In the previous article we explained how to add the first Windows Server 2012 R2 domain controller in existing Windows Server 2003 environment. That procedure didn’t consider the transfer of the FSMO roles: Schema master, Domain naming master, RID master, PDC emulator and Infrastructure master. For the meaning of each one of these roles, check this knowledge base article. I believe that most system administrators are already familiar with these things.
Before demoting the old Windows Server 2003 domain controller, it is very important to transfer these FSMO roles to the new domain controller running on Windows Server 2012. You must not demote a Windows Server 2003 DC who holds a FSMO roles until you transfer all of them to the new DC.
Transfer FSMO roles using GUI
Here is a very good guide regarding the transferring FSMO roles, provided by Canadian IT Pro community. It is well written and strict to the point. It worked well in my case without any problems. I just skipped the last part “Removing the Windows Server 2003 from the Global Catalog Server” because I still want both of them to run in parallel and make sure that everything run smoothly.
Important notice: make sure you perform all the procedures by using an account that is member of Enterprise Admins group. Also, you should run Command Prompt as Administrator (Right-click Command prompt, and then click Run as administrator). This is very important, especially when installing the Active Directory Schema Snap-In – this is the part when you transfer the Schema Master role from the old 2003 DC to the new 2012 DC.
General recommendation before you start with transferring FSMO roles is to examine who currently holds the FSMO roles. You can achieve that by opening Command Prompt and executing this command:
netdom query fsmo
Also, executing the dcdiag command against both domain controllers is a good practice to prove that your DC’s are healthy and functioning.
After you are done with the entire procedure, start again the CMD and execute the netdom query fsmo command to make sure that new Windows Server 2012 DC is current holder of all 5 FSMO roles.
Transfer FSMO roles using the Command Line or Power Shell
Lot of SysAdmins prefer command line for doing administrative tasks, because it provides simplicity and reduces the required administrative time. You can transfer FSMO roles using the command line the same way as you do that using the GUI. The command line tool used for this purpose is called ntdsutil.
I would suggest one article where the process of transffering FSMO roles using the command line is well explained. Take into consideration that transferring the FSMO roles doesn’t work always, especially if your domain controller which holds any of that roles is corrupted. In that case, the last possible way to make another DC a FSMO holder is seizing FSMO roles (use this option cautiously).