FSMO - Role Transfer (NTDSUTIL | Powershell)
Introduction:
Recently the support for Windows Server 2008 & 2008 R2 has expired (14.01.2020 (see references at the end of the blog post).
For this reason, it is highly probable that there are currently a number of projects for IT service providers that deal with this topic, more precisely with the replacement of this server operating system version.
Since I was entrusted with such a case myself (I had to rebuild an old Small Business Server infrastructure), I decided to blog about it.
As most people know, an SBS server has the stupid habit of wanting to hold all FSMO roles (otherwise it restarts every hour).
Definition:
FSMO or Flexible Single Master Operations are special tasks that domain controllers perform within a domain based on Microsoft's Active Directory technology.
In case of SBS replacement, these roles must now be transferred.
FSMO - Transfer
- Log to the FSMO-Role holder.
# Query to look for the current fsmo role holder
# Start "cmd" with evelated priviliges
netdom query fsmo
- Transfer FSMO - Roles
NTDSUTIL:
- Open Command Prompt. Type:
ntdsutil - At the ntdsutil command prompt, type:
roles - At the fsmo maintenance command prompt, type:
connection - At the server connections command prompt, type:
connect to <server> - At the server connections command prompt, type:
quit - At the fsmo maintenance command prompt, type:
Transfer domain naming master- Confirm with "yes"
Transfer infrastructure master- Confirm with "yes"
Transfer PDC- Confirm with "yes"
Transfer RID master- Confirm with "yes"
Transfer schema master- Confirm with "yes"
- At the fsmo maintenance command prompt, type:
quit - At the ntdsutil command prompt, type:
quit
PowerShell:
# Search for the Destination Server
$Server = Get-ADDomainController -Identity "<sAMAccountName>"
# Transfer FSMO Roles
Move-ADDirectoryServerOperationMasterRole -Identity $Server -OperationMasterRole SchemaMaster,DomainNamingMaster,PDCEmulator,RIDMaster,InfrastructureMaster
Reference: