Articles about FSMO & GC

[b]操作主機（Operation Master）或 FSMO（Flexible Single Master Operation）Role[/b]

樹系等級（Forest Level）
[list][*] Schema Master（架構主機），最好與 Domain Naming Master 在同一台 DC 上。[*] Domain Naming Master（網域命名主機），必須同時是 GC，最好與 Schema Master 在同一台 DC 上。[/list]
網域等級（Domain Level）
[list][*] PDC Emulator（主網域控制站（PDC）競爭者），最好與 RID Master 在同一台 DC 上。[*] RID Master（相對 ID 主機），最好與 PDC Emulator 在同一台 DC 上。[*] Infrastructure Master（基礎建設主機），不可同時是 GC，除非：
　　* Single Domain Forest
　　* Multidomain Forest where every DC holds the GC
　　* Infrastructure Master has no work to do[/list]

[b]辨別 DC 扮演那些操作主機角色[/b]
[list][*] GUI Tools
　　AD Users and Computers：PDC Emulator, RID Master, Infrastructure Master。
　　AD Domains and Trusts：Domain Naming Master。
　　AD Schema：Schema Master。[*] [b]NTDSUTIL[/b] Command-Line Tool
[color=red]　　[color=black]C:>[/color] ntdsutil
　　[color=black]ntdsutil:[/color] domain management
　　[color=black]domain management:[/color] connections
　　[color=black]server connections:[/color] connect to server [i]ServerName[/i]
　　[color=black]server connections:[/color] quit
　　[color=black]domain management:[/color] select operation target
　　[color=black]select operation target:[/color] list roles for connected server[/color][*] [b]DCdiag[/b] Command-Line Tool
　　[color=red]DCdiag /test:Knowsofroleholders /v[/color][*] [b]NETDOM query FSMO[/b] Command-Line Tool[*] [b]Dumpfsmos.cmd[/b]，file of Windows 2000 Server Resource Kits。[*] AD Replication Monitor
　　[color=red]Monitored Servers \ [i]SiteName[/i] \ [i]ServerName[/i] \ Properties \ FSMO Roles[/color][*] Script files，Using ADSI and WSH，參見 KB235617。[/list]

[b]操作主機角色的轉移（Transferring an Operation Master Role）[/b]
[list][*] GUI Tools
　　AD Users and Computers：PDC Emulator, RID Master, Infrastructure Master。
　　AD Domains and Trusts：Domain Naming Master。
　　AD Schema：Schema Master。[*] NTDSUTIL Command-Line Tool
[color=red]　　[color=black]C:>[/color] ntdsutil
　　[color=black]ntdsutil:[/color] roles
　　[color=black]FSMO maintenance:[/color] connections
　　[color=black]server connections:[/color] connect to server [i]ServerName[/i]
　　[color=black]server connections:[/color] quit
　　[color=black]FSMO maintenance:[/color]
　　　　Transfer RID master
　　　　Transfer PDC
　　　　Transfer infrastructure master
　　　　Transfer domain naming master
　　　　Transfer schema master
　　[color=black]FSMO maintenance:[/color] quit
　　[color=black]ntdsutil:[/color] quit[/color][*] Script file，Using VB script or WSH。[/list]

[b]操作主機角色的奪取（Seizing an Operation Master role）[/b]
[list][*] NTDSUTIL Command-Line Tool
[color=red]　　[color=black]C:>[/color] ntdsutil
　　[color=black]ntdsutil:[/color] roles
　　[color=black]FSMO maintenance:[/color] connections
　　[color=black]server connections:[/color] connect to server [i]ServerName[/i]
　　[color=black]server connections:[/color] quit
　　[color=black]FSMO maintenance:[/color]
　　　　Seize RID master
　　　　Seize PDC
　　　　Seize infrastructure master
　　　　Seize domain naming master
　　　　Seize schema master
　　[color=black]FSMO maintenance:[/color] quit
　　[color=black]ntdsutil:[/color] quit[/color][/list]

[b]參考資料[/b]
[list][*] [url=http://support.microsoft.com/?scid=kb;en-us;197132]KB197132 - Windows 2000 Active Directory FSMO Roles[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;223346]KB223346 - FSMO Placement and Optimization on Windows 2000 Domain Controllers[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;223787]KB223787 - Flexible Single Master Operation Transfer and Seizure Process[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;228776]KB228776 - Setting User Rights for Designating FSMO Roles in an Enterprise[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;234790]KB234790 - HOW TO: Find Servers That Hold Flexible Single Master Operations Roles[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;235617]KB235617 - How to Find the FSMO Role Owners Using ADSI and WSH[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;255504]KB255504 - Using Ntdsutil.exe to Seize or Transfer FSMO Roles to a Domain Controller[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;255690]KB255690 - HOW TO: View and Transfer FSMO Roles in the Graphical User Interface[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;283595]KB283595 - HOW TO: Change the Role Owner of the Operations Master After a Successful Seizure[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;316201]KB316201 - RID Pool Allocation and Sizing Changes in Windows 2000 SP4[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;324801]KB324801 - HOW TO: View and Transfer FSMO Roles in the Windows .NET Server Family[/url]
[*] [url=http://support.microsoft.com/?scid=kb;en-us;216970]KB216970 - Global Catalog Server Requirement for User and Computer Logon[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;241789]KB241789 - How to Disable the Requirement that a Global Catalog Server Be Available to Validate User Logons[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;246303]KB246303 - XGEN: Global Catalog Searches and Related TCP Ports[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;248717]KB248717 - How to Modify Attributes That Replicate to the Global Catalog[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;252490]KB252490 - HOWTO: Use ADSI to Query the Global Catalog for a UPN[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;256287]KB256287 - Unable to Change Password with User Principal Name When a Global Catalog Server Is Unavailable[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;256938]KB256938 - Default Global Catalog Attributes in Windows 2000 Active Directory Schema[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;313994]KB313994 - HOW TO: Create or Move a Global Catalog in Windows 2000[/url][*] [url=http://support.microsoft.com/?scid=kb;en-us;315850]KB315850 - Dcpromo.exe Does Not Work if the Domain Naming Master Is Not a Global Catalog[/url][/list]