SHIFT

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools


Sidebar

Recently Changed Pages:

View All Pages


View All Tags


LinkedIn




WIKI Disclaimer: As with most other things on the Internet, the content on this wiki is not supported. It was contributed by me and is published “as is”. It has worked for me, and might work for you.
Also note that any view or statement expressed anywhere on this site are strictly mine and not the opinions or views of my employer.


Pages with comments

View All Comments

adroleseizing

AD DC Role Seizing

Whenever you're in the situation the AD Domain Controller roles (FMSO) are not what they should be you can always seizes the roles you need. This small howto shows you how.

Note: This is a quite common scenario after doing a test failover with Site Recovery Manager 5.1.

Using NTDSUTIL

Ntdsutil is the tool we need, and note that for the seizing of the schema role you need to be in the “schema admins” group:

  • Open an elevated command prompt
  • Start the program ntdsutil
C:\ ntdsutil
ntdsutil:
  • Type roles
ntdsutil: roles
fsmo maintenance:
  • Type connections
fsmo maintenance: connections
server connections:
  • Type connect to server <servername>
server connections: connect to server dcserver
Binding to dcserver ...
Connected to dcserver using credentials of locally logged on user.
server connections:
  • Type q to return to maintenance mode
server connections: q
fsmo maintenance:
  • Type these commands to seize the roles for AD 2003:
  1. Seize domain naming master
  2. Seize infrastructure master
  3. Seize PDC
  4. Seize RID master
  5. Seize schema master
  • Type these commands to seize the roles for AD 2008:
  1. Seize naming master
  2. Seize infrastructure master
  3. Seize PDC
  4. Seize RID master
  5. Seize schema master
Note that confirmation will be asked, you'll have to click “yes” to proceed.
You could leave a comment if you were logged in.
adroleseizing.txt · Last modified: 2021/09/24 00:24 (external edit)