5 Roles Every Windows Server Administrator Must Know

FSMO- Flexible Single Master Operations                                                                            
In a Windows environment these 5 unique roles are in the most ways a holy grail of every Microsoft Windows Server administrator. If you find yourself unaware of these roles in your troubleshooting just know that most of your network's weird, unproductive activities could as well be well coming from there. An unauthorised access or breach to Active Directory is so dangerous to security expert of the organisations as the AD is the security point of entry. It deserves the at most attention for the smooth domain or forest operations. 

• Access tokens, 
• password verification, 
• account user holder, 
• service authorisation and so many more services.

Forest Roles                                                                                                                                              

• Schema Master | The schema master is forest wide and there's one for each forest. Remember the adprep /domainprep command. It worked because this role was operational.

• Domain Naming | Crucial for upgrades and demotions. It must be online when domains and application partitions in a forest are added or removed.

NetDOM /Query FSMO-Command to use determining the role holder

Domain                                                                                                                                                     

• PDC Emulator | This role must be online and accessible 24/7 for password and user account updates. Its a default target for the domain group policy and some admin tools

• RID Master | Must be online for newly promoted domain controllers to obtain a local RID pool thats required to advertise or when existing domain controllers have to update their current RID pool allocation.

• Infrastructure Master | Responsible for cross-domain reference and phantoms from the global catalog.