Thursday, October 21, 2010

Issues if FSMO roles are not functioning properly

If one or more FSMO roles are not functioning properly ,there may be a lot of issues in the Domain enviornment. Let me note down important ones  among them




  1. Domain Naming Master
    1. Can't add or remove a domain - Changes to the namespace need this role holder.
    2. Can't promote or demote a DC - Changes to the namespace need this role holder.
 
  1. Schema Master
    1. Can't modify the schema - Changes to the schema need this role holder.
    2. Can't raise the functional level for the forest - This role holder must be available when the raising the forest functional level. 
      3  PDC Emulator
      1. Users can't log on - If system clocks become unsynchronized, Kerberos may fail.
      2. Can't change passwords - Password changes need this role holder.
      3. Account lockout not working - Account lockout enforcement needs this role holder.
      4. Can't raise the functional level for a domain - This role holder must be available when the raising the domain functional level.
       4   RID Master
    1. Can't create new users or groups - RID pool has been depleted.
        5  Infrastructure Master
    1. Problems with universal group memberships - Cross-domain object references need this role holder.
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)