This article explains how to transfer Active directory FSMO roles to another domain controller within the domain network.
This tutorial use “ntdsutil.exe” command utility, the simplest way to transfer FSMO (Flexible Single Master Operation) roles between domain controllers. can follow this method in all the active directory environments like Windows server 2008, R2, windows server 2012, R2, windows server 2016 and windows server 2019 as well. you can transfer all the 5 FSMO roles using ntdsutil.exe command.
Determine which dc holds fsmo roles
open the command prompt with administrator rights, and run the command below to know which DC holds FSMO roles
netdom query fsmo
Here the command result shows the server “WIN2016DC1” is holding all the 5 FSMO roles.
Transfer FSMO roles to new DC
Use ntdsutil command to transfer FSMO roles to new domain controller.
C:\> ntdsutil //open ntds utility//
ntdsutil: roles //managing fsmo roles//
fsmo maintenance: connections //connect to the server which you want to transfer roles to, here I’m connecting to server WIN2019DC1. For transferring FSMO roles to WIN2019DC1 from WIN2016DC1//
server connections: connect to server WIN2019DC1
server connections: quit //exit from server connections//
fsmo maintenance: transfer PDC //Transfer PDC role ro WIN2019DC1//
Use the commands below for transfer FSMO roles in active directory in the same way as in the screenshot above.
- fsmo maintenance: transfer PDC
- fsmo maintenance: transfer RID master
- fsmo maintenance: transfer schema master
- fsmo maintenance: transfer infrastructure master
- fsmo maintenance: transfer naming master
After transferring roles, Check the FSMO role status using ‘netdom query fsmo’ command