Moving FSMO Roles from Windows Server 2008 R2 to Windows Server 2012 Domain Controller

In the previous blog we have learnt how to prepare Active Directory for Windows Server 2012 Domain Controller. Lets move the FSMO Roles and decommission the last 2008 domain controller from the network.

Before We Begin

The account with which we are going to perform this task should be a member of Enterprise Admins Group and Domain Admins Group. For testing purpose I have used the default Admin Account.

Lets Explore



DC Name : DC1 and DC2

Forest Functional Level : Windows Server 2008 R2

Domain Functional Level : Windows Server 2008 R2


Checking FSMO Role Owner.


Figure 1.1 : Netdom Query FSMO

DC1 is Windows Server 2008 R2 Server with all roles.

Lets login to Windows Server 2012 Active Directory and Move the Roles.

First lets move the Schema Master Role.


Figure 1.2 Registering Schema Mgmt.dll

By default this is not registered. We have to register by running the above above command. So that we can open Schema Master using MMC.


Figure 1.3 DLL Register succeeded.


Figure 1.4 : Add Active Directory Schema using MMC.

Right click Active Directory Schema and then select “Change Active Directory Domain Controller??? as shown above.


Figure 1.5 : Change Directory Server


Figure 1.6 : Select Operations Master


Figure 1.7 : Click change as shown above.


Figure 1.8 : Schema Role Transferred successfully.

Now lets move the Domain Name Master. To do that open Domain and Trust.


Figure 1.9 : Domains and Trust connected to DC2.

To connect to DC2 please follow 1.4 and 1.5 to change the directory server.


Figure 1.10 : Domain Naming Master changed.

Now lets open Active Directory Users and Computers to change the remaining three roles.


Figure 1.11 : ADUC connected to DC2.

To connect to DC2 please follow 1.4 and 1.5 to change the directory server.

Select Operations Masters


Figure 1.12 : Change all Roles from one location.

In figure 1.12 Change each roles by selecting the roles as shown above.

Since the roles are Flexible they can be moved back as and when required. We have used GUI option to move. This is possible only when both source and target DC is reachable. In case if the DC is crashed then we can perform seize by logging into any one available domain controller.

Finally lets run the command to check if all roles have been moved successfully.


Figure 1.13 : FSMO Roles moved.

In large network we have to ensure that we have planned for such movement.

Happy Learning


MSEXCHANGETEAM | Ideas That Clicks

Like this post? Please share to your friends:
Comments: 5
  1. Clyde Harrison

    Pretty straight forward. I completed without too much further research and all role got transferred properly.

    Thanks a million!!


  2. ravi

    Dear friend i have DC1 and DC2 server in Dc1, 4 group policy and Dc2 1 group policy i have after some time my DC1 get down , i want to run all 5 group policy in DC2. how we can we do, i want to know , i want to install a fresh installation or same run a group policy Dc2

  3. Sunder


    Group policy gets replicated across all DC’s. You can check this in Sysvol folders. The only problem is your DC1 should not be kept offline for long period of time.

  4. Sunder

    Yes, Nothing has changed.

  5. Shyam

    seems the same steps are der for windows 2k3 ..

Leave a Reply