<

Transferring Active Directory FSMO Roles to a Windows 2012 Domain Controller

Posted on
9,971 Points
2,371 Views
11 Endorsements
Last Modified:
Experience Level: Beginner
5:08
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controller.

Video Steps

1. Log onto the new domain controller with a user account that is a member of both the Enterprise and Schema Admins

2. Verify the systems where the FSMO roles currently reside by launching a command prompt. Type netdom query fsmo.

3. On the desktop, type Run to get the run command screen. The schema management DLL must be registered. Type: regsvr32 schmmgmt.dll and hit the enter key. Ensure the DLL is registered successfully.

4. On the desktop, type MMC and select the MMC console option. From the console, select File and Add\Remove Snap-In.

5. Select the Active Directory Schema and click the Add radio button, then click OK

6. In the console, highlight Active Directory Schema, right-click and select Change Active Directory Domain Controller. This is because by default, it connects to the existing Schema Master and there is not an option to transfer it.

7. Select the domain controller where the role will be transferred to and click OK

8. Click OK on the warning that you are no longer connected to the Schema Master

9. In the console, highlight Active Directory Schema, right-click and select Change Operations Master. This will show the current Schema Master and provides the options to change it to the one you are currently connected. Click the Change radio button to switch the server. Verify this is the desired task by clicking Yes.

10. Ensure the change is successful

11. To change the Domain Naming Master, go to Server Manager and select Tools, then select Active Directory Domains and Trusts from the list. On the console, highlight Active Directory Domains and Trusts, right-click and select Change Active Directory Domain Controller. Select the domain controller you would like to move the role to and click OK.

12. Highlight Active Directory Domains and Trusts again, right-click and select Change Operations Master. Review the current and new servers. Click the Change radio button to switch the server. Verify this is the desired task by clicking Yes.

13. The final three roles are transferred with the Active Directory Users and Computers tool, go to Server Manager and select Tools, then select Active Directory Users and Computers from the list. In the console, highlight Active Directory Users and Computers, right-click and select Change Domain Controller. Select the new domain controller and click OK. In the console, select the domain name and go to All Tasks, and select Operations Masters. Tabs for the final three roles appear. On the RID screen click the Change radio button. Confirm the change by clicking Yes, and ensure the role was transferred successfully.

14. Select the PDC tab, click the Change radio button. Confirm the change by clicking Yes, and ensure the role was transferred successfully.

15. Select the Infrastructure tab, click the Change radio button. Confirm the change by clicking Yes, and ensure the role was transferred successfully.

16. If the domain controller you are decommissioning is the last Global Catalog server, ensure that the new domain controller is also a Global Catalog server. Go to Server Manager and select Tools, then select Active Directory Sites and Services. Expand the site, expand servers, then highlight the new server. Select NTDS Settings in the right panel, right-click, and select Properties. Ensure the Global Catalog box is checked.

17. Verify that all of the roles have successfully been migrated from the command line by typing: netdom query fsmo All roles should now show being located on the Windows 2012 domain controller.

Simplify Active Directory Administration
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

11
Comment
3 Comments
 

Expert Comment

by:WAMSINC
Thanks
0
 
LVL 6

Expert Comment

by:Rakesh Kapoor
My two cents about FSMO roles and steps to transfer FSMO Roles and Seize FSMO Roles.
http://www.itingredients.com/what-is-fsmo-roles-flexible-single-master-operations/
0
 

Expert Comment

by:wmorrison
Perfect video to show how to transfer the roles and how easy it is! Thank you for this short tutorial.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Join & Write a Comment

Native ability to set a user account password via AD GPO was removed because the passwords can be easily decrypted by any authenticated user in the domain. Microsoft recommends LAPS as a replacement and I have written an article that does something …
One thing I've always found frustrating is no matter how many times one asks the end users to not save things on their local machines, they do it anyway.  Forget that we don't back up the desktops - only the servers.  Well, let's sneak their data on…

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month