- Log in to Windows Server 2016 as a member of Enterprise Administrators group;
- Run Powershell as Administrator;
- Type
netdom query fsmo
to get a list of the FSMO roles and their current owners;PS C:\Windows\system32> netdom query fsmo Schema master cs-core-adc-01.vstrong.info Domain naming master cs-core-adc-01.vstrong.info PDC cs-core-adc-01.vstrong.info RID pool manager cs-core-adc-01.vstrong.info Infrastructure master cs-core-adc-01.vstrong.info The command completed successfully.
- As you can see,
cs-core-adc-01.vstrong.info
holds all FSMO roles.
I would like to transfer ALL FSMO roles to another Domain Controllercs-core-adc-02.vstrong.info
- Run the following command to move FSMO roles over:
Move-ADDirectoryServerOperationMasterRole -Identity cs-core-adc-02.vstrong.info -OperationMasterRole SchemaMaster, DomainNamingMaster, PDCEmulator, RIDMaster, InfrastructureMaster
PS C:\Windows\system32> Move-ADDirectoryServerOperationMasterRole -Identity cs-core-adc-02 -OperationMasterRole SchemaMaster, DomainNamingMaster, PDCEmulator, RIDMaster, InfrastructureMaster Move Operation Master Role Do you want to move role 'SchemaMaster' to server 'cs-core-adc-02.vstrong.info' ? [Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): A
Type A for all.
- Type
netdom query fsmo
again to get a list of the FSMO roles and their current owners;PS C:\Windows\system32> netdom query fsmo Schema master cs-core-adc-02.vstrong.info Domain naming master cs-core-adc-02.vstrong.info PDC cs-core-adc-02.vstrong.info RID pool manager cs-core-adc-02.vstrong.info Infrastructure master cs-core-adc-02.vstrong.info The command completed successfully.
- You may get ‘Access is denied’ error message as below. Please make sure you ARE a member of Enterprise Admins. Also, you may also need to change your Primary Group to Enterprise Admins. You will need to log off and log back in again.
Move-ADDirectoryServerOperationMasterRole : Access is denied At line:1 char:1 + Move-ADDirectoryServerOperationMasterRole -Identity cs-core-adc-02 -O ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (cs-core-adc-02:ADDirectoryServer) [Move-ADDirector...ationMasterRole], AD Exception + FullyQualifiedErrorId : ActiveDirectoryServer:0,Microsoft.ActiveDirectory.Management.Commands.MoveADDirectoryServerOperationMasterRole
I hope you find this helpful. As always, Like, Subscribe and Share! :)
Recent Comments