JSI Tip 7822. What FSMO roles do all my domain controllers hold?

Active Directory defines the following 5 Flexible Single Master Operations (FSMO) roles:

Schema master
Domain naming master
RID master
PDC master
Infrastructure master

There is only one Schema master and Domain naming master per forest.

The remaining roles (RID master, PDC master, and Infrastructure master) are per-domain roles. To determine which roles are owned by each domain controller in your domain, I have scripted AllFSMO.bat.

The syntax for using AllFSMO.bat is:


The output is displayed on the console, as in the following sample:

JSI001 Schema Domain PDC
JSI007 RID Infrastructure

To pipe the output to a file, use:


To use the output in subsequent commands, use:

for /f "Tokens=1-6" %%r in ('AllFSMO') do (
 set computer=%%r
 set role1=%%s
 set role2=%%t
 set role3=%%u
 set role4=%%v
 set role5=%%w
:: Your stuff using !computer!, !role1! !role2! etc...
 set role1=
 set role2=
 set role3=
 set role4=
 set role5=
NOTE: If NETDOM.EXE is not installed on the computer you will use to run AllFSMO.bat, install it from the Support / Tools folder of your O/S CD-ROM.

AllFSMO.bat contains:

@echo off
set netdm=netdom query /domain:%userdnsdomain%
for /f "Skip=1 Tokens=*" %%c in ('%netdm% dc^|find /v /i "The command completed successfully."') do (
 set cmp=%%c
 call :doit
exit /b 0
set work=%cmp:     ( Workstation or Server )=%
if "%work%" NEQ "%cmp%" set cmp=%work%#
set cmp=%cmp: #=%
set cmp=%cmp:#=%
set roles=%cmp%
set ntdsutil=Ntdsutil roles Connections "Connect to server %cmp%" Quit "select Operation Target" "List roles for connected server" Quit Quit Quit
for /f "Tokens=1" %%r in ('%ntdsutil%^|Findstr /l /i /b "Schema Domain PDC RID Infrastructure"') do (
 set roles=!roles! %%r
@echo %roles%

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.