Labels

Wednesday, December 28, 2011

Transfer FSMO Roles


* Certain domain and enterprise-wide operations that are not good for multi-master updates are performed by a single domain controller in an Active Directory domain or forest. The domain controllers that are assigned to perform these unique operations are called operations masters or FSMO role holders.

5 FSMO Roles
  • Schema master - The Schema master role is forest-wide and there is one for each forest. This role is required to extend the schema of an Active Directory forest.
  • Domain naming master - This role is required to add or remove domains or application partitions to or from a forest.
  • RID master - This role is required to allocate the RID pool so that new or existing domain controllers can create user accounts, computer accounts or security groups.
  • PDC emulator - This role is required for the domain controller that sends database updates to Windows NT backup domain controllers. The domain controller that owns this role is also targeted by certain administration tools and updates to user account and computer account passwords.
  • Infrastructure master - The Infrastructure master role is domain-wide and there is one for each domain. This role is required for domain controllers to run the adprep /forestprep command successfully and to update SID attributes and distinguished name attributes for objects that are referenced across domains.

Transferring the Domain-Specific Roles: RID, PDC, and Infrastructure Master

  1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
  2. Right-click the icon next to Active Directory Users and Computers, and then click Connect to Domain Controller.NOTE: If you are not on the domain controller where you want to transfer the role ,you need to take this step. It is not necessary if you are connected to the domain controller whose role you want to transfer.
  3. Click the domain controller which will be the new role holder, and then click OK.
  4. Right-click Active Directory Users and Computers icon, and then click Operation Masters.
  5. In the Change Operations Master dialog box, click the appropriate tab (RID, PDC, or Infrastructure) for the role you want to transfer.
  6. Click Change in the Change Operations Master dialog box.
  7. Click OK to confirm that you want to transfer the role.
  8. Click OK.
  9. Click Cancel to close the dialog box.

http://support.microsoft.com/library/images/support/kbgraphics/public/en-us/uparrow.gifBack to the top

Transferring the Domain Naming Master role

  1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Domains and Trusts.
  2. Right-click the Active Directory Domains and Trusts icon, and then click Connect to Domain Controller.NOTE: If you are not on the domain controller where you want to transfer the role ,you need to take this step. It is not necessary if you are connected to the domain controller whose role you want to transfer.
  3. click the domain controller that will be the new role holder, and then click OK.
  4. Right-click Active Directory Domains and Trusts, and then click Operation Masters.
  5. In the Change Operations Master dialog box, click Change.
  6. Click OK to confirm that you want to transfer the role.
  7. Click OK.
  8. Click Cancel to close the dialog box.

http://support.microsoft.com/library/images/support/kbgraphics/public/en-us/uparrow.gifBack to the top

Transferring the Schema Master Role

You can use the Schema Master tool to transfer the role. However, the Schmmgmt.dll dynamic-link library must be registered in order to make the Schema tool available as an MMC snap-in.


Registering the Schema Tool

  1. Click Start, and then click Run.
  2. Type regsvr32 schmmgmt.dll, and then click OK. A message should be displayed stating that the registration was successful.


Transferring the Schema Master Role

  1. Click Start, click run, type mmc, and then click OK.
  2. On the Console, menu click Add/Remove Snap-in.
  3. Click Add.
  4. Click Active Directory Schema.
  5. Click Add.
  6. Click Close to close the Add Standalone Snap-in dialog box.
  7. Click OK to add the snap-in to the console.
  8. Right-click the Active Directory Schema icon, and then click Change Domain Controller.
NOTE: If you are not on the domain controller where you want to transfer the role ,you need to take this step. It is not necessary if you are connected to the domain controller whose role you want to transfer.
  1. Click Specify Domain Controller, type the name of the domain controller that will be the new role holder, and then click OK.
  2. Right-click Active Directory Schema, and then click Operation Masters.
  3. In the Change Schema Master dialog box, click Change.
  4. Click OK.
  5. Click OK .
  6. Click Cancel to close the dialog box.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)