FSMO Roles related execution files and services

  • 110 Views
  • Last Post 12 March 2017
manasrrp6 posted this 11 March 2017


---------- Forwarded message ----------


show

Order By: Standard | Newest | Votes
daemonr00t posted this 11 March 2017

The attribute that indicates the ownership is called isFSMORoleOwner, depending on the role they will be based on the domain, configuration or schema partitions.


There is now dedicated process for this.


Now what you refer to as corruption could be a other the deletion of a role owner thay will show the DN of the deleted controller on the attribute mentioned above or controllers in the domain with different information of the owner.


In case number one just seize the role and in case number two it could be related to replication.



DNS partitions have an infrastructure master too.







~dannyCS


Sent from my mobile







show

manasrrp6 posted this 12 March 2017

Corruption refers to error / trouble arises related to FSMO roles as on my point of view.


show

manasrrp6 posted this 12 March 2017

Where all those attributes reside


show

daemonr00t posted this 12 March 2017

The errors you mean will depend a lot on the function the FSMO executes, from not being able to remove a domain to duplicated RID blocks and much more so this is a very broad topic.


Quick question, have you ever used ADSIEdit? Exploring the directory with it will be a great learning experience.







~dannyCS


Sent from my mobile







show

manasrrp6 posted this 12 March 2017

I had used ADSIEdit and had seen there so many attributes. But I want to know where the roles are running inside ? Or is it a static process only &  not as like execuatable !


show

chriss3 posted this 12 March 2017

Ntdsa.dll/ntdsai.dll loaded in lsass process – some operations are targeted against DCs holding those roles, some operations re-occur or occur at specific times and conditions using the task queue/task scheduler inside the processes.  

show

Close