Understanding FSMO Roles – 5: Domain Naming Master

By | June 10, 2020

In last post, we have discussed about the first forest level role – the Schema Master. In this post, we will understand the second Forest Level role, the Domain Naming Master. We have already gone through the basic concept of Active Directory, Forest and Domain. We know that a Forest can have multiple Domains.

Compared with Schema Master, Domain Naming Master is quite simple to understand. It is responsible only for three things:

  1. Adding a Domain
  2. Removing a Domain
  3. Renaming a Domain

So the bottom line is if you want to add any Domain in your Forest, Remove any domain from your Forest or Rename any existing Domain, your Domain Naming Master (the domain controller holding that role) should be up and running.

We can understand this with two examples:

  • We are currently running on one forest, one domain model – DevOpsAge.local. After some time, we want to add another domain in our existing infrastructure – US.DevOpsAge.local.
  • Currently we have three domains – DevOpsAge.local, US.DevOpsAge.local and IN.DevOpsAge.local and we want to remove IN.DevOpsAge.local completely.

To do that, we need Domain Naming Master. But the question is – how often we add or remove domains? Answer is – Very rarely. So Domain Naming Master hardly matters in day to day activities and it’s not a mission critical role. 

What is my Domain Naming Master is down? As discussed above, if the DC holding Domain Naming Master role is down, it will not impact in a big way. The only thing you can’t do is add, delete or modify domains.

However, please remember that Domain Naming Master is a Forest level role, any changes will replicate to the entire forest.

This is all for this post. I hope you are now clear about Domain Naming Master. In next post, we will discuss the first Domain Level role. In the meanwhile, your feedback and questions are welcome.

Leave a Reply

Your email address will not be published. Required fields are marked *