Skip to main content

Find the FSMO role holders with DCDiag

DCDiag.exe is the Domain Controller diagnostic tool. It is designed to assist you in troubleshooting . You can utilize this tool to discover the current FSMO role holders by executing the command DCdiag /test:Knowsofroleholders /v. The output of this command is below with the role holders highlighted in red.

Directory Server Diagnosis

Performing initial setup:

Trying to find home server...

* Verifying that the local machine MCT-1, is a Directory Server.

Home Server = MCT-1

* Connecting to directory service on server MCT-1.

* Identified AD Forest.

Collecting AD specific global data

* Collecting site info.

Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=MCTNet,DC=com,

LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......

The previous call succeeded

Iterating through the sites

Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name

,CN=Sites,CN=Configuration,DC=MCTNet,DC=com

Getting ISTG and options for the site

* Identifying all servers.

Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=MCTNet,DC=com,

LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......

The previous call succeeded....

The previous call succeeded

Iterating through the list of servers

Getting information for the server CN=NTDS Settings,CN=MCT-1,CN=Servers,CN=De

fault-First-Site-Name,CN=Sites,CN=Configuration,DC=MCTNet,DC=com

objectGuid obtained

InvocationID obtained

dnsHostname obtained

site info obtained

All the info for the server collected

* Identifying all NC cross-refs.

* Found 1 DC(s). Testing 1 of them.

Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\MCT-1

Starting test: Connectivity

* Active Directory LDAP Services Check

Determining IP4 connectivity

* Active Directory RPC Services Check

......................... MCT-1 passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\MCT-1

Test omitted by user request: Advertising

Test omitted by user request: CheckSecurityError

Test omitted by user request: CutoffServers

Test omitted by user request: FrsEvent

Test omitted by user request: DFSREvent

Test omitted by user request: SysVolCheck

Test omitted by user request: KccEvent

Starting test: KnowsOfRoleHolders

Role Schema Owner = CN=NTDS Settings,CN=MCT-1,CN=Servers,CN=Default-Fir

st-Site-Name,CN=Sites,CN=Configuration,DC=MCTNet,DC=com

Role Domain Owner = CN=NTDS Settings,CN=MCT-1,CN=Servers,CN=Default-Fir

st-Site-Name,CN=Sites,CN=Configuration,DC=MCTNet,DC=com

Role PDC Owner = CN=NTDS Settings,CN=MCT-1,CN=Servers,CN=Default-First-

Site-Name,CN=Sites,CN=Configuration,DC=MCTNet,DC=com

Role Rid Owner = CN=NTDS Settings,CN=MCT-1,CN=Servers,CN=Default-First-

Site-Name,CN=Sites,CN=Configuration,DC=MCTNet,DC=com

Role Infrastructure Update Owner = CN=NTDS Settings,CN=MCT-1,CN=Servers

,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=MCTNet,DC=com

......................... MCT-1 passed test KnowsOfRoleHolders

Test omitted by user request: MachineAccount

Test omitted by user request: NCSecDesc

Test omitted by user request: NetLogons

Test omitted by user request: ObjectsReplicated

Test omitted by user request: OutboundSecureChannels

Test omitted by user request: Replications

Test omitted by user request: RidManager

Test omitted by user request: Services

Test omitted by user request: SystemLog

Test omitted by user request: Topology

Test omitted by user request: VerifyEnterpriseReferences

Test omitted by user request: VerifyReferences

Test omitted by user request: VerifyReplicas

Test omitted by user request: DNS

Test omitted by user request: DNS

Running partition tests on : ForestDnsZones

Test omitted by user request: CheckSDRefDom

Test omitted by user request: CrossRefValidation

Running partition tests on : DomainDnsZones

Test omitted by user request: CheckSDRefDom

Test omitted by user request: CrossRefValidation

Running partition tests on : Schema

Test omitted by user request: CheckSDRefDom

Test omitted by user request: CrossRefValidation

Running partition tests on : Configuration

Test omitted by user request: CheckSDRefDom

Test omitted by user request: CrossRefValidation

Running partition tests on : MCTNet

Test omitted by user request: CheckSDRefDom

Test omitted by user request: CrossRefValidation

Running enterprise tests on : MCTNet.com

Test omitted by user request: DNS

Test omitted by user request: DNS

Test omitted by user request: LocatorCheck

Test omitted by user request: Intersite

Comments

Popular posts from this blog

Adding a Comment to a GPO with PowerShell

As I'm writing this article, I'm also writing a customization for a PowerShell course I'm teaching next week in Phoenix.  This customization deals with Group Policy and PowerShell.  For those of you who attend my classes may already know this, but I sit their and try to ask the questions to myself that others may ask as I present the material.  I finished up my customization a few hours ago and then I realized that I did not add in how to put a comment on a GPO.  This is a feature that many Group Policy Administrators may not be aware of. This past summer I attended a presentation at TechEd on Group Policy.  One organization in the crowd had over 5,000 Group Policies.  In an environment like that, the comment section can be priceless.  I always like to write in the comment section why I created the policy so I know its purpose next week after I've completed 50 other tasks and can't remember what I did 5 minutes ago. In the Group Policy module for PowerShell V3, th

Return duplicate values from a collection with PowerShell

If you have a collection of objects and you want to remove any duplicate items, it is fairly simple. # Create a collection with duplicate values $Set1 = 1 , 1 , 2 , 2 , 3 , 4 , 5 , 6 , 7 , 1 , 2   # Remove the duplicate values. $Set1 | Select-Object -Unique 1 2 3 4 5 6 7 What if you want only the duplicate values and nothing else? # Create a collection with duplicate values $Set1 = 1 , 1 , 2 , 2 , 3 , 4 , 5 , 6 , 7 , 1 , 2   #Create a second collection with duplicate values removed. $Set2 = $Set1 | Select-Object -Unique   # Return only the duplicate values. ( Compare-Object -ReferenceObject $Set2 -DifferenceObject $Set1 ) . InputObject | Select-Object – Unique 1 2 This works with objects as well as numbers.  The first command creates a collection with 2 duplicates of both 1 and 2.   The second command creates another collection with the duplicates filtered out.  The Compare-Object cmdlet will first find items that are diffe

How to list all the AD LDS instances on a server

AD LDS allows you to provide directory services to applications that are free of the confines of Active Directory.  To list all the AD LDS instances on a server, follow this procedure: Log into the server in question Open a command prompt. Type dsdbutil and press Enter Type List Instances and press Enter . You will receive a list of the instance name, both the LDAP and SSL port numbers, the location of the database, and its status.