In this Back2Basics posts we look at Active Directory Flexible Single Master Operations (FSMO) Roles one has to be aware of when implementing new Active Directory installations:
Role |
Functions |
Schema Master |
- Performs updates to the AD schema such as ADPREP /FORESTPREP, Microsoft Exchange and other applicaitons that must modify the AD schema
- Must be online when schema updates are performed
- Generally placed on the forest root PDC
|
Domain Naming Master |
- Adds and removes domains and application partitions from the Active Directory forest
- Must be online when domains and application partitions in a forest are added or removed
- Generally placed on the forest root PDC
|
PDC Emulator |
- Manages password changes for computers and user accounts on replica domain controllers
- Consulted by replica DCs where service authentication requests have mismatched passwords
- Target DC for Group Policy updates
- Target DC for legacy applications that perform writeable operations and for some admin tools
- Must be online and accessible at all times
- Generally placed on high-performance redundant hardware alongside other DCs
|
RID Master |
- Allocates active and standby Relative IDs (RID) pools to replica DCs in the same domain
- Must be online for newly-promoted DCs to obtain a local RID pool or when existing DCs must update their current or standby RID pool allocation
- Generally placed on the forest root PDC
|
Infrastructure Master |
- Updates cross-domain references and phantoms/tombstones from the Global Catalog
- A separate infrastructure master is created for each application partition including the default forest-wide and domain-wide application partitions
|


