Move Windows Server 2016 FSMO Roles Using PowerShell

In this blog post, I’ll show you how to move or seize Active Directory FSMO roles using a single PowerShell cmdlet.

In the old days, Moving the FSMO roles involved using multiple consoles and utilities (commands) which was very confusing.

With the release of Windows Server 2012, the process was changed signifying and was made simple.

Using PowerShell to move the FSMO roles is a much cleaner process.

Get Started

To move the FSMO roles Microsoft has created a new PowerShell cmdlet called Move-ADDirectoryServerOperationMasterRole.

The FSMO roles have been numbered as you can see In the table below.

Role Name, Number

  • PDCEmulator 0
  • RIDMaster 1
  • Infrastructure Master 2
  • Schema Master 3
  • DomainNamingMaster 4
View FSMO Roles

Before I move my FSMO roles I’ll use the cmdlets below to view the current host that hold them.

Get-ADForest | select SchemaMaster,DomainNamingMaster
 
Get-ADDomain | select PDCEmulator,RIDMaster,InfrastructureMaster

As you can see below, VDC01 holds all FSMO roles.

Move FSMO Roles

In the example below, I’ll move my FSMO roles from VDC01 to VDC02.

Move-ADDirectoryServerOperationMasterRole -Identity "VDC02" -OperationMasterRole 0,1,2,3,4

To Seize the roles I can use the -Force switch

Move-ADDirectoryServerOperationMasterRole -Identity “VDC02” -OperationMasterRole 0,1,2,3,4 -Force

If I run the Get cmdlets I can see that the roles have moved successfully

To move a single role I can use the cmdlet below

Move-ADDirectoryServerOperationMasterRole -Identity "VDC02" -OperationMasterRole 4

Get-ADForest | select SchemaMaster,DomainNamingMaster

Conclusion

Using PowerShell to manage FSMO roles is a great change and allows us to move or seize roles on the fly.

The days of using consoles and command are gone and it’s good.

YouTube

Update, I just published the YouTube video.


Posted

in

by