There are 5 FSMO roles which are Schema Master, Domain Naming Master, Infrastructure Master, RID Master and PDC Emulator in Active Directory Forest. 2 of 5 FSMO roles are per Active Directory forest which are Schema Master and Domain Naming Master and the other FSMO roles are per domain. By default, these roles are in the first domain controller of the forest and the first domain controller of a domain. For some reasons, you may need to transfer these roles to other domain controllers.
Transfer Infrastructure Master, RID Master and PDC Emulator
These 3 FSMO roles can be transferred by Active Directory Users and Computers.
1. On a domain controller which is not the FSMO roles owner, log in as Domain Administrator.
2. Launch "Active Directory Users and Computers".
3. Right-click "<Domain Name>", select "Operations Masters".
4. Now, the RID master role owner is DC01. To change to another domain controller, click "Change".
5. On "Active Directory Domain Services" window, click "Yes".
6. Click "OK".
As a result, RID master role was transferred to another domain controller.
7. Select "PDC" tab.
8. Click "Change" to transfer the PDC Emulator role.
9. On "Active Directory Domain Services" window, click "Yes".
10. Click "OK".
As a result, PDC Emulator role was transferred to another domain controller.
11. Select "Infrastructure" tab.
12. Click "Change" to transfer the Infrastructure master role.
13. On "Active Directory Domain Services" window, click "Yes".
14. Click "OK".
As a result, Infrastructure master role was transferred to another domain controller.
15. Click "Close".
Transfer Domain Naming Master
1. On a domain controller which is not the FSMO role owner, log in as Domain Administrator.
2. Launch "Active Directory Domains and Trusts".
3. Right-click "Active Directory Domains and Trusts", select "Operations Master".
4. Now, the Domain Naming Master role owner is DC01. To change to another domain controller, click "Change".
5. On "Active Directory Domain and Trusts" window, click "Yes".
6. Click "OK".
As a result, Domain Naming Master role was transferred to another domain controller.
7. Click "Close".
Transfer Schema Master
1. On a domain controller which is not the FSMO role owner, log in as Domain Administrator.
2. Launch "Command Prompt" as Administrator.
3. Perform "regsvr32 schmmgmt.dll" to install "Active Directory Schema" snap-in.
4. Click "OK".
5. Perform "mmc".
6. On the menu of "Console1", click "File > Add/Remove Snap-in".
7. On "Add or Remove Snap-in" window, select "Active Directory Schema > Add".
8. Click "OK".
9. Right-click "Active Directory Schema", select "Change Active Directory Domain Controller".
By default, the console pointed to the owner of Schema Master so we can't transfer to role to other domain controller. To transfer the Schema Master role to other domain controllers, we need to select the domain controller first.
10. Select "This Domain Controller or AD LDS instance".
11. In my lab environment, I select "DC03".
12. Click "OK".
13. Click "OK".
14. Right-click "Active Directory Schema", select "Operations Master".
15. Now, the Schema Master role owner is DC01. To change to another domain controller, click "Change".
16. On "Active Directory Schema" window, click "Yes".
17. Click "OK".
As a result, Schema Master role was transferred to another domain controller.
18. Click "Close".
Reference:
This posting is provided “AS IS” with no warranties, and confers no rights!
No comments:
Post a Comment