locked
Could not determine the FSMO role holder RRS feed

  • Question

  • Using AD MP 6.0.6453.0 and I'm getting an alert that one of my DCs "Could not determine the FSMO role holder." The DC that's generating the alert is a remote DC. Our AD is setup like a spoke and wheel and the DCs out on the spokes only communicate with the central DCs, never any of the other remote, spokes. The alert is

    AD Replication Partner Op Master Consistency : Unable to determine domain naming Op Master on domain controller 'aremotedc'.

    I can't find a way to prevent the remote DCs from trying to query each other for FSMO roles. All the FSMO roles reside on the central DCs.


    Orange County District Attorney
    Wednesday, December 8, 2010 6:57 PM

Answers

  • Actually, this queries all it's replication partners only. So you're incorrect about your setup. It tries to communicate with other DC's then your central DC's.

    That said, if for any reason it can't perform a query this test will become critical. i'm going to disable this test alltogether just because of it's high false positive rate, but if you like this one, at least change it's frequency, bc it's beyond me why you want to test this more often than once a day.


    Rob Korving
    http://jama00.wordpress.com/
    • Marked as answer by Yog Li Thursday, December 16, 2010 9:54 AM
    Thursday, December 9, 2010 9:07 AM

All replies

  • Actually, this queries all it's replication partners only. So you're incorrect about your setup. It tries to communicate with other DC's then your central DC's.

    That said, if for any reason it can't perform a query this test will become critical. i'm going to disable this test alltogether just because of it's high false positive rate, but if you like this one, at least change it's frequency, bc it's beyond me why you want to test this more often than once a day.


    Rob Korving
    http://jama00.wordpress.com/
    • Marked as answer by Yog Li Thursday, December 16, 2010 9:54 AM
    Thursday, December 9, 2010 9:07 AM
  • Actually, I don't think I'm incorrect. Our remote DCs literally cannot communicate with other remote DCs. No ping. No connection period. It's just the way our network is setup. All that said, it's confusing why if this is the expected behavior of the MP, why don't I see it from other remote DCs?
    Orange County District Attorney
    Friday, December 17, 2010 3:09 PM
  • i'm sure that your network doesn't allow it. But your active directory/that DC doesn't reflect this setup and tries to replicate with servers that are not reachable.
    Rob Korving
    http://jama00.wordpress.com/
    Friday, December 17, 2010 4:44 PM