Here are the steps to transfer FSMO roles:
Transferring FSMO Roles using GUI (Active Directory Users and Computers):Open Active Directory Users and Computers:
- Click on the Windows icon, search for "Active Directory Users and Computers," and open it.
Connect to the Domain Controller:
- Right-click on the domain and select "Connect to Domain Controller."
- Choose the domain controller to which you want to transfer the roles.
Transfer RID, PDC Emulator, and Infrastructure Master Roles:
- Right-click on the domain and select "Operations Masters."
- In the "Operations Masters" dialog box, go to the "RID" tab and click the "Change" button to transfer the RID Master role.
- Go to the "PDC" tab and click the "Change" button to transfer the PDC Emulator role.
- Go to the "Infrastructure" tab and click the "Change" button to transfer the Infrastructure Master role.
Transferring Schema Master and Domain Naming Master Roles:
- Open the "Active Directory Schema" snap-in (requires additional steps to install).
- Right-click on the "Active Directory Schema" node and select "Operations Masters."
- In the "Operations Masters" dialog box, you can transfer both the Schema Master and Domain Naming Master roles.
Transferring FSMO Roles using PowerShell:You can use PowerShell cmdlets to transfer FSMO roles. Open PowerShell with administrative privileges and use the following cmdlets:
# Transfer RID Master
Move-ADDirectoryServerOperationMasterRole -Identity <NewDC> -OperationMasterRole RIDMaster# Transfer PDC Emulator
Move-ADDirectoryServerOperationMasterRole -Identity <NewDC> -OperationMasterRole PDCEmulator# Transfer Infrastructure Master
Move-ADDirectoryServerOperationMasterRole -Identity <NewDC> -OperationMasterRole InfrastructureMaster# Transfer Schema Master
Move-ADDirectoryServerOperationMasterRole -Identity <NewDC> -OperationMasterRole SchemaMaster# Transfer Domain Naming Master
Move-ADDirectoryServerOperationMasterRole -Identity <NewDC> -OperationMasterRole DomainNamingMasterRemember to replace
<NewDC> with the name of the domain controller you're transferring the role to.
Note:
- After transferring a role, it's a good practice to wait for some time and verify that the change has been replicated across all domain controllers.
- Ensure that the target domain controller is reachable and functioning properly before initiating the transfer.
- If you're decommissioning a domain controller, remember to gracefully demote it after the role transfer. Use the dcpromo command to initiate the demotion process.