FSMO Roles
Summary of Failure Modes in Active Directory(FSMO)
Hello All,
Hope this post finds you in good health and spirit.
Summary of Failure Modes in Active Directory(FSMO)
| Failure Mode | Description | User Impact |
| Hardware/ software failure of single DC/GC | Single DC has failed due to hardware or software problems. Network connections are up | Zero to very slight. Users and Clients authenticate to the next available DC. Users will locate the next available GC the same way. |
| Loss of complete site | Site is completely unusable due to disaster or network failure. Everything in the site is inoperable or unavailable | Slight impact. Users will be will authenticated to the next hop site or nearest DC |
| Data corruption in single server | Database is corrupted in a single DC. | Zero to very slight, same as hardware failure. Users and client machines authenticate to the next available DC in site or the nearest DC in the next hop site. |
| Data corruption throughout a single domain | Database errors are spread throughout an entire domain. | High. Users may be unable to logon or unable to access basic functions until service is restored |
| Forest corruption | Database errors are spread throughout enterprise in all Domain Controllers. This could be as a result of a Schema or Domain Corruption. | High. Users may be unable to logon or unable to access basic functions until service is restored |
| Loss of network connection to site | Site has lost all network connections. Note: loss of only one of multiple network connections will be handled by the network support team | None. User will be able to log on and perform all local functions, although they will not be able to access resources outside the site. |
| Loss of network connection to DC-less site | Site has lost all network connections. Note: loss of only one of multiple network connections will be handled by the network support team | Moderate. Users will be able to log on to their own machines using cached credentials. This will provide access to the local machine but will not allow access to any network resources. |
| Loss of Operations Master: Schema Master | The server holding this role has failed, or the site holding this server has been lost | Zero. This role is not used in normal operations. Schema changes may not be made while this role is offline. |
| Loss of Operations Master: Domain Naming Master | The server holding this role has failed, or the site holding this server has been lost | Zero. This role is not used in normal operations. Domains may not be created or deleted while this role is offline. |
| Loss of Operations Master: Infrastructure Master | The server holding this role has failed, or the site holding this server has been lost | Zero. This role is not used in the standard design because all servers contain the Global Catalog. |
| Loss of Operations Master:
RID Master | The server holding this role has failed, or the site holding this server has been lost | Zero to very slight. Some DCs may be unable to create new user IDs or other objects while this role is offline. |
| Loss of Operations Master:
PDC Emulator | The server holding this role has failed, or the site holding this server has been lost | Zero to moderate. Clients may experience password change (reset, unlock) problems due to replication latency while this role is offline. This also means the loss of the reliable time source for the domain; however, this is unlikely to have any effect unless the outage extends for a very long time. |
So, that’s all in this blog. I will meet you soon with next stuff .Have a nice day !!!
Recommended content
- RODC Installation Guide- Step by step guide to install read only domain controller
- RODC Filtered Attribute Set
- Installing and configuring a RODC in Windows Server-2012
- How to find the GUID of Domain Controller
- Group Policy Understanding Group Policy Preferences
- Group Policy Verification Tool GPOTool Exe
- Group Policy Health Check on Specific Domain Controller
- What is Netlogon Folder in Active Directory
- How to Create Custom Attributes in Active Directory
- How Can I Check the Tombstone Lifetime of My Active Directory Forest
- How to Determine a Computers AD Site From the Command Line
- How to Check the Active Directory Database Integrity
Guys please don’t forget to like and share the post.Also join our WindowsTechno Community and where you can post your queries/doubts and our experts will address them .
You can also share the feedback on below windows techno email id.
If you have any questions feel free to contact us on admin@windowstechno.com also follow us on facebook@windowstechno to get updates about new blog posts.
Was this article helpful?
YesNo
