Shulou(Shulou.com)06/02 Report--

There are five FSMO roles in Active Directory, and if you have only one domain controller (DC), all five roles will reside on that DC.

In an enterprise deployment, a server failure may be caused by a hardware failure and cannot be recovered. However, the configuration information of this server is stored in the forest architecture configuration information. If you redeploy the domain control, you need to delete the old domain control from the forest architecture, otherwise the newly built domain control will establish link replication from the old failed domain control server at the same site by default.

Architecture host-the architecture host role is throughout the forest, and each forest has one. This role is required to extend the architecture of the Active Directory forest or to run the adprep / domainprep command. Domain naming host-the domain naming host role is forest-wide, and each forest has one. This role is required when adding or removing domains or application partitions from the forest. RID host-the RID host role is domain-wide, with one for each domain. This role is required to allocate RID pools so that new or existing domain controllers can create user accounts, computer accounts, or security groups. PDC Simulator-the PDC simulator role is domain-wide, with one for each domain. This role is required for domain controllers that send database updates to Windows NT backup domain controllers. Domain controllers with this role are also targets for password updates for some administrative tools and user and computer accounts. Infrastructure host-the infrastructure host role is domain-wide, with one for each domain. This role is required for the domain controller to successfully run the adprep / forestprep command and update the SID and distinguished name properties of objects referenced across domains.

In general, role transfer is considered a relatively secure process that requires both the source server and the target server to run and be available on the network. However, the purpose of occupying this role is to use it in rare cases, such as a crashed DC, which you need to replace with a new server. In this case, force the transfer of the FSMO role even if the source server is not available

Here are the steps you can use to get the FSMO role.

It is best to log in to the domain controller to which you want to assign the FSMO role. The logged-in user should be a member of the enterprise administrators group, naming the host role after the transport schema or domain, or a member of the domain administrators group that transports the PDC emulator, RID host, and infrastructure host roles. Click start, click run, type ntdsutil in the Open box, then click OK to type the role, and then press ENTER. Type the connection, and then press ENTER. Type connect to server servername, and then press Enter, where servername is the name of the domain controller to which you want to assign the FSMO role. At the server connection prompt, type Q, and then press Enter. Type seize role, where role is the character to be captured. For a list of roles that can be obtained, type? At the fsmo maintenance prompt, then press Enter, or view the list of roles at the beginning of this article. "for example, to get the RID host role, type seize rid master."

8. At the fsmo maintenance prompt, type Q, and then press Enter to access the ntdsutil prompt. Type Q, then press Enter to exit the Ntdsutil utility

Ntdsutil clears AD residual information

Log in to the primary domain control server, and the domain control administrator runs the command prompt, enters the command ntdsutil, then enters the command metadate cleanup, and then enters connections.

After connections input, enter connect to server * * to connect to the DC server. After the connection is successful, enter quit to return to the previous menu, and then enter select operation target (select target) and enter enter.

Use the command list servers in site to list the AD servers in the site site and select the residual information servers that need to be deleted

Run the command remove selected server.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.