6.1.5 FSMO Roles
References: SID, RID, RID Allocation, RID Master role in interdomain move, PDC Emulator role, Infrastructure role
Functions: RoleObject, GetRoleScope
Glossary Terms: FSMO Role, NC Replica, DC, SID
Ldap Attributes: fSMORoleOwner
Ldap Classes: nTDSDSA
A FSMO role is defined as a set of objects that may be updated in only one NC replica at any given time. The DC that hosts this NC replica is the owner for that FSMO role.
Each FSMO role is represented by an object in the directory. The function RoleObject (section 18.104.22.168.1.8) specifies the object for a given FSMO role type and NC. This object is an element of the FSMO role and contains the fSMORoleOwner attribute, which references the nTDSDSA object of the DC that owns the role. The function GetRoleScope defined in [MS-DRSR] section 22.214.171.124.16 identifies the set of objects that comprise each FSMO role. These objects must be updated only on the DC that currently owns the FSMO role.