Following information explains the Active Directory FSMO roles transfer process using powershell cmdlets.
If FSMO role holder DC goes under upgradation process or down, we think about FSMO roles as its important and we know the traditional NTDSUTIL way of transferring and seizing FSMO roles which takes few minutes. However, using the power shell this is relatively easy and completes within few seconds.
Powershell command : Move-ADDirectoryServerOperationMasterRole
Transfering all 5 FSMO roles syntax:
Move-ADDirectoryServerOperationMasterRole -Identity “Target_DC_name” –OperationMasterRole PDCEmulator,RIDMaster,InfrastructureMaster,SchemaMaster,DomainNamingMaster
If target DC name is ADC, use below command to transfer all FSMO roles:
Move-ADDirectoryServerOperationMasterRole -Identity “ADC” –OperationMasterRole PDCEmulator,RIDMaster,InfrastructureMaster,SchemaMaster,DomainNamingMaster
Role numbers can be used in command instead of role names.
Transfer all 5 FSMO roles using numbers:
Move-ADDirectoryServerOperationMasterRole -Identity “ADC” –OperationMasterRole 0,1,2,3,4
If FSMO role owner is permanently offline, seize FSMO roles using below command, just add –Force parameter.
Sezing FSMO roles syntax:
Move-ADDirectoryServerOperationMasterRole -Identity “Target_DC_name” –OperationMasterRole PDCEmulator,RIDMaster,InfrastructureMaster,SchemaMaster,DomainNamingMaster -Force
Command:
Move-ADDirectoryServerOperationMasterRole -Identity “ADC” –OperationMasterRole PDCEmulator,RIDMaster,InfrastructureMaster,SchemaMaster,DomainNamingMaster –Force
If you want to transfer/seize single operation master role to another DC then use role name or its number.
Examples:
Move-ADDirectoryServerOperationMasterRole -Identity “ADC” –OperationMasterRole RIDMaster
Move-ADDirectoryServerOperationMasterRole -Identity “ADC” –OperationMasterRole 1
Move-ADDirectoryServerOperationMasterRole -Identity “ADC” –OperationMasterRole RIDMaster –Force
Move-ADDirectoryServerOperationMasterRole -Identity “ADC” –OperationMasterRole 1 -Force
