The musings of an IT Consultant

Jun 24 2008   2:12PM GMT

FSMO Roles in Active Directory

Raj Perumal Raj Perumal Profile: Raj Perumal

It is important to note that when removing an old domain controller from the environment that holds the FSMO roles and bringing in a new DC, that you transfer the FSMO roles. Unfortunately I have run into many a person who haven’t even heard of them before. The FSMO roles are the 5 major roles in Active Directory that need to be hosted by an Active Directory domain controller. It is very important that you transfer these roles during this process otherwise Active Directory functionality will cease to function.

I have seen many a network administrator think they have somehow botched their Active Directory installation of a new DC and then started fresh because they didn’t know they had to transfer the FSMO roles.

If a domain controller dies on you (for example the hardware fails), and you don’t have a way to transfer the roles, than you can “seize” the roles using the same utility. This utility is called “NTDSUTIL” and is used to either transfer or seize roles in Active Directory. It is a command line utility you can use on a domain controller.

The five roles in question are:

  1. Domain naming master
  2. Infrastructure master
  3. Relative ID (RID) Master
  4. PDC Emulator
  5. Schema Master

You can read more about these roles here:

You can transfer them using the instructions here:

 Finally, understanding FSMO roles and how they affect Active Directory can help you to solve many an Active Directory related problem.


 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: