Active Directory operations master (FSMO)
Wu Yuzhang
In front of the blog and we talked a lot about the topic of the Active Directory, I believe you have a more profound understanding of the Active Directory Domain Services, today we continue to lead you to more in-depth understanding of the Active Directory Domain Services on the operation of the host knowledge.
Operations masters are special objects in the Active Directory database, and domain controllers with such objects shoulder the core functionality of Active Directory.
There are 5 types of operations masters in the Active directory domain: RID master, PDC master, infrastructure master, domain naming master, and schema master. The function is as follows:
1. RID Master: The SID used to generate the user. (Does not cause the creation of the user to fail)
2. PDC Host:
(1) Used to be compatible with older versions of the operating system.
(2) Expedite the replication of emergency data.
(3) Time synchronization within the domain. (All clients in the domain must synchronize with the PDC Master of the domain)
3. Domain naming master: The domain name is unique when the domain is maintained, created, or deleted.
4. Schema master: Stores the object properties within the entire schema.
5. Infrastructure Host: Maintain updates for cross-domain objects, such as users of domain A into domain B.
Each forest must have the following roles:
Schema master.
Domain naming master.
These roles must be unique in the forest. This means that there can be only one schema master and one domain naming master throughout the forest.
Each domain in the forest must have the following roles:
RID master.
The PDC host.
Infrastructure master.
In each domain, these roles must be unique, that is, each domain in the forest can have only one RID master, the PDC master, and the infrastructure master.
OK, here's our theory, let's start with the practice of finding the RID master, PDC master, infrastructure master, domain naming master, and schema master in a domain controller:
There are two ways to find the operations master:
1, graphical interface.
2. Command line
Here are a few of the two ways we can introduce you:
1. Graphical interface method:
Experiment Preparation:
1. Two Windows Server 2012 servers.
2. Server01 is a domain controller and SERVER02 is an additional domain controller for SERVER01.
With the above experimental preparation, let's start with the experiment:
First we identify our RID master, the PDC host, and our infrastructure master:
To open Server01 Server Manager:
650) this.width=650; "height=" 397 "title=" clip_image001 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image001 "src=" http://s3.51cto.com/wyfs02/M02/6B/C8/ Wkiom1u28ztcgmhnaaf2pnc6umo160.jpg "border=" 0 "/>
Click Tools:
650) this.width=650; "height=" 336 "title=" clip_image002 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image002 "src=" http://s3.51cto.com/wyfs02/M00/6B/C4/ Wkiol1u29jxbn0qsaagygroe14a926.jpg "border=" 0 "/>
Click Active Directory Users and Computers:
650) this.width=650; "height=" 268 "title=" clip_image003 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image003 "src=" http://s3.51cto.com/wyfs02/M01/6B/C4/ Wkiol1u29jfth1dhaaddwznxcs0162.jpg "border=" 0 "/>
Right-click our domain name contoso.com:
650) this.width=650; "height=" 418 "title=" clip_image004 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image004 "src=" http://s3.51cto.com/wyfs02/M02/6B/C4/ Wkiol1u29jzhadinaagseqarnd4710.jpg "border=" 0 "/>
Click Operations Console:
After clicking on the operations master we can see our RID, PDC, and Infrastructure master (decibels):
650) this.width=650; "height=" 483 "title=" clip_image005 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image005 "src=" http://s3.51cto.com/wyfs02/M00/6B/C4/ Wkiol1u29kcxjqoraaf7w7dlqaq737.jpg "border=" 0 "/>
PDC hosts such as:
650) this.width=650; "height=" 428 "title=" clip_image006 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image006 "src=" http://s3.51cto.com/wyfs02/M01/6B/C4/ Wkiol1u29kpijeu6aaf58x2puys757.jpg "border=" 0 "/>
Infrastructure master:
650) this.width=650; "height=" 463 "title=" clip_image007 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image007 "src=" http://s3.51cto.com/wyfs02/M02/6B/C4/ Wkiol1u29kfqreataagktb0x3im580.jpg "border=" 0 "/>
OK, after we find the RID, PDC, and infrastructure master, we'll look for the domain naming master:
Open Server Manager:
650) this.width=650; "height=" "title=" clip_image008 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image008 "src=" http://s3.51cto.com/wyfs02/M00/6B/C4/ Wkiol1u29kvxszgcaaf6auuukgm773.jpg "border=" 0 "/>
Click Tools:
650) this.width=650; "height=" 341 "title=" clip_image009 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image009 "src=" http://s3.51cto.com/wyfs02/M01/6B/C4/ Wkiol1u29lcs9j-naagncafsjig761.jpg "border=" 0 "/>
Click Active Directory Domains and Trust relationships:
650) this.width=650; "height=" 205 "title=" clip_image010 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image010 "src=" http://s3.51cto.com/wyfs02/M02/6B/C4/ Wkiol1u29lldccdhaaduqnbc4bc614.jpg "border=" 0 "/>
Right-click Active Directory Domains and Trust relationships:
650) this.width=650; "height=" 304 "title=" clip_image011 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image011 "src=" http://s3.51cto.com/wyfs02/M01/6B/C4/ Wkiol1u29lbwqu84aafjusn7zsu890.jpg "border=" 0 "/>
Click Operations Console:
650) this.width=650; "height=" 484 "title=" clip_image012 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image012 "src=" http://s3.51cto.com/wyfs02/M00/6B/C8/ Wkiom1u2817tmfauaaghnhugbj4212.jpg "border=" 0 "/>
OK, here you can see our domain naming master.
Let's look at the most important hosts in the entire operations master: Architecture Master
The above has already said that the architecture master is the most important host, so he hid certainly more than the other hosts hidden, so to find the architecture master we have to use the following methods:
Press the WIN+R key at the same time:
650) this.width=650; "height=" 388 "title=" clip_image013 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image013 "src=" http://s3.51cto.com/wyfs02/M01/6B/C8/ Wkiom1u282haft2raafwxpgerco019.jpg "border=" 0 "/>
Enter cmd Click OK:
650) this.width=650; "height=" 219 "title=" clip_image014 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image014 "src=" http://s3.51cto.com/wyfs02/M02/6B/C4/ Wkiol1u29l-qrxedaaczutkgndw557.jpg "border=" 0 "/>
Here we enter: regsvr32 schmmgmt.dll, this command is used to register the schema machine dynamic link library file, after entering the command we hit ENTER:
650) this.width=650; "height=" 332 "title=" clip_image015 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image015 "src=" http://s3.51cto.com/wyfs02/M02/6B/C8/ Wkiom1u282sdxekuaae1l9gktqg407.jpg "border=" 0 "/>
You can see that the dynamic link library file has been successfully registered, we clicked: Yes, then enter the MMC to hit enter:
650) this.width=650; "height=" 414 "title=" clip_image016 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image016 "src=" http://s3.51cto.com/wyfs02/M00/6B/C8/ Wkiom1u282fybwdyaafhywt4ivm304.jpg "border=" 0 "/>
Click File on the console window:
650) this.width=650; "height=" 287 "title=" clip_image017 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image017 "src=" http://s3.51cto.com/wyfs02/M01/6B/C8/ Wkiom1u282utmop3aae_hc8uw38351.jpg "border=" 0 "/>
Click Add/Remove Snap-in:
650) this.width=650; "height=" 257 "title=" clip_image018 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image018 "src=" http://s3.51cto.com/wyfs02/M02/6B/C8/ Wkiom1u282-txyc2aafzq7dikdw373.jpg "border=" 0 "/>
We can see that there is an Active Directory schema in it, and this snap-in does not exist until we run the regsvr32 schmmgmt.dll command. Below we select the Active Directory schema and click Add:
650) this.width=650; "height=" 298 "title=" clip_image019 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image019 "src=" http://s3.51cto.com/wyfs02/M00/6B/C8/ Wkiom1u283pjwkfxaagx6a__ldu702.jpg "border=" 0 "/>
Click OK:
650) this.width=650; "height=" 245 "title=" clip_image020 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image020 "src=" http://s3.51cto.com/wyfs02/M01/6B/C4/ Wkiol1u29nkxkzlraadj92awyrw091.jpg "border=" 0 "/>
You can see that the Active Directory schema has been successfully added to the console root node. Below we right-click Active Directory Schema:
650) this.width=650; "height=" 352 "title=" clip_image021 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image021 "src=" http://s3.51cto.com/wyfs02/M02/6B/C4/ Wkiol1u29nexnv9kaafwe_9pukw836.jpg "border=" 0 "/>
Click Operations Console:
650) this.width=650; "height=" 484 "title=" clip_image022 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image022 "src=" http://s3.51cto.com/wyfs02/M00/6B/C4/ Wkiol1u29n7dabx3aahanr4eeti226.jpg "border=" 0 "/>
And then we see the most important operations master in our entire Active Directory: the Architecture master.
2, command-line method:
Many friends think that just the graphical interface method to find the operation of the host is too cumbersome, OK below we will introduce you to the simplest method:
Press the WIN+R key at the same time:
650) this.width=650; "height=" 266 "title=" clip_image023 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image023 "src=" http://s3.51cto.com/wyfs02/M01/6B/C4/ Wkiol1u29ogx2h34aaelhggkljm896.jpg "border=" 0 "/>
Enter cmd and click OK:
650) this.width=650; "height=" 155 "title=" clip_image024 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image024 "src=" http://s3.51cto.com/wyfs02/M00/6B/C4/ Wkiol1u29olievg4aacey-8-cxw727.jpg "border=" 0 "/>
In the command line example we enter: Netdom query fsmo, hit ENTER:
650) this.width=650; "height=" 281 "title=" clip_image025 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image025 "src=" http://s3.51cto.com/wyfs02/M00/6B/C9/ Wkiom1u284iwddx1aaekea-y5um684.jpg "border=" 0 "/>
You can see that our operations master was successfully found.
OK, our experiment to the end here, have not know a friend can ask questions!
This article is from the "Technology Meng Meng" blog, please be sure to keep this source http://wuyvzhang.blog.51cto.com/9992636/1636758
Active Directory operations master (FSMO)
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
