Mi-Token uses an AD LDS (Active Directory Lightweight Directory Services) database to hold the tokens data and to provide replication between the various replicas an environment may have.


AD LDS, as a subset of an AD database also has an FSMO roles scheme but only possesses a naming and a schema master. The first Mi-Token installed server becomes the Primary master server and the holder of such roles. This feature can be queried and changed as well.


Using a CMD window as an administrator, you can:


Determine what server holds the Mi-Token FSMO roles:

1. Type dsmgmt <enter>
2. Type roles <enter>
3. Type connections <enter>
4. Type connect to server servername:portnumber of instance <enter>
5. Type quit <enter>
6. Type select operation target <enter>
7. Type list roles for connected server <enter> Note: This should list who owns the FSMO roles.

The following is a sample output of the commands:



Transfer/seize the roles:

1. At the command prompt, type: dsmgmt
2. At the dsmgmt: command prompt, type: roles
3. At the FSMO maintenance: command prompt, type: connections
4. At the server connections: command prompt, type: connect to server servername:portnumber where servername:portnumber is the computer name and communications port number of the AD/LDS instance that you want to use as the new naming master or schema master.
5. At the server connections: command prompt, type: quit
6. At the FSMO maintenance: command prompt, type:

transfer Schema master

transfer Naming master


or 


seize Schema master

seize Naming master


Transferring/Seizing the roles will prompt you to confirm the operation.


8. Exit the utility using quit.


The following is a sample output of the commands:




When you accept the transfer, the command line will confirm showing the roles holder. 


Transferring Naming Master


The command line shows that the roles have been transferred to REPLICA