Scribd Logo
Upload

Welcome to Scribd!

  • SMO Roles Explain: Sunday, November 08, 2009 3:56 PM

    Uploaded by

    Devesh Anand
    62 views5 pages
    The document discusses the FSMO roles in Active Directory and the implications of each role being unavailable. It provides the following key details: 1) If the Domain Naming Master is down, you will not be able to create new domains in the forest but users will still be able to access resources and log in. 2) If the RID Master is down, you will not be able to create new AD objects and machines will not be able to join the domain once a DC's RID pool is depleted. 3) The document links to resources that further explain each FSMO role and the implications if it becomes unavailable.

    Original Description:

    Original Title

    AD

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses the FSMO roles in Active Directory and the implications of each role being unavailable. It provides the following key details: 1) If the Domain Naming Master is down, you will not be able to create new domains in the forest but users will still be able to access resources and log in. 2) If the RID Master is down, you will not be able to create new AD objects and machines will not be able to join the domain once a DC's RID pool is depleted. 3) The document links to resources that further explain each FSMO role and the implications if it becomes unavailable.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    62 views5 pages

    SMO Roles Explain: Sunday, November 08, 2009 3:56 PM

    Uploaded by

    Devesh Anand
    The document discusses the FSMO roles in Active Directory and the implications of each role being unavailable. It provides the following key details: 1) If the Domain Naming Master is down, you will not be able to create new domains in the forest but users will still be able to access resources and log in. 2) If the RID Master is down, you will not be able to create new AD objects and machines will not be able to join the domain once a DC's RID pool is depleted. 3) The document links to resources that further explain each FSMO role and the implications if it becomes unavailable.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    SMO Roles Explain

     Sunday, November 08, 2009 3:56 PM Sudhir77_


     

    Sign In to Vote
    Hi,

    I am new to the AD Concept kindly explain me with an example what happens if either Domain naming master is down or RID is Down
    or if both of them are down(ie Domain naming master and RID is down).

    Explain me in detailed manner?

    Explain me all the FSMO roles in a detailed manner?

    o Reply
    o Quote
    Answers

     Sunday, November 08, 2009 3:58 PM Marcin PolichtMVP


     

    Sign In to Vote

    http://technet.microsoft.com/en-us/library/cc780487.aspx explains quite well implications of unavailability of


    individual operation masters (Operations Master Role Functionality Risk Assessment  table). Let us know if you
    have any further questions...

    hth
    Marcin

    o Marked As Answer byWilson JiaModeratorMonday, November 09, 2009 2:40 AM



    o Reply
    o Quote

     Sunday, November 08, 2009 4:03 PM Meinolf WeberMVP


     

    Sign In to Vote

    Hello,

    see here for detailed description:


    http://technet.microsoft.com/en-us/library/cc773108(WS.10).aspx

    If the RID master is down you are not able to add new objects to AD, after an additional DC that is running in the
    domain has it's own RID pool empty. There are 500 RIDs by default, and when this pool is empty it will get a new
    pool from the RID master if it is online.

    The Domain Naming Master controls the addition or removal of domains in the forest.

    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

    o Marked As Answer byWilson JiaModeratorMonday, November 09, 2009 2:40 AM



    o Reply
    o Quote

     Sunday, November 08, 2009 4:47 PM Rajnish R Sharma


     

    Sign In to Vote

    yes your user will be able to login if Domain naming master is down How ever if the RID is down and ans still any
    of your DC has got RID , your machines will be able to join the domain. RID is a unique value which RID master
    gives to all DC's. So even if the RID is down and still the DC has some RID's available with them, your machines
    can join the domain and users can login into the domain.

    Hope that makes thing clear.

    Raj

    o Marked As Answer byWilson JiaModeratorMonday, November 09, 2009 2:41 AM



    o Reply
    o Quote
    All Replies

     Sunday, November 08, 2009 3:58 PM Marcin PolichtMVP


     

    Sign In to Vote

    http://technet.microsoft.com/en-us/library/cc780487.aspx explains quite well implications of unavailability of


    individual operation masters (Operations Master Role Functionality Risk Assessment  table). Let us know if you
    have any further questions...

    hth
    Marcin

    o Marked As Answer byWilson JiaModeratorMonday, November 09, 2009 2:40 AM



    o Reply
    o Quote

     Sunday, November 08, 2009 4:03 PM Meinolf WeberMVP


     

    Sign In to Vote

    Hello,

    see here for detailed description:


    http://technet.microsoft.com/en-us/library/cc773108(WS.10).aspx

    If the RID master is down you are not able to add new objects to AD, after an additional DC that is running in the
    domain has it's own RID pool empty. There are 500 RIDs by default, and when this pool is empty it will get a new
    pool from the RID master if it is online.

    The Domain Naming Master controls the addition or removal of domains in the forest.

    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

    o Marked As Answer byWilson JiaModeratorMonday, November 09, 2009 2:40 AM



    o Reply
    o Quote

     Sunday, November 08, 2009 4:23 PM Sudhir77_


     

    Sign In to Vote
    Am i right pls let me know if Domain naming master is down whether Clients machines will be able to access the
    network resources in a domain and will they be able to login to the domain and if RID is down will the User
    systems/Machines will be able to join into the domain from the Workgroup?Also kindly explain me in these fashion
    of all the FSMO roles so that i can be able to understand easily with an example?

    o Reply
    o Quote

     Sunday, November 08, 2009 4:29 PM Rajnish R Sharma


     

    Sign In to Vote
    Not exactly. If Domain naming master is down, you will not be able to create new domains in the forest. If RID is
    down , you will not be able to create new AD objects.

    see this URL http://www.petri.co.il/understanding_fsmo_roles_in_ad.htm, which explains with examples.

    Raj

    o Reply
    o Quote
     Sunday, November 08, 2009 4:31 PM Marcin PolichtMVP
     

    Sign In to Vote
    1) Yes - unavailability of the domain naming master will not directly affect ability of client computers to access
    network resources
    2) That depends on whether the RID pool on a domain controller that is used to add a computer account to the
    domain is depleted (each DC obtains a range of 500 SIDs from the RID which are used when creating domain
    security principals - so unless you are creating new computers in bulk, you wouldn't likely experience the problem
    right away...

    hth
    Marcin

    o Reply
    o Quote

     Sunday, November 08, 2009 4:32 PM Sudhir77_


     

    Sign In to Vote
    Am i right pls let me know if Domain naming master is down whether Clients(Users) machines  will be able to
    access the network resources in a domain and will they be able to login to the domain and if RID is down will the
    User systems/Machines will be able to join into the domain from the Workgroup?Also kindly explain me in these
    fashion of all the FSMO roles so that i can be able to understand easily with an example?

    o Reply
    o Quote

     Sunday, November 08, 2009 4:34 PM Meinolf WeberMVP


     

    Sign In to Vote
    Hello,

    the FSMO roles have nothing to do with logon to the domain or accessing network resources. Therefore at least one
    DC/DNS and Global Catalog(if universal groups are used) must be available.

    As long as a DC is available that have RIDs available you can join machines to the domain, even if the RID master
    is down.

    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

    o Reply
    o Quote
     Sunday, November 08, 2009 4:34 PM Marcin PolichtMVP
     

    Sign In to Vote
    What exactly are you find unclear about the answers above?

    Marcin

    o Reply
    o Quote

     Sunday, November 08, 2009 4:36 PM Sudhir77_


     

    Sign In to Vote
    Hi Raj,

    You did not understand my question,my question is simple?


    I am asking if Domain naming master is down will the users in a domain will be able to access the network
    resources or will they be able to login in to the domain and if RID is down will the new users whom we are trying to
    join in to the domain is it possible pls let me know?
    Eagerly awaiting for your reply?

    o Reply
    o Quote

     Sunday, November 08, 2009 4:47 PM Rajnish R Sharma


     

    Sign In to Vote

    yes your user will be able to login if Domain naming master is down How ever if the RID is down and ans still any
    of your DC has got RID , your machines will be able to join the domain. RID is a unique value which RID master
    gives to all DC's. So even if the RID is down and still the DC has some RID's available with them, your machines
    can join the domain and users can login into the domain.

    Hope that makes thing clear.

    You might also like