3.25. Finding the FSMO Role Holders

Problem

You want to find the domain controllers that are acting as one of the FSMO roles.

Solution

Using a graphical user interface

For the Schema Master:

  1. Open the Active Directory Schema snap-in.

  2. Right-click on Active Directory Schema in the left pane and select Operations Master.

For the Domain Naming Master:

  1. Open the Active Directory Domains and Trusts snap-in.

  2. Right-click on Active Directory Domains and Trusts in the left pane and select Operations Master.

For the PDC Emulator, RID Master, and Infrastructure Master:

  1. Open the Active Directory Users and Computers snap-in.

  2. Make sure you’ve targeted the correct domain.

  3. Right-click on Active Directory Users and Computers in the left pane and select Operations Master.

  4. There are individual tabs for the PDC, RID, and Infrastructure roles.

Using a command-line interface

In the following command, you can leave out the /Domain <DomainDNSName> option to query the domain you are currently logged on.

> netdom query fsmo /Domain:<DomainDNSName>

For some reason, this command returns a “The parameter is incorrect” error on Windows Server 2003. Until that is resolved, you can use the dsquery server command shown here, where <Role> can be schema, name, infr, pdc, or rid:

> dsquery server -hasfsmo <Role>

Using VBScript

' This code prints the FSMO role owners for the specified domain.
' ------ SCRIPT CONFIGURATION ------
strDomain = "<DomainDNSName>" ' e.g. emea.rallencorp.com ' ------ END CONFIGURATION --------- set objRootDSE ...

Get Active Directory Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.