In any Active Directory environment it’s always a good practice to have some form of redundancy and the resiliency to go along with it. In the case of FSMO Roles (Flexible Single Master Operation Roles), it’s an excellent idea to have them scattered across multiple Domain Controllers. The idea of “having all of your eggs in one basket” applies here and it’s something that we definitely want to avoid if we can control it. So in this article I am going to show you how to transfer FSMO Roles in Server 2019 Using Powershell. In case you’re wondering, this is also compatible with Server 2016, Server 2012R2 and even 2008R2.
How to Query FSMO Roles
Before we decide to change any FSMO roles, we’ll want to check which roles belong to which Domain Controllers. To do this we’ll perform the following steps.
- Open Powershell Window
- Type: netdom /query fsmo
Move FSMO Roles in Server 2019 Using Powershell
Another thing to note is that you must have the ActiveDirectory Module imported into Powershell for it to work. Domain Controllers will have it by default.
In my example above we have all of our eggs in one basket so let’s use Powershell to move the roles to a different DC. The single command to transfer fsmo roles is:
Move-ADDirectoryServerOperationMasterRole -Identity “Target_DC_Name” –OperationMasterRole 0,1,2,3,4 -Confirm:$false -Force
|4||Domain Naming Master|
If you’ve searched around on how to move FSMO roles there is a lot content out there and shows you how to do it from the GUI but this method seems soo much easier. I prefer this method because of the simplicity and ease of the command.