fsmo transfer process

8/6/2019 FSMO Transfer Process

1/17

FSMO Transfer Process 2003 SERVER(Flexible Single Master Operations)

The Five FSMO Roles

There are just five operations where the usual multiple master model breaksdown, and the Active Directory task must only be carried out on one DomainController. FSMO roles:

1. PDC Emulator - Most famous for backwards compatibility with NT4.0 BDC's. However, there are two other FSMO roles whichoperate even in Windows 2003 Native Domains, synchronizing theW32Time service and creating group policies. I admit that it isconfusing that these two jobs have little to do with PDCs andBDCs.

2. RID Master- Each object must have a globally unique number(GUID). The RID master makes sure each domain controller issuesunique numbers when you create objects such as users or

computers. For example DC one is given RIDs 1-4999 and DC two

is given RIDs 5000 - 9999.

3. Infrastructure Master- Responsible for checking objects in otherother domains. Universal group membership is the most importantexample. To me, it seems as though the operating system isparanoid that, a) You are a member of a Universal Group inanother domain and b) that group has been assigned Denypermissions. So if the Infrastructure master could not check yourUniversal Groups there could be a security breach.

4. Domain Naming Master- Ensures that each child domain has aunique name. How often do child domains get added to theforest? Not very often I suggest, so the fact that this is a FSMOdoes not impact on normal domain activity. My point is it's worththe price to confine joining and leaving the domain operations toone machine, and save the tiny risk of getting duplicate names ororphaned domains.

5. Schema Master- Operations that involve expanding userproperties e.g. Exchange 2003 / forestprep which adds mailboxproperties to users. Rather like the Domain naming master,changing the schema is a rare event. However if you have a teamof Schema Administrators all experimenting with object properties,you would not want there to be a mistake which crippled yourforest. So its a case of Microsoft know best, the Schema Mastershould be a Single Master Operation and thus a FSMO role.


2/17


3/17

Go to Run CommandType CMD and Press Enter

Type NTDSUTIL and Press Enter

(Type ? Mark for Help)


4/17

Type ROLES and Press Enter

Type ? Mark for Help


5/17

Type CONNECTIONS and Press Enter



6/17

Type CONECT TO SERVERSERVERNAME(New Server name where to transfer)and Press Enter


7/17

Type QUIT and Press Enter



8/17

Type TRANSFER PDC and Press Enter and Click YES (1)Type ? Mark for Help


9/17

Type TRANSFER RID MASTERand Press Enter and Click YES (2)



10/17

Type TRANSFER INFRASTRUCTURE MASTERand Press Enter and Click YES (3)



11/17

Type TRANSFER DOMAIN NAMING MASTERand Press Enter and Click YES (4)



12/17

Type TRANSFER SCHEMA MASTERand Press Enter and Click Yes (5)


13/17

Type QUIT Press Enter

Type QUIT Press Enter


14/17

Now Go to Start

ClickPrograms and ClickAdministrative ToolsClickActive Directory Sites and Services

ClickSites and ClickDefault-first-site ClickServers and ClickOLDSERVER

Right ClickNTDS SETTINGS go to PropertiesUncheck GLOBAL CATALOG and Click Apply and Click Ok


15/17

Go to New SERVERNow Go to Start

ClickPrograms and ClickAdministrative ToolsClickActive Directory Sites and Services

ClickSites and ClickDefault-first-site ClickServers and ClickNEWSERVER

Right ClickNTDS SETTINGS go to Properties


16/17

Check GLOBAL CATALOG and Click Apply and Click Ok

Insert 2003 CD to New Server Install SUPPORT TOOLS

Click Programs and Click Windows Support Tools ClickCommand Prompt

TypeNETDOM QUERY FSMO Press Enter

Conform FSMO 5 Roles are Running in NEWSERVER

Then Shut down The OLDSERVER AND Conform in client side

This is the Method


17/17

fsmo transfer process

Documents