles for connected server, and then press ENTER again.
8. Type q 3 times to exit the Ntdsutil prompt.
The hard way

Write a script to query ADSI edit to obtain the FSMO role holders. Fortunatly the hardwork has already been done for
you.. Just paste the following for an example:

Option Explicit
Dim WSHNetwork, objArgs, ADOconnObj, bstrADOQueryString, RootDom, RSObj
Dim FSMOobj,CompNTDS, Computer, Path, HelpText

Set WSHNetwork = CreateObject("WScript.Network")


Set objArgs = WScript.Arguments

HelpText = "This script will find the FSMO role owners for your domain." & Chr(13) &_
Chr(10) & "The syntax is as follows:" & Chr(13) & Chr(10) &_
"find_fsmo DC=MYDOM,DC=COM" & Chr(13) & Chr(10) &_
"""Where MYDOM.COM is your domain name.""" & Chr(13) & Chr(10) & "OR:" &_
Chr(13) & Chr(10) & "find_fsmo MYDCNAME " & Chr(13) & Chr(10) &_
"""Where MYDCNAME is the name of a Windows 2000 Domain Controller"""

Select Case objArgs.Count


Case 0
Path = InputBox("Enter your DC name or the DN for your domain"&_
" 'DC=MYDOM,DC=COM':","Enter path",WSHNetwork.ComputerName)
Case 1
Select Case UCase(objArgs(0))
Case "?"
WScript.Echo HelpText
WScript.Quit
Case "/?"
WScript.Echo HelpText
WScript.Quit
Case "HELP"
WScript.Echo HelpText
WScript.Quit
Case Else
Path = objArgs(0)
End Select
Case Else
WScript.Echo HelpText
WScript.Quit
End Select
Set ADOconnObj = CreateObject("ADODB.Connection")

ADOconnObj.Provider = "ADSDSOObject"
ADOconnObj.Open "ADs Provider"

'PDC FSMO
bstrADOQueryString = "<LDAP://"&Path&">;(&(objectClass=domainDNS)(fSMORoleOwner=*));adspath;subtree"
Set RootDom = GetObject("LDAP://RootDSE")
Set RSObj = ADOconnObj.Execute(bstrADOQueryString)
Set FSMOobj = GetObject(RSObj.Fields(0).Value)
Set CompNTDS = GetObject("LDAP://" & FSMOobj.fSMORoleOwner)
Set Computer = GetObject(CompNTDS.Parent)
WScript.Echo "The PDC FSMO is: " & Computer.dnsHostName

'Rid FSMO
bstrADOQueryString = "<LDAP://"&Path&">;(&(objectClass=rIDManager)(fSMORoleOwner=*));adspath;subtree"

Set RSObj = ADOconnObj.Execute(bstrADOQueryString)


Set FSMOobj = GetObject(RSObj.Fields(0).Value)
Set CompNTDS = GetObject("LDAP://" & FSMOobj.fSMORoleOwner)
Set Computer = GetObject(CompNTDS.Parent)
WScript.Echo "The RID FSMO is: " & Computer.dnsHostName

'Infrastructure FSMO
bstrADOQueryString =
"<LDAP://"&Path&">;(&(objectClass=infrastructureUpdate)(fSMORoleOwner=*));adspath;subtree"

Set RSObj = ADOconnObj.Execute(bstrADOQueryString)


Set FSMOobj = GetObject(RSObj.Fields(0).Value)
Set CompNTDS = GetObject("LDAP://" & FSMOobj.fSMORoleOwner)
Set Computer = GetObject(CompNTDS.Parent)
WScript.Echo "The Infrastructure FSMO is: " & Computer.dnsHostName

'Schema FSMO
bstrADOQueryString = "<LDAP://"&RootDom.Get("schemaNamingContext")&_
">;(&(objectClass=dMD)(fSMORoleOwner=*));adspath;subtree"

Set RSObj = ADOconnObj.Execute(bstrADOQueryString)


Set FSMOobj = GetObject(RSObj.Fields(0).Value)
Set CompNTDS = GetObject("LDAP://" & FSMOobj.fSMORoleOwner)
Set Computer = GetObject(CompNTDS.Parent)
WScript.Echo "The Schema FSMO is: " & Computer.dnsHostName
'Domain Naming FSMO
bstrADOQueryString = "<LDAP://"&RootDom.Get("configurationNamingContext")&_
">;(&(objectClass=crossRefContainer)(fSMORoleOwner=*));adspath;subtree"

Set RSObj = ADOconnObj.Execute(bstrADOQueryString)


Set FSMOobj = GetObject(RSObj.Fields(0).Value)
Set CompNTDS = GetObject("LDAP://" & FSMOobj.fSMORoleOwner)
Set Computer = GetObject(CompNTDS.Parent)
WScript.Echo "The Domain Naming FSMO is: " & Computer.dnsHostName

You might also like