FSMO Owner

Anonymous
2020-09-30T09:06:53.633+00:00

Fsmo roles transfared from dc1 2008r2 to DC2 2016
when i run netdom query fsmo it shows all 5 roles in dc2.
but when i run

"dsquery * CN=Infrastructure,DC=DomainDnsZones,DC=mycompany,DC=com -attr fSMORoleOwner "

the result is

" fSMORoleOwner
CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mycompany,DC=com"

and when i ask for w32tm query source it answer the DC1 is the source where DC2 should be the pdc emulator holder.

please help me to fix this.

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,125 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,852 questions
0 comments
Accepted answer
  1. Dave Patrick 426.1K Reputation points MVP
    2020-09-30T12:47:31.823+00:00

    Sounds like you missed one
    transfer pdc

    https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/transfer-or-seize-fsmo-roles-in-ad-ds

    also check that the Windows Time service is started and configured.

    Some general info

    On PDC emulator
    w32tm /unregister
    net stop w32time
    w32tm /register
    net start w32time
    w32tm /config /manualpeerlist:<external ntp address> /syncfromflags:manual /reliable:yes /update
    net stop w32time
    net start w32time
    then check
    w32tm /query /source
    w32tm /query /configuration

    --please don't forget to Accept as answer if the reply is helpful--

    0 comments

4 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Thameur-BOURBITA 32,506 Reputation points
    2020-09-30T19:00:38.877+00:00

    Hi,

    Check the replication health between your domain controllers and the status of windows time service in each domain controller

    As mentioned by Patrick , each domain controller will synchronize with the PDC in same domain. In case where you have a forest with multi child domain , the PDC of each child domain will synchronize with a domain controller in root domain.

    Please don't forget to mark this reply as answer if it help you to fix your issue

    0 comments
  2. Anonymous
    2020-10-01T09:17:40.123+00:00

    Patrick
    thanks for your response
    i followed the steps you provided, and the time source now is DC2.
    but the first part confused me, why fsmoRole Owner attribute in infrastructure properties still indicate to dc1 where it should be dc2.
    CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mycompany,DC=com

    0 comments
  3. Anonymous
    2020-10-01T09:22:12.087+00:00

    @Bourbita
    thanks for your response
    the steps mentioned by Patrick was helpful.
    and the replication completed with no error.

    but the first part still confuses me.

    i will appreciate any help.

    0 comments
  4. Dave Patrick 426.1K Reputation points MVP
    2020-10-01T12:27:33.287+00:00

    Might also check the results below
    dcdiag /v