Monthly Archives: May 2013

Transfer/Seize FSMO Roles to Windows Server 2012 Using Powershell

Following information explains the Active Directory FSMO roles transfer process using powershell cmdlets.

If FSMO role holder DC goes under upgradation process or down, we think about FSMO roles as its important and we know the traditional NTDSUTIL way of transferring and seizing FSMO roles which takes few minutes. However, using the power shell this is relatively easy and completes within few seconds.

Powershell command :  Move-ADDirectoryServerOperationMasterRole

Transfering all 5 FSMO roles syntax:
Move-ADDirectoryServerOperationMasterRole -Identity “Target_DC_name” –OperationMasterRole PDCEmulator,RIDMaster,InfrastructureMaster,SchemaMaster,DomainNamingMaster

If target DC name is ADC, use below command to transfer all FSMO roles:
Move-ADDirectoryServerOperationMasterRole -Identity “ADC” –OperationMasterRole PDCEmulator,RIDMaster,InfrastructureMaster,SchemaMaster,DomainNamingMaster

Role numbers can be used in command instead of role names.

Operation Master Role Name

Number

PDCEmulator

0

RIDMaster

1

InfrastructureMaster

2

SchemaMaster

3

DomainNamingMaster

4

 

 

 

 

 

 

 

Transfer all 5 FSMO roles using numbers:
Move-ADDirectoryServerOperationMasterRole -Identity “ADC” –OperationMasterRole 0,1,2,3,4

If FSMO role owner is permanently offline, seize FSMO roles using below command, just add –Force parameter.
Sezing FSMO roles syntax:

Move-ADDirectoryServerOperationMasterRole -Identity “Target_DC_name” –OperationMasterRole PDCEmulator,RIDMaster,InfrastructureMaster,SchemaMaster,DomainNamingMaster -Force

 Command:
Move-ADDirectoryServerOperationMasterRole -Identity “ADC” –OperationMasterRole PDCEmulator,RIDMaster,InfrastructureMaster,SchemaMaster,DomainNamingMaster –Force


If you want to transfer/seize single operation master role to another DC then use role name or its number.

Examples:
Move-ADDirectoryServerOperationMasterRole -Identity “ADC” –OperationMasterRole RIDMaster
Move-ADDirectoryServerOperationMasterRole -Identity “ADC” –OperationMasterRole 1
Move-ADDirectoryServerOperationMasterRole -Identity “ADC” –OperationMasterRole RIDMaster –Force
Move-ADDirectoryServerOperationMasterRole -Identity “ADC” –OperationMasterRole 1 -Force

Quick Notes:

  • No need to connect future FSMO role owner DC, before transferring /seizing roles operation.
  • Powershell command can be run from any DC or windows7 workstation and 2008/R2 member server where RSAT tool is installed.