Summary: A post about seizing Active Directory Domain Controller roles, also known as FMSO.
Date: Around 2014
Refactor: 13 February 2025: Checked links and formatting.

Whenever you're in the situation the AD Domain Controller roles (FMSO) are not what they should be you can always seizes the roles you need. This small howto shows you how.

Note: This is a quite common scenario after doing a test failover with Site Recovery Manager 5.1.

Ntdsutil is the tool we need, and note that for the seizing of the schema role you need to be in the “schema admins” group:

• Open an elevated command prompt
• Start the program ntdsutil

C:\ ntdsutil
ntdsutil:

• Type roles

ntdsutil: roles
fsmo maintenance:

• Type connections

fsmo maintenance: connections
server connections:

• Type connect to server <servername>

server connections: connect to server dcserver
Binding to dcserver ...
Connected to dcserver using credentials of locally logged on user.
server connections:

• Type q to return to maintenance mode

server connections: q
fsmo maintenance:

• Type these commands to seize the roles for AD 2003:

1. Seize domain naming master
2. Seize infrastructure master
3. Seize PDC
4. Seize RID master
5. Seize schema master

• Type these commands to seize the roles for AD 2008:

1. Seize naming master
2. Seize infrastructure master
3. Seize PDC
4. Seize RID master
5. Seize schema master

Note that confirmation will be asked, you'll have to click “yes” to proceed.