3.1.1.5.3.1.2 FSMO Changes

If a write to the fSMORoleOwner attribute is performed, and the objectClass of the object being modified is one of the following classes, then the requester is required to have an additional control access right on the object. The following control access rights are checked, depending on the objectClass of the object being modified: