3.4.4.6 MoveADOperationMasterRole

A server processes a MoveADOperationMasterRole request using the Active Directory Web Services: Custom Action Protocol upon receiving a SOAP message that contains the MoveADOperationMasterRole SOAP header and that specifies the following URI as the SOAP action:

http://schemas.microsoft.com/2008/1/ActiveDirectory/CustomActions/TopologyManagement/MoveADOperationMasterRole

This operation is specified by the following WSDL.

<wsdl:operation name="MoveADOperationMasterRole">
    <wsdl:input
        wsam:Action=
"http://schemas.microsoft.com/2008/1/ActiveDirectory/CustomActions/TopologyManagement/MoveADOperationMasterRole"
        name="MoveADOperationMasterRoleRequest"
        message="ca:MoveADOperationMasterRoleRequest" />
  <wsdl:output
      wsam:Action=
"http://schemas.microsoft.com/2008/1/ActiveDirectory/CustomActions/TopologyManagement/MoveADOperationMasterRoleResponse"
      name="MoveADOperationMasterRoleResponse"
      message="ca:MoveADOperationMasterRoleResponse" />
  <wsdl:fault
      wsam:Action=
"http://schemas.microsoft.com/2008/1/ActiveDirectory/Data/fault"
      name="MoveADOperationMasterRoleFault"
      message=
"ca:TopologyManagement_MoveADOperationMasterRole_MoveADOperationMasterRoleFault_FaultMessage" />
</wsdl:operation>

The MoveADOperationMasterRole custom action moves the FSMO role specified by element MoveADOperationMasterRoleRequest/OperationMasterRole (section 3.4.4.6.2.3) to the directory service specified by the SOAP header Server element (section 2.2.3.5) in the MoveADOperationMasterRoleRequest.

If the MoveADOperationMasterRoleRequest/Seize element is set to TRUE, then the MoveADOperationMasterRole custom action seizes (section 3.4.4.6.2.3.2) the FSMO role only after first attempting a regular transfer (section 3.4.4.6.2.3.1) which has failed.

On successful completion of the FSMO role transfer (or seizure), the MoveADOperationMasterRole custom action MUST create a MoveADOperationMasterRoleResponse element, set the MoveADOperationMasterRoleResponse/WasSeized element to TRUE or FALSE, and return the MoveADOperationMasterRoleResponse object. The WasSeized element indicates whether the FSMO role was seized (TRUE) or transferred (FALSE).

To transfer a FSMO role, the server writes the appropriate rootDSE attribute of the directory instance ([MS-ADTS] sections 3.1.1.3.3.1 through 3.1.1.3.3.6). The table under section 3.4.4.6.2.3.1 contains information on the rootDSE attribute to modify to transfer a role.

To seize a FSMO role, the server writes the distinguishedName of the nTDSDSA object of the new role owner [MS-ADTS] sections 3.1.1.5.3.1.2 and 3.1.1.5.3.2.<57> The table under section 3.4.4.6.2.3.2 contains information about which object attribute to write to seize a role.

If an error occurs while processing this operation, the server MUST return the appropriate SOAP fault for the particular error condition as specified in section 3.4.4.6.8.