In this post, we describe how we easily transfer FSMO roles using the graphical user interface. All 5 Active Directory FSMO roles are covered. For more information on FSMO roles see https://support.microsoft.com/en-ca/help/197132/active-directory-fsmo-roles-in-windows.
First, a couple of prerequisites before we can transfer FSMO roles:
- Your machine must have Remote Server Administration Tools (RSAT) installed. Alternatively, you can perform the steps on any domain controller.
- The Active Directory Schema snap-in must be available on your machine. To register its dll, open command prompt and run regsvr32 schmmgmt.dll.
Best Practices for dividing up FSMO holders:
Place the following FSMO roles on one domain controller:
- PDC
- RID Pool Manager
- Infrastructure Master
Place the following FSMO roles on another domain controller:
- Schema Master
- Domain Naming Master
How to Transfer FSMO Roles using GUI
1. Open the MMC console. To open the MMC console, click Start, type mmc.exe and press enter.
2. In the MMC console, click File and then select Add/Remove Snap-in (or just press Ctrl+M).
a. Select Active Directory Domains and Trusts and click Add.
b. Select Active Directory Schema and click Add.
c. Select Active Directory Users and Computers and click Add.
3. At this point we should have all 3 snap-ins in the Selected snap-ins window on the right. Once verified click OK.
4. The PDC, RID pool manager and Infrastructure master roles are changed via Active Directory Users and Computers.
a. Right-click the Active Directory Users and Computers snap-in and select Change Active Domain Controller.
b. Select the domain controller you want to change the FSMO role(s) to and click OK. In this example we select dc1 to change the FSMO role(s) to dc1.
c. Right-click the Active Directory Users and Computers snap-in and select Operations Master.
d. Select an appropriate FSMO role tab and click Change. You can select from RID, PDC, and Infrastructure.
e. Click Yes.
f. Click OK.
5. The Domain naming master role can be transferred via Active Directory Domains and Trusts whereas the Schema master role can be transferred via Active Directory Schema. Use the following procedure to change either of these FSMO roles.
Note: if the Active Directory Schema snap-in is not available, run regsvr32 schmmgmt.dll via command prompt to register its dll and then try adding it again.
a. Right-click the snap-in and then select Change Active Directory Domain Controller.
c. Select the domain controller you want to change the FSMO role to and click OK. In this example we select dc1 to change the FSMO roles to dc1.
d. Right-click the snap-in and select Operations Master.
e. Click Change to transfer the role from the current FSMO role holder to the new one.
f. Select Yes to confirm.
g. Click OK.
6. Launch a command prompt and verify the results using the command netdom /query fsmo.