Did you find this useful?
Socialize it today.


The Infrastructure Master

Friday, October 28, 2011

The Infrastructure Master is one of the five Flexible Single Master Operations (FSMO) roles found in an Active Directory (AD) forest. There is only one Domain Controller (DC) in each domain that holds this role. By default, this is the first server that was promoted to a DC in the domain. The main purpose of the Infrastructure Master is for updating the group-to-user references whenever the members of groups are renamed or modified.

When you rename or move a member or a group and that member resides in a different domain than the group itself, you may notice that the group may not appear to be up to date by containing the latest information regarding that user. The role of the Infrastructure Master is to update the group with the new name and/or location of the member. The Infrastructure Master will update other domain controllers through normal multi-master replication.

The Infrastructure Master role should not be assigned to any domain controller that is also hosting the global catalog. However, assigning the Infrastructure Master role that is well connected to a Global Catalog server in the same site is recommended. If the Infrastructure Master and the Global Catalog server are on the same domain controller, the Infrastructure Master will not function. This is simply because the Infrastructure Master will never find data that is out of date, so it will never replicate any changes to the other domain controllers in the domain.

If all of the domain controllers in the domain are also Global Catalog servers, then the placement of the Infrastructure Master is not important as all domain controllers will always have current data at hand. In a single forest, single domain model, you should assign the role of Global Catalog to all domain controllers.

Temporary loss of the Infrastructure Master is not very visible to users or network administrators. If the Infrastructure Master will be unavailable for a lengthy amount of time, you can seize the role to another domain controller. Once the Infrastructure Master returns to service, the role can be transferred back to the original domain controller.

Transferring the role can be done using the Active Directory Users and Computers snap-in, or it can be done using the ntdsutil command prompt.

Using the Active Directory Users and Computers snap-in, connect to the target DC. Then, right click the domain object and click on Operations Master... Click on the Infrastructure tab. In the top box, the current DC holding the role should be displayed. In the lower box, you should see the name of the DC that you wish to transfer the role to.


fsmo

Or, using the ntdsutil.exe command, type "roles" and hit [enter]. Then type "connections" and hit [enter]. Next type "connect to server servername and hit [enter]. Type quit and hit [enter]. The system will bind and continue. Then type "transfer infrastructure master" and hit [enter]. A confirmation dialog box will be displayed. Click on "Yes". The system will provide some feedback in regards to this action.



fsmo

The process of transferring the Infrastructure Master role is complete.

Please help us spread the word by socializing it today!

email contact us

Did you find something wrong with the information on this page? Please take a moment to report it to us so that we can continue to improve the quality of the information on this site. Click here to report an issue with this page.



Recommended Books & Training Resources

Windows Server 2008 R2 Unleashed MCITP Windows Server 2008 Enterprise Administrator: Training Kit 4-Pack: Exams 70-640 70-642 70-643 70-647