Best Practices for Assigning FSMO Roles
If you are looking for assigning FSMO roles to your Domain Controllers, this post gathered some useful information related to that.
Rule 1
The PDC Emulator and RID Master roles should be on the same machine because the PDC Emulator is a large consumer of RIDs.
- Tip: Since the PDC Emulator is the role that does the most work by far of any FSMO role, if the machine holding the PDC Emulator role is heavily utilized then move this role and the RID Master role to a different DC, preferably not a global catalog server (GC) since those are often heavily used also.
- Tip: Don’t move FSMOs around regularly. The PDC is targeted for a number of operations and network connections. It is best to not force clients to rediscover the PDC on a regular basis.
Rule 2
The Infrastructure Master should not be placed on a GC.
- Tip: Make sure the Infrastructure Master has a GC in the same site as a direct replication partner.
- Exception 1: It’s OK to put the Infrastructure Master on a GC if your forest has only one domain.
- Exception 2: It’s OK to put the Infrastructure Master on a GC if every DC in your forest has the GC.
Rule 3
For simpler management, the Schema Master and Domain Naming Master can be on the same machine, which should also be a GC.
- Exception: If you’ve raised your forest functional level to Windows Server 2003, the Domain Naming Master doesn’t need to be on a GC, but it should at least be a direct replication partner with a GC in the same site.
Rule 4
Proactively check from time to time to confirm that all FSMO roles are available or write a script to do this automatically.
- Tip: If any FSMO role holders at a remote site are unavailable, check first to see if your WAN link is down.
- Run the command netdom query fsmo to consult what DCs are holding the FSMOs.
Still need help on Assigning FSMO roles?
Running out of ideas or time for assigning FSMO roles? Please contact me here, I will be happy to provide you with a quick analysis for resolution and configuration, at a fair price. Or use the form below if you prefer:
Check out more similar articles below
Microsoft 365 Setup: Practical Guide For IT Pros
Microsoft 365 Setup: Practical Step-by-Step Guide for IT Pros Welcome to Microsoft 365 Setup: Practical…
Ultimate Tutorial How to Deploy Hyper-V Failover Cluster
Ultimate Tutorial: How to deploy Hyper-V Failover Cluster This post aims to guidance you on…
How to configure NTP server in AD
How to configure NTP server in Active Directory, Step by step If you want to…
How to fix clients not showing up in WSUS
How to fix clients not showing up in WSUS If you are facing problems with…
The Ultimate Guide: What is DSRM in Active Directory
The Ultimate Guide: What is DSRM in Active Directory (Directory Services Restore Mode)? Directory Services…
How to add UPN suffix in Active Directory
How to add UPN suffix in Active Directory If you want to know how to…