Help moving FSMO roles, group policy, dns etc. from 2000 to 2003 server

I have a windows 2000 domain controller with several fsmo roles.  This server is going away soon.
It also functions as a file server.

How can I see what roles it has?

I also have a 2003 server standard domain controller which I would like to transfer these roles to.  
I would also like to make sure any group policy functions will be coming from the 2003 server rather than the 2000 server which will be going away soon.

Can anyone give me advice on how to transfer these functions properly, especially dns and dhcp?  


Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

See the FSMO's: netdom query fsmo

Transfer roles:

Also make sure your new DC is a Global Catalog.

Move DHCP:

DNS: If it's not AD integrated I recomend you to make it AD integrated. Intall DNS on the new server and it will replicate DNS when it becomes a DC.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Brian PiercePhotographerCommented:
DCHP and DNS are not FSMO roles, you have to move these AND the FSMO roles

Assuming that the 2003 machine is already a domain controller then you can install DNS. You can do this through Add/Remove Programs->Windows Components->Networking Services->DNS.  If you are using Active Directory Integrated DNS then DNS will be replicated from the other DC/DNS server automatically

Next make the new machine a global catalog server, go to Administrative Tools, Active Directory Sites and Services, Expand, Sites, Default first site and Servers. Right click on the new server and select properties and tick the Global Catalog checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)

Install DHCP on the new DC. You can do this through Add/Remove Programs->Windows Components->Networking Services->DHCP.

You will then need to remove any existiing DHCP server prior to authorising the new DHCP Server. When setting up the new DHCP server dont forget to set the default gateway (router) and DNS Servers. Talking of which all the clients (and the domain controllers themselves) need to have their Preferred DNS server set the new domain controller.

Both Domain Controllers by this point will have Active Directory, Global Catalog, DNS and the domain could function for a while at least should any one of them fail.

If you really want rid of the old DC (personall I'd leave it - its better to have multiple DCs),  then:-

Transfer all the FSMO roles to the new DC: See

Check that you have:-
Made the other DC a global catalog:
Installed DHCP on the new DC, set up the scope and authorise it. (If using DHCP)
Make sure that all clients use the new DC as their Preferred DNS server (either by static or DHCP options)

Power down to old DC and make sure that all is well, once satisfied power on the old DC again, then run DCPROMO for remove it's domain controller status. This is essential to avoid replication errors

If you want to remove the machine from the domain then you can do so one it's DC role has been removed
maureen99Author Commented:
Thanks for the links, very helpful


thanks, I greatly appreciate the detailed explaination.

I still have a couple of questions:

1) isn't there a command line tool that shows you the fsmo roles on each server?


2) do I have to do anything to make the 2003 server the the server that handles group policy?  One problem i have right now is our XP clients do not update group policy but our 2000 clients do and I thought this was because of old group policy admin templates on the 2000 server?

Thanks again,

Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

1. netdom is a command line tool that can show you the FSMO holders. ("netdom guery fsmo"). netdom is part of the Support Tools.

2. GPO's are located in the DC's SYSVOL folder that is replicated between every DC in the domain. There is nothing special you have to do other then make sure your replication is fine.

maureen99Author Commented:
The reason I ask about group policy is because right now our windows 2000 workstations update group policy but our XP machines do not do so consistently.  On the XP workstations, some policies apply and some do not.  I thought this was because the machine acting as the PDC is a windows 2000 server and the group policy admin templates are old.

Also, netdom query pdc shows our windows 2000 server as the pdc.  How can I transfer this role to the new domain controller?

thanks again,

I have never seen a GPO created on a Win2000 DC don't support XP machines. I suggest you download the GPMC and run a "Group Policy Result" to see what is happening (testing against a XP host).

Any Event log errors?


Transfer FSMO's:
maureen99Author Commented:
thanks very much for all the help, it has cleared up many of my questions!!

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.