Transfer FSMO From a Failed Domain Controller (Running Windows Server 2008 R2)
1.Prepare
- DC21 : Domain Controller(Yi.vn - Primary) # Server down or OS error (Unavailable) IP 10.0.0.21
- DC22 : Domain Controller(Yi.vn - Secondary) # Server alive (Available) IP 10.0.0.22
2. Step by step : Transfer FSMO From DC21 to DC22 ---------------****************** Youtube.com/c/MicrosoftLab ********************--------------------
- DC22 : Transfer FSMO From DC21
+ Start - Administrative Tools - Active Directory Users and Computers - Yi.vn - Domain Controllers OU - Check number of domain controllers
+ Right-Click Yi.vn - Operations Masters... - RID tab(PDC,Infrastructure) - Change... - Yes === Fail because DC21 error
+ Set the first DNS is DC22(10.0.0.22)
+ Start - Windows PowerShell - Right-Click 'Windows PowerShell' - Run as administrator, type :
+ dsquery server -forest # Check number of domain controllers
+ netdom query fsmo # Check which domain controller is the owner of FSMO roles (all at DC21)
+ regsvr32 schmmgmt.dll # Register the Active Directory schema management library
+ Start - Right-Click 'Command Prompt' - Run as administrator, type :
+ Ping DC21.Yi.vn or 10.0.0.21 === Fail
+ ntdsutil # Seize the roles from a failed DC21 using NTDSUTIL tool
+ ntdsutil : roles
+ fsmo maintenance : connections
+ server connections : connect to server DC22
+ server connections : q
+ fsmo maintenance : seize naming master # seize naming master role
+ fsmo maintenance : seize infrastructure master # seize infrastructure master role
+ fsmo maintenance : seize rid master # seize rid master role
+ fsmo maintenance : seize schema master # seize schema master role
+ fsmo maintenance : seize pdc # seize pdc role
+ fsmo maintenance : q
+ ntdsutil : metadata cleanup
+ metadata cleanup : connections
+ server connections : connect to server DC22
+ server connections : q
+ metadata cleanup : select operation target # List the existing Active Directory sites
+ select operation target : list sites
+ select operation target : select site 0 # Site Yi.vn
+ select operation target : list servers in site
+ select operation target : Select server 0 # Select DC21
+ select operation target : list domain
+ select operation target : select domain 0 # Select Yi.vn
+ select operation target : q
+ metadata cleanup : remove selected server
+ Start - Administrative Tools - Active Directory Sites and Services - Sites - Default-First-Site-Name - Servers - Right-Click DC21 - Delete - Yes
+ Windows PowerShell, type : netdom query fsmo # Check which domain controller is the owner of FSMO roles (all at DC22) === OK
