Share this page : facebooktwitterlinkedinmailfacebooktwitterlinkedinmail

How to Transfer FSMO Roles

To transfer FSMO roles via the Windows GUI, you will need access to the following three Active Directory snap-ins:

  • Active Directory Schema (Schema Master Role)
    Note: The snap-in is not enabled by default. Instructions provided below.
  • Active Directory Domains and Trusts (Domain Naming Master Role)
  • Active Directory Users and Computers (RID, PDC and Infrastructure Roles)

Enabling Active Directory Schema Snap-In

To enable the Active Directory Schema Snap-In, open up a command prompt and select Run as administrator.

In the command prompt, type in regsvr32 schmmgmt.dll.

A window will pop up displaying DllRegisterServer in schmmgmt.dll succeeded.

Regsvr32 schmmgmt.dll

Accessing Snap-ins and Microsoft Management Console

The easiest way to gain access to all three Active Directory Snap-ins is to go through the Microsoft Management Console. In most cases, I log onto the server which I want to house all the roles so the Snap-in’s will automatically connect to the local machine. To do this, type in mmc in the run command.

 

Once MMC has opened up, the “Active Directory Schema” Snap-ins can be added.

Note: the Active Directory Schema does not appear under administrative tools by default and must be accessed through MMC.

By default, the snap-in will authenticate to whatever server it has been opened from. If you are already on the new domain controller, see the screenshots below on where to right click to be able to modify the Operations Master via the GUI.

Otherwise, you will need to select Change Active Directory Domain Controller and type in the new domain controller. Then right click the Active directory Schema, or Active directory Domains and trusts, or Active directory users and computers,  point to All tasks , Operations masters… and then click change.

 

Although each Operations Master window displays different text, each one will show the “Current Operations Master” and will also display something similar to “To transfer the X master role to the targeted FSMO folder, click Change.  Once change has been clicked, a confirmation should appearing showing the “New Operations Master.”

Once the new Operations Master has been confirmed, the same process can be repeated for the other remaining four FSMO roles.

 

Powershell command

With powershell, you can move all these roles to one DC at a time, go to the server manager, click tools, choose Active Directory Module for Windows PowerShell.

 

Move-ADDirectoryServerOperationMasterRole -identity "dest_DC" -operationMasterRole 0,1,2,3,4