Transferring FSMO (Flexible Single Master Operations) Roles
Full-Access Members Only
Sorry, this lesson is only available to Server Academy Full-Access members. Become a Full-Access member now and get instant access to this and many more premium courses. Click the button below and get instant access now.
Instructions
Q&A (0)
Notes (0)
Resources (0)
Saving Progress...
Resources
There are no resources for this lesson.
Notes can be saved and accessed anywhere in the course. They also double as bookmarks so you can quickly review important lesson material.
In this lecture you are going to learn how to transfer FSMO roles between Domain Controllers. Please keep in mind that if you are using your work environment or network - you should NOT transfer FSMO roles unless you have a specific reason to do so. Only practice transferring FSMO roles when you are using your own lab environment or the ServerAcademy.com online IT labs.
Let’s start by transferring the Schema Master FSMO role to SADC02. To get started, log in to DC02, click the start button and search for and launch “regsvr32 schmmgmt.dll”
Once you run that command you should see the following popup:
This allows us to add the Active Directory Schema snapin to the MMC console. Next click Start and launch MMC:
Select File > Add/Remove Snap-in...
Next add the Active Directory Schema and click OK:
Right-click Active Directory Schema and select Change Active Directory Domain Controller:
To change the Schema Master to DC02, you can click Change.
Go ahead and close the window. Now click Tools > Active Directory Users and Computers:
Right-click your domain and select Operation Masters:
Here we can transfer the RID, PDC and Infrastructure roles:
If you need to move the role to another domain controller, go ahead and do that now. Next click Close to close the window then close Active Directory.
The last role is the Domain Naming Master. To change this, from Server Manager, select Tools > Active Directory Domains and Trusts.
Right click Active Directory Domains and Trusts > Operations Master:
If you want to change the Domain Naming Master click the Change button. Otherwise click Close.
Server Academy Members Only
Sorry, this lesson is only available to Server Academy Full Access members. Become a Full-Access Member now and you’ll get instant access to all of our courses.
Role transfer via Powershell is way faster and easier. Replace SDAC02 with the name of the destination server.
Unfortunately after I paid the lessons started to be bad. Too fast there is not enough explanation. You give a lot of important information as a side note. That’s course it’s not for beginners. What is FSMO exactly? the previous lesson doesn’t give a good explanation about FSMO as well. I thought you gonna explain more about it here. If we shouldn’t transfer it, why to learn it in the first place?!
When do we need FSMO?
“This allows us to add the Active Directory Schema snapin to the MMC console” what should I understand from that what is MMC console? too bad dear.
Is there anyway to cancel the membership and get my money back?
Thanks
Hi
Zein Saker
Thank you for reaching out to us and taking the time to share your concerns. I apologize if the lessons have not met your expectations and if you feel they are too fast with an insufficient explanation. Our goal is to provide high-quality education and I’m sorry that we have fallen short in your case.
Regarding your request for a refund, please email support@serveracademy.com so we can process your request.
Again, I apologize for the inconvenience and frustration caused by the issues you have encountered.
Ricardo
Ricardo
I agree Zeins. I initially enjoyed this course and it seemed a well structured system to build knowledge. However, what are FSMOs !! The jump in levels is really poor. Was going well to this point and now I’m thinking WHAT IS GOING ON
We understand that it can be overwhelming when the course introduces new and complex topics like FSMOs, especially if the students feel the transition isn’t smooth. Let me take a moment to make things clearer:
The introduction of a secondary domain controller to the domain allows certain redundancy of these critical roles and services. We’ve touched on what these roles do in the previous lesson. The goal now is to move one of these roles to the new server. This isn’t just a one-time thing – you can move all the FSMO roles if needed, which is especially useful if one of your domain controllers goes offline, but we are explaining and doing one here. Having other servers ready with these roles means we don’t lose critical functionality. The use case for each FSMO role can vary depending of the environment and can be complicated explaining these reasons, so we explain only one.
Now, recovering these roles if something goes wrong is a complicated process. We haven’t gone into all the details because it’s quite advanced and could be a whole course by itself so we stop here with the basics and jump to a different topic like backups.
It’s just that FSMOs were thrown straight at us. No explanation about what they are or what they do. It’s advanced like you say but to not even try to explain their purpose in a basic way is pretty poor at this stage of learning
Thank you for your feedback, we’ll make sure to send your comments to Paul for the review of the material.
if we only need to transfer RID,PDC, or infrastructure, im assuming the only part that is needed prior is to register via the command?
Hi
Beno Tsintsadze
Exactly, register via the command, and you move only the roles you need to move.
Ricardo
I was a little confused about Transferring FSMO but after rewatching the video, I now understand it and can complete the final assessment.
I was curious to know more about transferring FSMO, so I asked ChatGPT and here is the response:
Provide some reasons why a System Administrator will want to transfer Flexible Single Master Operations (FSMO) roles in Windows Server
A System Administrator may want to transfer Flexible Single Master Operations (FSMO) roles in Windows Server for several reasons:
1. Hardware or server replacement: When a server hosting FSMO roles needs to be decommissioned or replaced due to hardware failure or upgrade, the roles must be transferred to another server to ensure continuous operations.
2. Load balancing: Transferring FSMO roles allows for better load distribution across multiple servers. By distributing the roles among several servers, the administrator can ensure that no single server becomes overwhelmed with the workload.
3. Performance optimization: If a server holding FSMO roles is experiencing performance issues or becoming a bottleneck in the network, transferring the roles to a more capable server can help improve overall system performance and responsiveness.
4. Administrative separation: In some cases, organizations may have separate administrative units responsible for different aspects of the Active Directory infrastructure. Transferring FSMO roles to different servers can align with administrative boundaries, allowing different teams to manage their respective roles independently.
5. High availability and fault tolerance: By transferring FSMO roles to multiple servers, administrators can ensure high availability and fault tolerance. If one server fails, the remaining servers can take over the roles, minimizing downtime and maintaining the integrity of the Active Directory.
6. Disaster recovery: As part of disaster recovery planning, transferring FSMO roles to alternate servers can be crucial. In the event of a catastrophic failure or a site-wide outage, having the roles already replicated to other servers ensures the ability to quickly restore operations.
7. Decommissioning or retiring a domain controller: When a domain controller is no longer needed or is being retired, transferring its FSMO roles to other domain controllers ensures the smooth continuation of Active Directory operations without any disruption.
8. Maintenance and upgrades: During maintenance activities or server upgrades, transferring FSMO roles to a temporary server can ensure that critical operations can continue without interruption. Once the maintenance is complete, the roles can be transferred back to the original server or redistributed as needed.
9. Active Directory restructuring: If an organization undergoes significant changes, such as mergers, acquisitions, or reorganizations, transferring FSMO roles may be necessary to align with the new structure and administrative requirements.
10. Compliance and security considerations: In certain industries or organizations with strict compliance or security requirements, transferring FSMO roles may be part of regular security audits or compliance initiatives to ensure proper access controls and separation of duties.
It is important to plan and execute FSMO role transfers carefully, following best practices and guidelines provided by Microsoft, to ensure a smooth transition and minimize any potential disruptions.
Each time i click operation master i keep receiving Erro that my current schema master is offline
Hi
Richard Ogudugu,
Can you provide the steps you are doing which give you the error?
So far the domains need to be on to perform the actions. Is it online or on local labs?
Ricardo
This course is very confusing. The explanation is very misleading. I find it difficult to lean and understanding. The static IP address you in one of the illustrations is difference with question. I need my refund.
Hi
Richard Ogudugu,
I understand your frustration while learning with the course. There might be slight differences but the concepts should be the same. This was an important course we added before server academy videos. These differences are not different from real-life scenarios where we need to comprehend and understand different environments.
We understand and you can contact support@serveracademy.com for more information regarding your refund.
Ricardo
Why does SADC02 keep showing Unavailable im really new to AD and followed the videos as I did the lab and can not transfer the FSMO Roles because SADC02 is Unavailable not sure what I did wrong
Hi
Kody Anderson
I was doing it in the Lab: Adding a Second Domain Controller and saw the same issue on SADC01 (Status Unavailable).
The first time I though it was because I was on the same server and the Change Directory Server window was showing the Status Unavailable because you cannot transfer to yourself (as SADC01), in you case SADC02. I started troubleshooting and did a ping sadc01.ad.serveracademy.com and a nslookup sadc01.ad.serveracademy.com (this took two tries, the first one expired when doing the request of nslookup). I was making sure network and domain resolution were OK before doing the FSMO role transfer. Since I know sometimes these are Microsoft issues, I rebooted the two servers. I went back to SADC01 and did the same and this time I saw it Online in the Status column.
I see that you are not able to transfer the role. You can open a PowerShell window and type netdom query fsmo to check which server holds the role.
You Right-click Active Directory Schema and select Change Active Directory Domain Controller if you want to connect to the server that will hold the FSMO role. Doing this changes the mmc console to that server (note the title of the window).
Then you Right-click Active Directory Schema and select Operations Master… clicking Change button change the role.
Can you can try that.