Server 2012 – View and moving FSMO roles using mostly GUI.
In this LAB, we have 2 Domain Controllers, and want to change where the FSMO roles and GC resides. In this case, we are migrating from Server 2008r2 to a Server 2012 DC and want to decommison our 2008r2 server.
- View the current FSMO roles placements
- Transferring the Schema Master Role
- Registering the Schema Tool
- Change Schema Master FSMO role
- Change the RID, PDC and Infrastructure FSMO Roles
- Change Domain Naming Master FSMO role
- Changing Global Catalog Server
- Move all FSMO roles using Powershell in one step
- If you have an Exchange Server in your domain
View the current FSMO roles placements:
Open Powershell and type in: “netdom Query fsmo”
We also want to see where our Global Catalog resides:
Open Powershell and type in: “Get-Adforest | FL GlobalCatalogs”. Here we can see that GC is residing on both our DCs, which is best practice.
Lets get started.
Transferring the Schema Master Role
You can use the Schema Master tool to transfer the role. However, the Schmmgmt.dll dynamic-link library must be registered in order to make the Schema tool available as an MMC snap-in.
Registering the Schema Tool
- Use Powershell or open a CMD
- Type “regsvr32 schmmgmt.dll”, and then click OK.
A message should be displayed stating that the registration was successful.
Change Schema Master FSMO role.:
- Open MMC – file – add/remove snapin
- Notice the new “Active Directory Schema” plugin you can choose.
Add “All 4 and click ok.
- Right-click the “Active Directory Schema” and click the “Change Active Direcotry Domain Controller…”. If this option is not available, first click the “Connect to Schema Operations Master”. If you make the change from the Source server, you do not have to do this.
- In the window that opens, select the server you want to be Schema master, and click ok. You will get a warning, but that only signify we need to complete the change.
To complete the change, rightlick the “Active Directory Schema” Again, and click the “Operations Master.
- As you can see, our 2012 server is not listed below the change button. To complete the change, hit “Change”, Yes, ok, and close.
- Running “netdom Query fsmo” in powershell, will show the change for Schema Master.
Change the RID, PDC and Infrastructure FSMO Roles
- Expand “Active Directory Users and Computers” and right-click the domain name and choose “Operations Masters…”
- As with the “Schema Master”, Press Change, Yes, OK and notice the change. Now do the same for PDC and Infracture.
Your 2012 server should now be listed as Operations Master for all three FSMO roles.
Change Domain Naming Master FSMO role
- Right-click the “Active Directory Domains and Trusts” and choose “Operations Master.
Click change, Yes and ok. Notice the change on Domain Naming opretaions master, and hit close.
Changing Global Catalog Server.
- Since we are decommisioning our 2008r2 server, we are also going to remove the GC role from that one. We can do this from our 2012 server as well.
- Expand “Active Directory Sites and Services” all the way Down to Servers and [servername]. Right-click “NTDS Settings” under the server and remove the tick next to Global Catalog.
Not strictly necessary, but restart both servers to make sure the changes has taken effect.
Move all FSMO roles using Powershell in one step:
In order to move the FSMO roles using Powershell, you first have to import the Active Directory module:
Start Powershell and type/run “ipmo ActiveDirectory”
Move-ADDirectoryServerOperationMasterRole -identity [target server] -OperationMasterRole [FSMO roles to move seperated by ,]
Move-ADDirectoryServerOperationMasterRole -Identity “DC2012” -OperationMasterRole RIDMaster,PDCEmulator, InfrastructureMaster, SchemaMaster, DomainNamingMaster
If you have an Exchange Server in your domain:
Make sure it has found your new FSMO setup after restart.
View in Server Configuration – Hub Transport – Properties on your Exchange Server – System Settings.
These settings are Automatic as default, except if you instaleld your Exchange on a Global Catalog Server, which is not supported by Microsoft after Exchange 2007.