ServersLearn AD in 15 Minutes a Week: Domain Naming Master Domain Controller...

Learn AD in 15 Minutes a Week: Domain Naming Master Domain Controller Page 6

ServerWatch content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Seizing FSMO Domain Controller Roles

After the Operations Masters roles have
been spread out and balanced on other Domain Controllers in
the forest, it normally is not necessary to
change them again unless some environment variable has
changed. Operations Masters roles can be seized if
the situation calls for it.

Role seizure happens when the original
Operation Master halts, be it temporarily or permanently.
In the case of a short temporary stoppage of an Operation
Master such as a BSOD or a somewhat longer one, say a drive
failure where a restore from backup might be required, it
is not necessarily recommended to perform a role seizure.

loss of WAN links can make it appear as if certain FSMO
servers have been “lost” to certain network segments and
remote sites when this is clearly not the case.

The Infrastructure Master and the PDC Emulator Operation
Master domain controllers can temporarily go offline and
alternate domain controllers can safely seize their roles.
When these original Operation Master domain controllers are
brought back online from their failure, they are the only
two that can re-seize their original roles back without
major difficulty.

When the Schema Master, Domain Naming Master, or RID Master
roles are seized by other Domain Controllers for any reason,

cannot bring the original Operation Master domain controller
back online without potentially suffering major forest-wide
issues, or domain issues in the case RID Operations Master.

The temporary loss of the Schema FSMO
Domain Controller is not visible to network users and most normal,
everyday network administration. Both can continue
normally in most cases. The only way the loss of the Schema
Master would become evident to an Administrator would be in
the case where they are trying to modify the schema manually
or installing an application that modifies the schema during
installation, such as Exchange 2000.

If the Schema Master remains offline for a longer than acceptable
length of time for your environment, you can seize the role
by following these steps;

To seize the Schema FSMO Domain
Controller role using NTDSUTIL you would click on the Start
menu and select RUN and then type NTDSUTIL in the RUN box.

At the NTDSUTIL prompt, type the ROLES
command, which will put NTDSUTIL in FSMO MAINTENANCE MODE.

you can type CONNECTIONS.

you can type CONNECT TO SERVER and then enter the fully
qualified domain name.

At the SERVER CONNECTIONS prompt, type

At the FSMO MAINTENANCE prompt, type

At the FSMO MAINTENANCE prompt, type

At the NTDSUTIL prompt, type QUIT.

offline Domain Controller that has the Schema Master roles
seized from it while it was out of commission must never be
brought back online. The system should be completely wiped.

It’s a running “recommendation” by instructors and seasoned
network administrators that the system drives should be
reformatted twice before rebuilding the server, just to
fully accentuate the need to NEVER bring the server back
online as a Schema Master in that domain again.

Well, that wraps up this section
of Learn Active Directory Design and Administration in 15
Minutes a Week – Active Directory
Schema Master
. I hope
you found it informative and will return for the next

If you have any questions, comments or
even constructive criticism, please feel free to drop me a

I want to write good, solid technical
articles that appeal to a large range of readers and skill
levels and I can only be sure of that through your feedback.

Until then, best of luck in your
studies and remember,

When your
buddy the cheapskate says “YOU GET THIS ONE, NEXT ROUND IS
ON ME,” realize that he’s probably leaving right after this

Jason Zandri

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends & analysis

Latest Posts

Related Stories