You are here
Home > Windows Server > Transferring FSMO Roles via Ntdsutil

Transferring FSMO Roles via Ntdsutil

To transfer the FSMO roles from the Ntdsutil command:

Caution: Using the Ntdsutil utility incorrectly may result in partial or complete loss of Active Directory functionality.

1. On any domain controller, click Start, click Run, type Ntdsutil in the Open box, and then click OK.

2. Type roles, and then press ENTER.

Note: To see a list of available commands at any of the prompts in the Ntdsutil tool, type ?, and then press ENTER.

3. Type connections, and then press ENTER.

4. Type connect to server <servername>, where <servername> is the name of the server you want to use, and then press ENTER.

5. At the server connections: prompt, type q, and then press ENTER again

6. Type transfer <role>. where <role> is the role you want to transfer.

For example, to transfer the RID Master role, you would type transfer rid master:

Options are:

7. You will receive a warning window asking if you want to perform the transfer. Click on Yes.

8. After you transfer the roles, type q and press ENTER until you quit Ntdsutil.exe.

9. Restart the server and make sure you update your backup.

Note: All five roles need to be in the forest. If the first domain controller is out of the forest then seize all roles. Determine which roles are to be on which remaining domain controllers so that all five roles are not on only one server.

10. Repeat steps 6 and 7 until you've seized all the required FSMO roles.

11. After you seize or transfer the roles, type q, and then press ENTER until you quit the Ntdsutil tool.

Leave a Reply