https://wiki.samba.org/index.php/Flexible_Single-Master_Operations_(FSMO)_roles

Active Directory knows seven FSMO roles with different scopes:

• PDC Emulator (One per domain)
• RID Master (One per domain)
• Schema Master (One per forest)
• Domain Naming Master (One per forest)
• Infrastructure Master (One per domain)
• Domain DNS Zone Master role (one per domain)
• Forest DNS Zone Master role (one per forest)

The Roles

There are five FSMO roles, two per forest, three in every Domain. A brief summary of the role is below.

Forest Wide Roles:

• Schema Master

The schema is shared between every Tree and Domain in a forest and must be consistent between all objects. The schema master controls all updates and modifications to the schema.

• Domain Naming

When a new Domain is added to a forest the name must be unique within the forest. The Domain naming master must be available when adding or removing a Domain in a forest.

Domain Wide Roles:

• Relative ID (RID) Master

Allocates RIDs to DCs within a Domain. When an object such as a user, group or computer is created in AD it is given a SID. The SID consists of a Domain SID (which is the same for all SIDs created in the domain) and a RID which is unique to the Domain.

When moving objects between domains you must start the move on the DC which is the RID master of the domain that currently holds the object.

• PDC Emulator

The PDC emulator acts as a Windows NT PDC for backwards compatibility, it can process updates to a BDC.

It is also responsible for time synchronising within a domain.

It is also the password master (for want of a better term) for a domain. Any password change is replicated to the PDC emulator as soon as is practical. If a logon request fails due to a bad password the logon request is passed to the PDC emulator to check the password before rejecting the login request.

• Infrastructure Master

The infrastructure master is responsible for updating references from objects in its domain to objects in other domains. The global catalogue is used to compare data as it receives regular updates for all objects in all domains.

Any change to user-group references are updated by the infrastructure master. For example if you rename or move a group member and the member is in a different domain from the group the group will temporarily appear not to contain that member.

---

https://winsvr.wordpress.com/2012/12/17/transferring-fsmo-roles-from-ws-2008r2-dc-to-ws-2012-dc/

Schema Master:

Go to WS 2008 R2 DC, Run below command

regsvr32 schmmgmt.dll

Open MMC & add Active Directory Schema

OK

Change Active Directory Domain Controller

Select WS2012 server

OK

Select Operational Master

Change

Yes

PDC, RID, Infrastructure Master:

Go to Active Directory Users & Computers in WS 2012 DC

Operations Masters

Change

Yes

OK,

Go to PDC

Change

Yes

OK

Go to Infrastructure

Change

Yes

OK

Domain Naming Master:

Open ADSI Edit in WS2012 DC

Connect To

OK

IN WS 2008 R2 Server, Go to Active directory Domains & Trusts

Select Operations Master

Change

Yes

OK

Close

All FSMO roles are moved to New WS2012 DC

---

http://www.techieshelp.com/how-to-transfer-fsmo-roles-graphical-and-command-line/

Transferring the FSMO Roles via Ntdsutil

To transfer the FSMO roles from the Ntdsutil command:
Caution: Using the Ntdsutil utility incorrectly may result in partial or complete loss of Active Directory functionality.

1. On any domain controller, click Start, click Run, type Ntdsutil in the Open box, and then click OK.

Microsoft Windows [Version 5.2.3790] (C) Copyright 1985-2003 Microsoft Corp.
C:\WINDOWS>ntdsutil ntdsutil:

1. Type roles, and then press ENTER.

ntdsutil: roles fsmo maintenance:

Note: To see a list of available commands at any of the prompts in the Ntdsutil tool, type ?, and then press ENTER.

1. Type connections, and then press ENTER.

fsmo maintenance: connections server connections:

1. Type connect to server , where is the name of the server you want to use, and then press ENTER.

server connections: connect to server server100 Binding to server100 ...
Connected to server100 using credentials of locally logged on user. server connections:

1. At the server connections: prompt, type q, and then press ENTER again.

server connections: q fsmo maintenance:

1. Type transfer . where is the role you want to transfer.

For example, to transfer the RID Master role, you would type transfer rid master:
Options are:

Transfer domain naming master Transfer infrastructure master Transfer PDC Transfer RID master Transfer schema master

1. You then s a warning popup asking if you want to perform the transfer. Select Yes to continue.
2. Then after you transfer the roles, type q and press ENTER until you quit Ntdsutil.exe.
3. Restart the server and make sure you update your backup.