Seize the Operations Master Role (FSMO Roles)
Seize the Operations Master Role (FSMO Roles)
Seize the Operations Master Role
Updated: March 4, 2010
Applies To: Windows Server 2008, Windows Server 2008 R2
You can use the Ntdsutil.exe command-line tool to transfer and seize any operations master (also known as flexible single master operations or FSMO) role. You must use Ntdsutil.exe to seize the schema operations master, domain naming operations master, and relative ID (RID) operations master roles. When you use Ntdsutil.exe to seize an operations master role, the tool first attempts a transfer from the current role owner. If the current role owner is not available, the tool seizes the role.
When you use Ntdsutil.exe to seize an operations master role, the procedure is nearly identical for all roles. There is a minor change in the command syntax for versions of Ntdsutil.exe that run on Windows Server 2008 and Windows Server 2008 R2, as noted in the following table. For more information about using Ntdsutil.exe, type ? at the ntdsutil: command prompt.
Membership in Domain Admins, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (http://go.microsoft.com/fwlink/?LinkId=83477).
- Open a Command Prompt as an administrator: On the Start menu, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
- At the command prompt, type
ntdsutil
, and then press ENTER. - At the
ntdsutil:
prompt, typeroles
, and then press ENTER. - At the
fsmo maintenance:
prompt, typeconnections
, and then press ENTER. - At the
server connections:
prompt, typeconnect to server
<servername>
(where<servername>
is the name of the domain controller that will assume the operations master role), and then press ENTER. - After you receive confirmation of the connection, type
quit
, and then press ENTER. - Depending on the role that you want to seize, at the
fsmo maintenance:
prompt, type the appropriate command, and then press ENTER.
Role Credentials Command Domain naming master Enterprise Admins For Windows Server 2003: Seize domain naming master For Windows Server 2008 and Windows Server 2008 R2: Seize naming master
Schema master Schema Admins Seize schema master Infrastructure master Domain Admins Seize infrastructure master Primary domain controller (PDC) emulator Domain Admins Seize pdc RID master Domain Admins Seize rid master The system asks for confirmation. It then attempts to transfer the role. When the transfer fails, some error information appears and the system proceeds with the seizure of the role. After the seizure of the role is complete, a list of the roles and the Lightweight Directory Access Protocol (LDAP) name of the server that currently holds each role appears.
During seizure of the relative ID (RID) operations master role, the current role holder attempts to synchronize with its replication partners. If it cannot establish a connection with a replication partner during the seizure operation, it displays a warning and asks for confirmation that you want the seizure of the role to proceed. Click Yes to proceed.
- Type
quit
, and then press ENTER. Typequit
again, and then press ENTER to exit Ntdsutil.exe.
SOURCE: http://technet.microsoft.com/en-us/library/cc816779(v=ws.10).aspx