Uncategorised

How to: Move all FSMO roles on a domain controller

When moving roles, the right way to do it is to view exactly where the roles are at the moment. Firstly to check this one can open the command prompt and use the following command.

Netdom /query FSMO

This will show the roles and who is the owner like below.

C:\Users\Administrator.dom>netdom /query fsmo
Schema master     srv01.mydomain.com
Domain naming master     srv01.mydomain.com
PDC     srv01.mydomain.com
RID pool manager     srv01.mydomain.com
Infrastructure master     srv01.mydomain.com
The command completed successfully.

Now, to change the FSMO owner one must change the settings in the Active Directory Users and Computers, Active Directory Domains and Trusts and Active Directory Schema. This operation would be best to be done on the new server to transfer to.

1. Open the Active Directory Users and Computers and right click on the domain name node, in my case mydomain.com and select Operations Master. Make sure that the entry is the old server on the top dialog box and the new server on the bottom dialog box. Click on the Change button. Switch to the PDC tab and Instrastructure and do the the same operation.

2. Open theActive Directory Domains and Trusts. Right click on the root of the node and select Operations Master. Make sure that the entry is the old server on the top dialog box and the new server on the bottom dialog box. Click on the Change button.

3. Open a command prompt as Administrator and type regsvr32 schmmgmt.dll to register the schema DLL file. Open MMC.EXE and click on File/Add remove Snap-in. Now find the Active Directory Schema from the list. Click on Add and OK. Right-click on the Active Directory Schema node and select Change Active Directory Controller. Select the new server, in this case srv02.mydomain.com. Right-click on the Active Directory Schema node and select Operations Master. Make sure that the entry is the old server on the top dialog box and the new server on the bottom dialog box. Click on the Change button.

If you will run below command, Netdom /query FSMO, you will notice that the roles are now pointing to the new server i.e. srv02.mydomain.com.

 

 

 

Post Views: 30