This procedure requires the ActiveDirectory PowerShell module to be installed and loaded.
These commands can be run from either the current or future role holder, or from a member computer running RSAT.
Roles can be specified by name or number, the following table outlines the Names & Numbers for the FSMO roles:
| Role Name | Number |
|---|---|
| PDCEmulator | 0 |
| RIDMaster | 1 |
| InfrastructureMaster | 2 |
| SchemaMaster | 3 |
| DomainNamingMaster | 4 |
Transfer Roles
In order to transfer all roles the following command is used:
Move-ADDirectoryServerOperationMasterRole -Identity "<NEW_DC>" -OperationMasterRole SchemaMaster,RIDMaster,InfrastructureMaster,DomainNamingMaster,PDCEmulator
or
Move-ADDirectoryServerOperationMasterRole -Identity "<NEW_DC>" -OperationMasterRole 0,1,2,3,4
Seize Roles
Roles can be seized rather than transferred by adding the -Force parameter. For example:
Move-ADDirectoryServerOperationMasterRole -Identity "<NEW_DC>" -OperationMasterRole SchemaMaster,RIDMaster,InfrastructureMaster,DomainNamingMaster,PDCEmulator -Force
or
Move-ADDirectoryServerOperationMasterRole -Identity "<NEW_DC>" -OperationMasterRole 0,1,2,3,4 -Force
Transfer Individual Roles
Obviously each role can also be moved independently by specifying a single role as per the command below (to transfer the PDC Emulator role):
Move-ADDirectoryServerOperationMasterRole -Identity "<NEW_DC>" -OperationMasterRole PDCEmulator
or
Move-ADDirectoryServerOperationMasterRole -Identity "<NEW_DC>" -OperationMasterRole 0
Seize Individual Roles
Here is an example of Seizing the Schema Master role:
Move-ADDirectoryServerOperationMasterRole -Identity "<NEW_DC>" -OperationMasterRole SchemaMaster -Force
or
Move-ADDirectoryServerOperationMasterRole -Identity "<NEW_DC>" -OperationMasterRole 3 -Force