asked on

Active Directory: cannot transfer Schema Master role

I'm working with Active Directory in what was a single-server 2008 R2 environment. I've added a 2012 R2 DC, and everything was fine up to that point. Now I want to demote the old 2008 R2 DC. DCPromo failed because one of the FSMO roles couldn't be transferred to the new server. So I used ntdsutil to transfer the roles manually. All of the roles except the Schema Master transferred over with no problems, but when I try to transfer the Schema Master role it complains that it can't contact the existing server. If I do a "netdom query fsmo", it reports the correct name of the old server as the Schema Master.

I've checked DNS settings on both servers, and they're both pointing to themselves as DNS server. The old server does have 2 NICs, but the second one is disabled.

I'd really like to transfer the role "properly" rather than seizing the role. What else can I look at, please?

ASKER CERTIFIED SOLUTION

vmagan

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

wakatashi

ASKER

Oh, that's just bizarre! I checked that I was a member of Schema Admins (I'm using the built-in Administrator account, which was indeed a member). Then I went to the Schema MMC and did it again with a view to getting a word-for-word error message out of it, and this time it worked! I didn't do anything differently - I tried it several times before and then tried with ntdsutil because I couldn't get that to work.

Anyway, the main thing is the the old server is now happily DCPromo-ing itself out of being a Domain Controller, and all is right with the world. Thanks very much for getting back to me!