FSMO

There are four main ways to read the FSMO role holders in Active Directory, an easy way, the common way, the cool way and the hard way. Lets review them all:

The easy way:

NetDOM /query FSMO

The Common way:

How to Determine the RID, PDC, and Infrastructure FSMO Holders of a Selected Domain

How to Determine the Schema FSMO Holder in a Forest

1.

2.

3.

Click Start, click Run, type mmc, and then click OK.

On the Console menu, click Add/Remove Snap-in, click Add, double-click Active Directory Schema, click Close, and then click OK.

Right-click Active Directory Schema in the top left pane, and then click Operations Masters to view the server holding the schema master role.

NOTE: For the Active Directory Schema snap-in to be available, you may have to register the Schmmgmt.dll file. To do this, click Start, click Run, type regsvr32 schmmgmt.dll in the Open box, and then click OK. A message is displayed that states the registration was successful.

How to Determine the Domain Naming FSMO Holder in a Forest

The Cool Way

    1. On any domain controller, click Start, click Run, type Ntdsutil in the Open box, and then click OK.

    2. Type roles, and then press ENTER.

    3. Type connections, and then press ENTER.

    4. Type connect to server <servername>, where <servername> is the name of the server you want to use, and then press ENTER.

    5. At the server connections: prompt, type q, and then press ENTER again.

    6. At the FSMO maintenance: prompt, type Select operation target, and then press ENTER again.

    7. At the select operation target: prompt, type List roles for connected server, and then press ENTER again.

    8. Type q 3 times to exit the Ntdsutil prompt.

The hard way

Write a script to query ADSI edit to obtain the FSMO role holders. Fortunatly the hardwork has already been done for you.. Just paste the following for an example:

Option Explicit

Dim WSHNetwork, objArgs, ADOconnObj, bstrADOQueryString, RootDom, RSObj

Dim FSMOobj,CompNTDS, Computer, Path, HelpText

Set WSHNetwork = CreateObject("WScript.Network")

Set objArgs = WScript.Arguments

HelpText = "This script will find the FSMO role owners for your domain." & Chr(13) &_

Chr(10) & "The syntax is as follows:" & Chr(13) & Chr(10) &_

"find_fsmo DC=MYDOM,DC=COM" & Chr(13) & Chr(10) &_

"""Where MYDOM.COM is your domain name.""" & Chr(13) & Chr(10) & "OR:" &_

Chr(13) & Chr(10) & "find_fsmo MYDCNAME " & Chr(13) & Chr(10) &_

"""Where MYDCNAME is the name of a Windows 2000 Domain Controller"""

Select Case objArgs.Count

Case 0

Path = InputBox("Enter your DC name or the DN for your domain"&_

" 'DC=MYDOM,DC=COM':","Enter path",WSHNetwork.ComputerName)

Case 1

Select Case UCase(objArgs(0))

Case "?"

WScript.Echo HelpText

WScript.Quit

Case "/?"

WScript.Echo HelpText

WScript.Quit

Case "HELP"

WScript.Echo HelpText

WScript.Quit

Case Else

Path = objArgs(0)

End Select

Case Else

WScript.Echo HelpText

WScript.Quit

End Select

Set ADOconnObj = CreateObject("ADODB.Connection")

ADOconnObj.Provider = "ADSDSOObject"

ADOconnObj.Open "ADs Provider"

'PDC FSMO

bstrADOQueryString = "<LDAP://"&Path&">;(&(objectClass=domainDNS)(fSMORoleOwner=*));adspath;subtree"

Set RootDom = GetObject("LDAP://RootDSE")

Set RSObj = ADOconnObj.Execute(bstrADOQueryString)

Set FSMOobj = GetObject(RSObj.Fields(0).Value)

Set CompNTDS = GetObject("LDAP://" & FSMOobj.fSMORoleOwner)

Set Computer = GetObject(CompNTDS.Parent)

WScript.Echo "The PDC FSMO is: " & Computer.dnsHostName

'Rid FSMO

bstrADOQueryString = "<LDAP://"&Path&">;(&(objectClass=rIDManager)(fSMORoleOwner=*));adspath;subtree"

Set RSObj = ADOconnObj.Execute(bstrADOQueryString)

Set FSMOobj = GetObject(RSObj.Fields(0).Value)

Set CompNTDS = GetObject("LDAP://" & FSMOobj.fSMORoleOwner)

Set Computer = GetObject(CompNTDS.Parent)

WScript.Echo "The RID FSMO is: " & Computer.dnsHostName

'Infrastructure FSMO

bstrADOQueryString = "<LDAP://"&Path&">;(&(objectClass=infrastructureUpdate)(fSMORoleOwner=*));adspath;subtree"

Set RSObj = ADOconnObj.Execute(bstrADOQueryString)

Set FSMOobj = GetObject(RSObj.Fields(0).Value)

Set CompNTDS = GetObject("LDAP://" & FSMOobj.fSMORoleOwner)

Set Computer = GetObject(CompNTDS.Parent)

WScript.Echo "The Infrastructure FSMO is: " & Computer.dnsHostName

'Schema FSMO

bstrADOQueryString = "<LDAP://"&RootDom.Get("schemaNamingContext")&_

">;(&(objectClass=dMD)(fSMORoleOwner=*));adspath;subtree"

Set RSObj = ADOconnObj.Execute(bstrADOQueryString)

Set FSMOobj = GetObject(RSObj.Fields(0).Value)

Set CompNTDS = GetObject("LDAP://" & FSMOobj.fSMORoleOwner)

Set Computer = GetObject(CompNTDS.Parent)

WScript.Echo "The Schema FSMO is: " & Computer.dnsHostName

'Domain Naming FSMO

bstrADOQueryString = "<LDAP://"&RootDom.Get("configurationNamingContext")&_

">;(&(objectClass=crossRefContainer)(fSMORoleOwner=*));adspath;subtree"

Set RSObj = ADOconnObj.Execute(bstrADOQueryString)

Set FSMOobj = GetObject(RSObj.Fields(0).Value)

Set CompNTDS = GetObject("LDAP://" & FSMOobj.fSMORoleOwner)

Set Computer = GetObject(CompNTDS.Parent)

WScript.Echo "The Domain Naming FSMO is: " & Computer.dnsHostName