Before thinking of transferring FSMO (Flexible Single Master Operation) roles we have to identify the roles which we are going to transfer. There are 5 roles and these are Schema, Domain Naming, RID master, PDC Emulator, Infrastructure master. I will explain these roles in more details in another article but here just concentrating on transferring these roles to new DC. First action will be to login with a user account which is member of Schema, Enterprise and Domain Admins security Groups. Let us now start the FSMO role transfer from our windows server 2003 to windows server 2008.
1.Log in using an admin account which is member of above mentioned security group.
2.Open ADUC snap-in
3.Ensure new DC is checked as Global Catalogue.
4.If you are not connected to target DC then right click your domain (e.g. gotzutest.local) and click connect to domain controller. Select the New DC in the wizard and click OK.
5.In ADUC snap-in right click your domain 9e.g. gotzutest.local) and click Operation master > properties.
6.On properties windows Click RID and click Change. This will appraise that Role transferred successfully.
7.Perform same steps for PDC and Infrastructure master. With this we successfully transferred RID, PDC and infrastructure master roles to new DC.
8.To transfer Domain naming master role, open Active director domains and trusts. Right click ADDT and select connect to DC. Once connected successfully, again right click ADDT and select Operation Master. Here click change and Domain naming role will be transferred to new DC.
9.The final step is to transfer Schema master Role.
10.To start with this step first register the shcmmgmt.dll by <regsvr32 schmmgmt.dll>
11.Open MMC and add Active Director Schema snap-in.
12.Right click Active Directory Schema icon and click Change Domain Controller. Select or type the target domain controller.
13.Again right click Active Directory Schema icon and select Operation Master. Click change to transfer the role to new DC.
14.We successfully transferred all five FSMO roles to new DC using GUI interface as per above steps 1 thru 13. Below is the method to transfer roles using ntdsutil utility using CLI.
15.Login to any of your DC with user has required permissions as discussed in the beginning.
16.Please note if you are not very comfortable using CLI then stick yourself to GUI because using CLI incorrectly might land you in serious trouble.
Get 100gb of Web Hosting Space just for $1.99 per month
17.Open command prompt and type ntdsutil
18.At the new prompt type roles and press enter.
19.Type connections and press enter
20.Type name of the server from which you are transferring the roles and press enter.
21.Type q and press enter
22.Type roles and keep pressing enter. For example to transfer PDC the command will be transfer PDC, transfer RID master, transfer infrastructure master, transfer domain naming master, transfer schema master and keep pressing enter after each role.
23.Press q to quite ntdsutil and restart the server.