You can use the Ntdsutil.exe command-line tool to transfer and seize any operations master (also known as flexible single master operations or FSMO) role. You must use Ntdsutil.exe to seize the schema operations master, domain naming operations master, and relative ID (RID) operations master roles. When you use Ntdsutil.exe to seize an operations master role, the tool first attempts a transfer from the current role owner. If the current role owner is not available, the tool seizes the role.
When you use Ntdsutil.exe to seize an operations master role, the procedure is nearly identical for all roles. For more information about using Ntdsutil.exe, type ? at the ntdsutil: command prompt.
To seize an operations master role
- Open a Command Prompt as an administrator: On the Start menu, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
- At the command prompt, type
ntdsutil, and then press ENTER.
- At the
roles, and then press ENTER.
- At the
fsmo maintenance:prompt, type
connections, and then press ENTER.
- At the
server connections:prompt, type
connect to server
<servername>is the name of the domain controller that will assume the operations master role), and then press ENTER.
- After you receive confirmation of the connection, type
quit, and then press ENTER.
- Depending on the role that you want to seize, at the
fsmo maintenance:prompt, type the appropriate command, and then press ENTER.
Role Credentials Command Domain naming master Enterprise Admins Seize naming master Schema master Enterprise Admins Seize schema master Infrastructure master Domain Admins Seize infrastructure master Primary domain controller (PDC) emulator Domain Admins Seize pdc RID master Domain Admins Seize rid master
The system asks for confirmation. It then attempts to transfer the role. When the transfer fails, some error information appears and the system proceeds with the seizure of the role. After the seizure of the role is complete, a list of the roles and the Lightweight Directory Access Protocol (LDAP) name of the server that currently holds each role appears.
During seizure of the relative ID (RID) operations master role, the current role holder attempts to synchronize with its replication partners. If it cannot establish a connection with a replication partner during the seizure operation, it displays a warning and asks for confirmation that you want the seizure of the role to proceed. Click Yes to proceed.
quit, and then press ENTER. Type
quitagain, and then press ENTER to exit Ntdsutil.exe.