If a DC hosting a critical operations
master role (previously called flexible single master operations role,
[FSMO]) fails, you might need to have another DC take over the role.
The best choice is to transfer the role while both servers are
operational. However, if the role holder fails, you can seize the role
using a DC that is operational.
Tip
Seizing a role is a drastic operation. You should
seize roles only when absolutely necessary. If you are seizing the
Schema Master, the Domain Naming Master, or the RID Master roles, it’s
recommended that you don’t bring the original DC back online in the
domain.
The following steps show how to seize a role.
| Step | Command |
|---|
| 1. | Start a command prompt with administrative permissions on a domain controller. |
| 2. | Type ntdsutil and press Enter. |
| 3. | Type roles and press Enter. This accesses the fsmo maintenance prompt. |
| 4. | Type connection and press Enter. This accesses the server connections prompt. |
| 5. | Identify the fully qualified domain name (FQDN) of the operational DC. Substitute your DC’s name in the following command:
connect to server dc1.pearson.pub
|
| 6. | Type quit and press Enter. This brings you back to the fsmo maintenance prompt. |
| 7. | Identify the role you want to seize. These are identified in ntdsutil
as Infrastructure Master, Naming Master, PDC, RID Master, and Schema
Master. Use one of the following commands to seize the role:
seize infrastructure master seize naming master seize pdc seize rid master seize schema master
|
| 8. | A confirmation dialog box appears similar to Figure 1. Review it and click Yes if you want to seize the role.
Note
ntdsutil first tries to do a logical
transfer. If the other DC is up and operational, it is transferred
normally. If it fails, it seizes the role.
|
| 9. | Type quit and press Enter twice to exit ntdsutil. |
