Transfering or Seizing FSMO

-
Names or numbers?
Instead of typing the Names of the operations master roles, Numbers may also be specified.

Role Name Number
PDCEmulator 0
RIDMaster 1
InfrastructureMaster 2
SchemaMaster 3
DomainNamingMaster 4

Transfering or Seizing Domain Naming Master role

Transfering

Move-ADDirectoryServerOperationMasterRole -Identity "Target-DC" -OperationMasterRole DomainNamingMaster
OR
Move-ADDirectoryServerOperationMasterRole -Identity "Target-DC" -OperationMasterRole 4

Seizing

Move-ADDirectoryServerOperationMasterRole -Identity "Target-DC" -OperationMasterRole DomainNamingMaster -Force
OR
Move-ADDirectoryServerOperationMasterRole -Identity "Target-DC" -OperationMasterRole 4 -Force


---



Transfering all roles


Move-ADDirectoryServerOperationMasterRole -Identity "Target-DC" -OperationMasterRole 0,1,2,3,4



Seizing all roles


Move-ADDirectoryServerOperationMasterRole -Identity "Target-DC" -OperationMasterRole 0,1,2,3,4 -Force







For example, my target Domain Controller name is DC1.



We use this command to transfer roles to another Domain Controller:


Move-ADDirectoryServerOperationMasterRole -Identity "DC1" -OperationMasterRole 0,1,2,3,4



We use this command to seize roles to another Domain Controller:


Move-ADDirectoryServerOperationMasterRole -Identity "DC1" -OperationMasterRole 0,1,2,3,4 -Force




Additional information
You can view FSMO role owner with this AD-Powershell commands:

Get-ADForest | select SchemaMaster,DomainNamingMaster
Get-ADDomain | select PDCEmulator,RIDMaster,InfrastructureMaster









































Comments











Post a Comment






























Popular posts from this blog









Troubleshooting Netlogon Error Codes






-














Image







    Quick Reference: Troubleshooting Netlogon Error Codes       ★ ★ ★ ★ ★   ★ ★ ★ ★   ★ ★ ★   ★ ★   ★        January 28, 2013   by  Mark Morowczynski [MSFT]   //   24 Comments        0  0        Hi this is Brandon Wilson and today I will be providing you with a quick reference for troubleshooting Netlogon error codes.   I say “quick reference” very loosely here, because this is one of those sticky subjects that can easily expand into many more areas and become a very long discussion. So, I’m going to do my best to focus on just the codes and possible solutions for the error codes that are more common to see. Anyone who has dealt with some of these issues knows that some of these outlined areas can lead to huge revenue loss for a business, or at the very least an annoying authentication prompt J   I welcome you to leave comments and questions, or suggestions for articles that you as the reader would be interested in seeing us do on AskPFE Platforms ( http://blogs.tech...








Read more










Service Principal Names (SPNs) SetSPN Syntax (Setspn.exe)






-














Image







  Service Principal Names (SPNs) SetSPN Syntax (Setspn.exe)     Table of Contents     SPN Purpose  SPN Format  SetSPN  Viewing or Checking SPN Registrations  SPN Registration    Errors Related to SPN Registration or Configuration      Manually Registering SPNs  Troubleshooting SPN Issues    Resolving SPN Registration Issues  SPN Lookup Errors  Delegation      External Articles          SPN Purpose  A service principal name (SPN) is the name by which a Kerberos client uniquely identifies an instance of a service for a given Kerberos target computer. If you install multiple instances of a service on computers throughout a forest, each instance must have its own SPN. A given service instance can have multiple SPNs if there are multiple names that clients might use for authentication. For example, an SPN always includes the name of the host computer on which the service instance is running, so a service instance might register an SPN for each name or alias of its host.   ↑  Return to T...








Read more










Troubleshooting AD Active Directory Replication Error 8456 or 8457: "The source | destination server is currently rejecting replication requests"






-















      Symptoms          This article describes the symptoms, cause, and resolution steps for situations where Active Directory operations fail with error 8456 or 8457: "The source | destination server is currently rejecting replication requests"   The DCPROMO promotion of a new domain controller in an existing forest fails with the error "The source server is currently rejecting replication requests."    Dialog title text:       Active Directory Installation Wizard      Dialog message text:      The operation failed because:   Active Directory could not transfer the remaining data in directory partition   to domain controller .  "The source server is currently rejecting replication requests."     DCDIAG reports the error "The source server is currently rejecting replication requests" or "The destination server is currently rejecting replication requests."   Testing server: Default-First-Site-Name\     ...








Read more