Transferring FSMO roles
In the previous chapter, we have seen how to query FSMO role owners using PowerShell. Instead of relying on the onnetdom
command or any other method, we leveraged Active Directory PowerShell module and wrote a small PowerShell function, Get-FSMORoles
, to get this information. In this section, let's concentrate on how to transfer these FSMO roles across domain controllers.
Moving FSMO roles might not be a frequent operation in smaller organizations. However, if you have multiple domains and forests with a large set of domain controllers, generally you see the need to do it on a frequent basis for various reasons. For example, if you have a site where you have a PDC emulator running and there is a power maintenance issue that demands the shutdown of domain controllers, then it makes sense to move the PDC emulator to another DC in a different site.
Active Directory module has a cmdlet called Move-ADDirectoryServerOperationMasterRole
, which is used for transferring FSMO...