The Blog

Quickly Identifying FSMO Role Holders using the CMD

When you want to find the FSMO role holders on Server 2008 you may find yourself going into multiple graphical windows and properties tabs to track down each FSMO role. In the case of the Schema role you even have to first enable the schema management snap-in first.

An easier way is to use dcdiag. Dcdiag can display a lot of useful information for general info gathering or troubleshooting. For this particular case we only want very specific information. You will find simply running dcdiag without any parameters is both too verbose and not verbose enough to identify the FSMO role holders.

Using the following command specifes you are only running the test "KnowsOfRoleHolders" with the parameter "v" which means verbose output which presents extended information. In this case the actual DN of the role holders will not be shown without it.

dcdiag -test:KnowsOfRoleHolders -v

To make it easier to read you may want to redirect this to a text file:

dcdiag -test:KnowsOfRoleHolders -v >> c:\DCdiag_FSMO_Roles.txt

Sample output from a test lab DC

Directory Server Diagnosis

Performing initial setup:
Trying to find home server...
* Verifying that the local machine IBM-DC-X21, is a Directory Server.
Home Server = IBM-DC-X21
* Connecting to directory service on server IBM-DC-X21.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=IBMEurope,DC=EU,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=IBMEurope,DC=EU
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=IBMEurope,DC=EU,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=IBM-DC-X21,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=IBMEurope,DC=EU
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\IBM-DC-X21
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... IBM-DC-X21 passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\IBM-DC-X21
Test omitted by user request: Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Test omitted by user request: FrsEvent
Test omitted by user request: DFSREvent
Test omitted by user request: SysVolCheck
Test omitted by user request: KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=IBM-DC-X21,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=IBMEurope,DC=EU
Role Domain Owner = CN=NTDS Settings,CN=IBM-DC-X21,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=IBMEurope,DC=EU
Role PDC Owner = CN=NTDS Settings,CN=IBM-DC-X21,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=IBMEurope,DC=EU
Role Rid Owner = CN=NTDS Settings,CN=IBM-DC-X21,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=IBMEurope,DC=EU
Role Infrastructure Update Owner = CN=NTDS Settings,CN=IBM-DC-X21,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=IBMEurope,DC=EU
......................... IBM-DC-X21 passed test KnowsOfRoleHolders
Test omitted by user request: MachineAccount
Test omitted by user request: NCSecDesc
Test omitted by user request: NetLogons
Test omitted by user request: ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: Replications
Test omitted by user request: RidManager
Test omitted by user request: Services
Test omitted by user request: SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: VerifyReferences
Test omitted by user request: VerifyReplicas

Test omitted by user request: DNS
Test omitted by user request: DNS

Running partition tests on : ForestDnsZones
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation

Running partition tests on : DomainDnsZones
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation

Running partition tests on : Schema
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation

Running partition tests on : Configuration
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation

Running partition tests on : IBMEurope
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation

Running enterprise tests on : IBMEurope.EU
Test omitted by user request: DNS
Test omitted by user request: DNS
Test omitted by user request: LocatorCheck
Test omitted by user request: Intersite

Neil Bryan
IT Consultant & Technical Trainer
Neil Bryan is an IT consultant and technical trainer specializing in VMware, Citrix and Microsoft virtualization and infrastructure.

Leave a Reply

Skip to toolbar