locked
Transferring FSMO roles from 2003 SBS to 2012 R2 RRS feed

  • Question

  • I am in the final stages of a fairly drawn-out migration from SBS2003 to Exchange 2010 (soon to be 2013) and Windows Server 2012 R2. It took some time, but everything went fine all the way through raising the domain functional level, adding a new DC, migrating Exchange and removing Exchange 2003 from the SBS 2003. This was all done several weeks ago. I gave it plenty of time for everything to work (and me getting some other projects done) before I returned to finalize this.

    Now I am at the final step: transferring the five FSMO roles from the 2003 SBS server to the 2012 R2 DC before I finally shut down the SBS2003 box for good.

    Being very careful, I am previewing each element:

    • Active Directory Users & Computers → Right-click Domain, then click Operations Masters. On each tab (RID, PDC, Infrastucture), I correctly see the old SBS2003 server as the current Operations Master and the new 2012 R2 DC as the one to which the role would be transferred when I click change. Have not done it yet, though.
    • Active Directory Domains and Trusts → right-click Active Directory Domains and Trusts, then click Operations Masters. Here I see only the old SBS2003 server as both the current Domain naming operations master and the one to which the role would be transferred.

    Did I perhaps miss something earlier in the migration process, or will the new server appear as the transfer-to domain naming operations master server after I transfer the first three FSMO roles above?

    I am a chicken and do not want to transfer any of the five roles until I am sure that all is exactly correct here.

    Sunday, March 13, 2016 1:00 AM

Answers

  • Hi

     When I get to Step #2 (domain naming master role), #4, the new DC is not listed >>> it should be,so you can try to transfer roles "with ntdsutil.exe",check the second article i share.


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    • Marked as answer by Brian D. Hart Sunday, March 13, 2016 8:46 PM
    Sunday, March 13, 2016 4:41 PM
  • Well, I took a small chance and clicked Change anyway (i.e. with the old DC showing as both the original and change-to), and I got a message indicating that I needed to connect to the new DC first. I am not sure what that meant, seeing as I was actually logged onto the new DC.

    Nevertheless, I opened Active Directory Domains & Trusts, then right-clicked Active Directory Domains & Trusts and clicked Change Active Domain Controller. I selected the new DC, and now it correctly appeared as the change-to for both the naming and schema master roles.

    Then I was able to transfer the naming & schema master roles through the GUI. I then confirmed by running netdom query fsmo that the new DC now holds all five FSMO roles.

    Then I changed the SBS2003 DC so it is no longer a GC (Active Directory Sites and Services → Sites → [Site name] → Servers → [SBS2003 server name] → right-click NTDS and uncheck Global Catalog).

    So all that was left was to demote the SBS2003, reboot, logon, and shut it down. All of that went without a problem.

    In the end, I am sure I could have done this through ntdsutil, as recommended; however, my fear of having something go wrong led me to that bit more testing and finding that my problem was non-substantial--just had to connect to the currently-logged-onto DC in order to proceed.

    • Marked as answer by Brian D. Hart Sunday, March 13, 2016 11:20 PM
    Sunday, March 13, 2016 11:20 PM

All replies

  • Hi

     You can check the article for step-by-step transfer fsmo roles,

    http://blogs.technet.com/b/canitpro/archive/2015/02/11/step-by-step-migrating-windows-server-2003-fsmo-roles-to-windows-server-2012-r2.aspx

    Also you can transfer fsmo roles with ntdsutil,

    https://support.microsoft.com/en-us/kb/255504


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Sunday, March 13, 2016 9:53 AM
  • Burak,

    That TechNet article you list is the same one I followed to get as far as I did before I asked the question. When I get to Step #2 (domain naming master role), #4, the new DC is not listed as an option.

    Why is that, and how do I fix it?

    Sunday, March 13, 2016 3:18 PM
  • Hi

     When I get to Step #2 (domain naming master role), #4, the new DC is not listed >>> it should be,so you can try to transfer roles "with ntdsutil.exe",check the second article i share.


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    • Marked as answer by Brian D. Hart Sunday, March 13, 2016 8:46 PM
    Sunday, March 13, 2016 4:41 PM
  • Burak,

    I am marking your response as an answer; however, I am still concerned that the absence of the new DC as the change-to server for the naming and schema master roles indicates something wrong with AD that will break the process or plague me later.

    I have already done my dcdiag, both before I began migration and again afterwards, with no issues, and all the clients are already pointed to the new DC. That was all done about six weeks ago. I just do not want to start doing this one last step to get the old SBS2003 out of the domain until I am sure it will work. I cannot afford to have a client's domain down on a Monday morning because I missed a step.

    And I have three virtually identical domains, for different customers' networks, that all look exactly the same--the new DC does not appear as the change-to server for the naming & schema master roles.


    Sunday, March 13, 2016 8:46 PM
  • Well, I took a small chance and clicked Change anyway (i.e. with the old DC showing as both the original and change-to), and I got a message indicating that I needed to connect to the new DC first. I am not sure what that meant, seeing as I was actually logged onto the new DC.

    Nevertheless, I opened Active Directory Domains & Trusts, then right-clicked Active Directory Domains & Trusts and clicked Change Active Domain Controller. I selected the new DC, and now it correctly appeared as the change-to for both the naming and schema master roles.

    Then I was able to transfer the naming & schema master roles through the GUI. I then confirmed by running netdom query fsmo that the new DC now holds all five FSMO roles.

    Then I changed the SBS2003 DC so it is no longer a GC (Active Directory Sites and Services → Sites → [Site name] → Servers → [SBS2003 server name] → right-click NTDS and uncheck Global Catalog).

    So all that was left was to demote the SBS2003, reboot, logon, and shut it down. All of that went without a problem.

    In the end, I am sure I could have done this through ntdsutil, as recommended; however, my fear of having something go wrong led me to that bit more testing and finding that my problem was non-substantial--just had to connect to the currently-logged-onto DC in order to proceed.

    • Marked as answer by Brian D. Hart Sunday, March 13, 2016 11:20 PM
    Sunday, March 13, 2016 11:20 PM
  • Hi,

    Thank you for taking the time to update the result.

    Your sharing might be helpful for other people who has the similar problem.

    Best Regards,
    Eve Wang


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Monday, March 14, 2016 3:23 AM