DistributedNetworks DistributedNetworks


Physical Structure  «Prev 

Transferring and Seizing operations roles in Active Directory

Seize the Operations Master Role

You can use the Ntdsutil.exe command-line tool to transfer and seize any operations master (also known as flexible single master operations or FSMO) role. You must use Ntdsutil.exe to seize the schema operations master, domain naming operations master, and relative ID (RID) operations master roles. When you use Ntdsutil.exe to seize an operations master role, the tool first attempts a transfer from the current role owner. If the current role owner is not available, the tool seizes the role.
When you use Ntdsutil.exe to seize an operations master role, the procedure is nearly identical for all roles. There is a minor change in the command syntax for versions of Ntdsutil.exe that run on Windows Server 2008 and Windows Server 2008 R2, as noted in the following table. For more information about using Ntdsutil.exe, type ? at the ntdsutil: command prompt.
Membership in Domain Admins, or equivalent, is the minimum required to complete this procedure.

To seize an operations master role

  1. Open a Command Prompt as an administrator: On the Start menu, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
  2. At the command prompt, type ntdsutil, and then press ENTER.
  3. At the ntdsutil: prompt, type roles, and then press ENTER.
  4. At the fsmo maintenance: prompt, type connections, and then press ENTER.
  5. At the server connections: prompt, type connect to server <servername> (where <servername> is the name of the domain controller that will assume the operations master role), and then press ENTER.
  6. After you receive confirmation of the connection, type quit, and then press ENTER.
  7. Depending on the role that you want to seize, at the fsmo maintenance: prompt, type the appropriate command, and then press ENTER.

1) To transfer a single master operations role, first open the appropriate tool according to the table above.

2) In the console tree, right click the domain controller that will be the new operations master, then click Connect to domain.

3)Type the domain name or click Browse and select the domain from the list

4) In the console tree, right click Users and Computers, Domains and Trusts, or Schema, as appropriate, then click Operations Master

5) If you are using Users and Computers, select the tab for the single master operations role you want to transfer, then click Change

6) If you are using Domains and Trusts or Schema, click Change

7) Now, to seize a single master operations role, begin by opening a command prompt and type ntdsutil

8) At the ntdsutil prompt, type roles

9) At the fsmo maintenance prompt, type connections.

10) At the server connections prompt, type connect to server, followed by the fully qualified domain name of the server that will seize the single master operations role

11) At the server connections prompt, type quit.

12) At the fsmo maintenance prompt, type one of the following commands:

13) Seize domain naming master.

14) Seize schema master

15) Seize RID master

16) Seize PDC

17) Seize infrastructure master

18) At the fsmo maintenance prompt, type quit.

19) At the ntdsutil prompt, type quit. This completes the process