[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


Active Directory Schema Master FSMO Role Question

Posted on 2008-09-30
Medium Priority
Last Modified: 2013-12-05
Here's the situation...
Background Info:
- We have an Active Directory Forest that is operating at the Windows 2000 functional level.
- The Forest Root Domain, DOMAIN1.COM, is operating at the Windows 2000 mixed functional level.
- DOMAIN2.COM, is part of the same forest, and is operation at the Windows 2000 native functional level.
- The trust between the domains is a Tree Root transitive trust.
- All the Domain Controllers of DOMAIN1.COM reside in SiteA, and all of the Domain Controllers of DOMAIN2.COM reside in SiteB which are linked.

- Because the administrators of DOMAIN2.COM are migrating to Exchange Server 2007, they require the Schema Master FSMO role to reside on a domain controller that is running Windows Server 2003 SP1.

- Currently, the Schema Master FSMO role resides on a Domain Controller in the DOMAIN1.COM domain which happens to be a Windows 2000 Server.
- Currently, there are no Windows 2003 Server Domain Controllers in the DOMAIN1.COM domain.

- Is there any problem/issue with transferring the Schema Master FSMO role to a Domain Controller in DOMAIN2.COM (obviously running Windows Server 2003), even though DOMAIN1.COM is the Forest Root Domain?
- OR Is there any problem/issue with building a new Windows 2003 Server as a Domain Controller for DOMAIN1.COM in SiteB (Where there are all DOMAIN2.COM Domain Controllers and no DOMAIN1.COM Domain Controllers currently), and transferring the Schema Master FSMO role to that new Domain Controller?
- OR any better suggestions?

Thank you in advance for your help. Please let me know if I'm leaving anything out of the picture, or if you have any other questions.
Question by:magyarka
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 71

Accepted Solution

Chris Dent earned 2000 total points
ID: 22609855

> Is there any problem/issue with transferring the Schema Master FSMO role to a Domain
> Controller in DOMAIN2.COM (obviously running Windows Server 2003), even though DOMAIN1.COM
> is the Forest Root Domain?

That's fine, but remember the schema master is perhaps the most important of all your DCs.

> Is there any problem/issue with building a new Windows 2003 Server as a Domain
> Controller for DOMAIN1.COM in SiteB

I would prefer to keep the Schema master in the root domain, so I would personally prefer that. It's not really necessary though.

Incidentally, you need to raise your forest functional level to at least Windows 2000 as well, mixed mode is not high enough.


Author Comment

ID: 22615490

So, it sounds like you would recommend going with bringing up another DC on DOMAIN1.COM  in SiteB and transfering the Schema Master role to that. There would be no other "gotchas" with that? Why would the forest functional levle need to be at Windows 2000?

LVL 71

Expert Comment

by:Chris Dent
ID: 22615541

Personally, yes, I would rather that. I assume your root domain is moderately empty except for that? Otherwise there's no real problem moving the Schema master around like this.

For the functional level of the forest... It's in the list of requirements for installation of Exchange 2007 :)


Mixed mode is only going to be necessary if you have Windows NT Backup Domain Controllers operating on the network (on any of your domains).

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why


Author Comment

ID: 22615781
Well, the root domain, DOMAIN1.COM, has many users, computers, etc. DOMAIN2.COM also has a fair amount of objects.

Thanks for pointing out the Forest Functional Level requirement!
LVL 71

Expert Comment

by:Chris Dent
ID: 22615801

Hmm then it probably makes little difference where you host the master role. As long as the system hosting it is reliable and frequently backed up.


Author Comment

ID: 22615976
Our forest functional level is already windows 2000. Is there actually a "windows 2000 server" forest functional level?
LVL 71

Expert Comment

by:Chris Dent
ID: 22616016

Might be 2000 Native, I can't check the list unfortunately, it removes the options once you pass it. Mine is running "Windows Server 2003" level and won't give me any options until I introduce DCs running 2008.


Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question