Monday, July 23, 2012

How to Transfer FSMO Roles in Windows Server 2008 R2



There are a number of reasons why an administrator would want to change the placement of Flexible Single Master Operations (FSMO) roles. Arguably, the most common reason is due to an upgrade or replacement of domain controller hardware. The procedure for transferring FSMO roles in Windows Server 2008 R2 is similar to how it is done in other versions of Windows Server. Let’s check it out.

Register schmmgmt.dll

Registering the schmmgmt DLL in is required in order to add the Active Directory Schema snap-in to the Microsoft Management Console. This can be done in the Windows Run dialog box in other versions of Windows Server. In Windows Server 2008 it is necessary to either disable UAC or execute the command from the command prompt as detailed below.

Click Start, All Programs, Accessories, right click on Command Prompt and select Run as administrator.
  

Type regsvr32 schmmgmt.dll at the command prompt and press the enter key.


Click OK on the confirmation message.


Now that the DLL is registered the Active Directory Schema snap-in can be added to the management console.


Transfer the Schema Master Role with MMC

Click Start, Run, type mmc in the run box, and press the enter key to launch the Microsoft Management Console (MMC)


If a UAC prompt pops up, click Yes.


Click File on the MMC file menu and select Add/Remove Snap-In.


Highlight Active Directory Schema, click the Add button, and click OK


Right click Active Directory Schema and select Change Active Directory Domain Controller.


Select the domain controller you wish to transfer the Schema Master role to from the list and click OK.


If the domain controller you selected is not the schema operations master, you'll receive the following message. Click OK.


In the management console, right click Active Directory Schema and select Operations Master.


Click Change to transfer the Schema Master role.


Click Yes to confirm the change.


Click OK to acknowledge that the role has been transferred.


Close the Change Schema Master dialog box and close the management console. Save the console settings or not. It does not matter.


Transfer the Domain Naming Master Role with Active Directory Domains and Trusts

Click Start, Administrative Tools, Active Directory Domains and Trusts.


Right click Active Directory Domains and Trusts and select Change Active Directory Domain Controller.


Select the domain controller you wish to transfer the Domain Naming Master role to from the list and click OK. In the management console, right click Active Directory Domains and Trusts and select Operations Master.



Click Change and click Yes to confirm the change.


Click OK to acknowledge that the role was transferred, and close the Operations Master dialog box.


Close Active Directory Domains and Trusts.


Transfer the PDC Emulator, Infrastructure Master, and RID Master Roles with Active Directory Users and Computers

Click Start, Administrative Tools, Active Directory Users and Computers.


Right click Active Directory Users and Computers and select Change Domain Controller.


Select the domain controller you wish to transfer the PDC Emulator, Infrastructure Master, and RID Master roles to from the list and click OK In the management console, right click Active Directory Users and Computers, select All Tasks, and Operations Masters


Click Change and Yes to confirm the change.


Click OK to acknowledge that the role was transferred.


Repeat these steps for the PDC and Infrastructure masters. If you wish to transfer these three roles to different domain controllers, you'll have to go back to the change domain controller dialog for each server.


Conclusion

At this point all FSMO roles should be transferred to the domain controllers of your choosing. There are some best practices for what FSMO roles should be on which domain controllers. See the attached links for details.


Links: FSMO placement and optimization

14 comments: