Today, in this post, I want to show you how to transfer or seize one or more flexible single master operations (FSMO) roles from one Domain Controller to another using PowerShell.

PowerShell Workaround

Requirements:

  • PowerShell version 3.0 or higher
  • PowerShell Active Directory module. To learn how to install this module, see this link.

You can view FSMO role owner (Domain Naming Master and Schema Master roles) using the Get-ADForest cmdlet with the following syntax:

get-adforest

To view FSMO roles (Infrastructure Master, PDC Emulator, and Relative Identifier Master roles), use the Get-ADDomain cmdlet with the following syntax:

get-addomain

Transferring roles

The process of moving the FSMO role when both the original FSMO role holder and the future FSMO role holder are online and operational is called Transferring

To transfer the FSMO roles between domain controllers, use the Move-ADDirectoryServerOperationMasterRole cmdlet with the following syntax:

If you prefer, instead of typing the names of the functions of the operations master, you can also specify the numbers. To specify multiple operation master roles, use a comma-separated list.

  • PDCEmulator or 0
  • RIDMaster or 1
  • InfrastructureMaster or 2
  • SchemaMaster or 3
  • DomainNamingMaster or 4
Move-ADDirectoryServerOperationMasterRole

Seizing roles

The process of moving the FSMO role from a non-operational role holder to a different DC is called Seizing.

if you must seize one or more roles, use the Move-ADDirectoryServerOperationMasterRole -force cmdlet with the following syntax:

or

FSMO PowerShell

You can verify the tasks performed by running the Get-ADForest and Get-ADDomain cmdlets again.

If you want to know more about FSMO roles, check out this link:https://support.microsoft.com/en-us/help/197132/active-directory-fsmo-roles-in-windows