During my testing in a virtual parent/child domain structure (Win2000), I have seized all 5 FSMO roles on my parent DC. All went well.
On the child DC, I do *not* seize all roles, because 3 of them are forest-wide, right? Domain naming (owner) and Schema Master are forest-wide, and so should *not* be seized on a child DC. The others - PDC, RID, Operations - can all be seized, since they are domain specific, correct? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
