How to Seize FSMO roles in Server 2012 step-by-step
Previously the main way to seize the roles was using the Ntdsutil in Server 2003 & 2008.
Since PowerShell is now my weapon of choice I thought it would be useful to quickly document the method.
Move-ADDirectoryServerOperationMasterRole is the command that is used for this task. More information on the command can be found here:
Microsoft Technet Site
You can use either the Role Name or Number to specify which role to move, this table shows the details:
|Operation Master Role Name||Number|
Use the -Identity switch to specify the target Domain Controller and the –OperationMasterRole to specify which role to transfer. I’ve also used the -Force command as my current FSMO holder is offline.
I’ll be moving all the roles to a target DC called ADC02.
N.B. To move the SchemaMaster role you’ll need to be a member of the Schema Admins group. My account was also a member of Enterprise Admins when I ran this.
- Logon to a working Domain Controller and launch an elevated PowerShell session.
- Type: Move-ADDirectoryServerOperationMasterRole -Identity ADC02 -OperationMasterRole 0,1,2,3,4 -Force
- Either type Y on each role move prompt, or type A to accept all prompts
- After a while, all the roles should be successfully moved.
Last thing, a couple of PowerShell command just to list the FSMO roles and who now owns them:
Get-ADForest DomainName | FT SchemaMaster,DomainNamingMaster
Get-ADDomain DomainName | FT PDCEmulator,RIDMaster,InfrastructureMaster
One thing to note, only seize the roles if you have no intention of bringing the original holding Domain Controller back online. Domains don’t tend to like having two FSMO role holders…
If you like my post, kindly keep posting your emails, feedback and comments.