首頁 » Window 技術手冊 » Windows AD (Active Directory)

Transferring operations master roles

由 datahunter 在 五, 12/07/2013 - 15:38 發表

 

Check FSMO Roles

 

1. C:\>ntdsutil

2. ntdsutil: roles

3. fsmo maintenance: connection

4. server connections: connect to server localhost

Binding to localhost ...
Connected to localhost using credentials of locally logged on user.

5. server connections: q

6. fsmo maintenance: select operation target

7. select operation target: list roles for connected server

Example Result:

Server "localhost" knows about 5 roles
Schema - CN=NTDS Settings,CN=AD01,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=mydomain,DC=local
Domain - CN=NTDS Settings,CN=AD03,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=mydomain,DC=local
PDC - CN=NTDS Settings,CN=AD03,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=mydomain,DC=local
RID - CN=NTDS Settings,CN=AD03,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=mydomain,DC=local
Infrastructure - CN=NTDS Settings,CN=AD03,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=mydomain,DC=local

 

 

http://technet.microsoft.com/en-us/library/cc781578%28v=ws.10%29.aspx

 

Active Directory Schema:

  • Schema master

0. regsvr32 schmmgmt.dll

1 Open the Active Directory Schema snap-in.

2 In the console tree, right-click Active Directory Schema and then click Change Domain Controller.

3 Click Specify Name and type the name of the domain controller that you want to hold the schema master role.

4 In the console tree, right-click Active Directory Schema, and then click Operations Master.
5 Click Change.

Domain naming master:

  • Active Directory Domains and Trusts

Active Directory Users and Computers:

  • RID master
  • PDC emulator master
  • Infrastructure master

-----------------------------------------------------------------------

Using a command line

    Type:

        ntdsutil

    At the ntdsutil command prompt, type:

        roles

    At the fsmo maintenance command prompt, type:

        connection

    At the server connections command prompt, type:

        connect to server <DomainController>

    At the server connections command prompt, type:

        quit

    At the fsmo maintenance command prompt, type:

        transfer schema master

    
    
DomainController
    

The domain controller to which you want to assign the new operations master role.
    
================================================

naming master

Open Active Directory Domains and Trusts.

In the console tree, right-click Active Directory Domains and Trusts, and then click Connect to Domain Controller.

In Enter the name of another domain controller, type the name of the domain controller you want to hold the domain naming master role.

Or, click the domain controller in the list of available domain controllers.

In the console tree, right-click Active Directory Domains and Trusts, and then click Operations Master.

Click Change.

------------------------------------------------------

Using a command line

    Open Command Prompt.

    Type:

    ntdsutil

    At the ntdsutil command prompt, type:

    roles

    At the fsmo maintenance command prompt, type:

    connection

    At the server connection command prompt, type:

    connect to server DomainController

    At the server connection command prompt, type:

    quit

    At the fsmo maintenance command prompt, type:

    transfer domain naming master

================================================

Transfer the RID master role

Using the Windows interface

    Open Active Directory Users and Computers.

    In the console tree, right-click Active Directory Users and Computers, and then click Connect to Domain Controller.

    In Enter the name of another domain controller, type the name of the domain controller you want to hold the RID master role.

    Or, click the domain controller in the list of available domain controllers.

    In the console tree, right-click Active Directory Users and Computers, point to All Tasks, and then click Operations Masters.

    Click the RID tab, and then click Change.

-----------------------------

    ntdsutil

At the ntdsutil command prompt, type:

    roles

At the fsmo maintenance command prompt, type:

    connection

At the server connections command prompt, type:

    connect to serverDomainController

At the server connections command prompt, type:

    quit

At the fsmo maintenance command prompt, type:

    transfer RID master

================================================

Transfer the PDC emulator role

Open Active Directory Users and Computers.

In the console tree, right-click Active Directory Users and Computers, and then click Connect to Domain Controller.

In Enter the name of another domain controller, type the name of the domain controller you want to hold the PDC emulator role.

Or, click the domain controller in the list of available domain controllers.

In the console tree, right-click Active Directory Users and Computers, point to All Tasks, and then click Operations Masters.

Click the PDC tab, and then click Change.

-----------------------------------

ntdsutil

At the ntdsutil command prompt, type:

roles

At the fsmo maintenance command prompt, type:

connection

At the server connections command prompt, type:

connect to serverDomainController

At the server connections command prompt, type:

quit

At the fsmo maintenance command prompt, type:

transfer PDC

===========================================

infrastructure master role

Open Active Directory Users and Computers.

In the console tree, right-click Active Directory Users and Computers, and then click Connect to Domain Controller.

In Enter the name of another domain controller, type the name of the domain controller you want to hold the infrastructure master role.

Or, click the domain controller in the list of available domain controllers.

In the console tree, right-click Active Directory Users and Computers, point to All Tasks, and then click Operations Masters.

On the Infrastructure tab, click Change.

--------------------------------------

        ntdsutil

    At the ntdsutil command prompt, type:

        roles

    At the fsmo maintenance command prompt, type:

        connection

    At the server connections command prompt, type:

        connect to serverDomainController

    At the server connections command prompt, type:

        quit

    At the fsmo maintenance command prompt, type:

        transfer infrastructure master

 

 

To seize the FSMO roles by using Ntdsutil

 

C:\WINDOWS>ntdsutil
ntdsutil:

ntdsutil: roles
fsmo maintenance:

fsmo maintenance: connections
server connections:

server connections: connect to server localhost
server connections:

server connections: q
fsmo maintenance:

Seize domain naming master
Seize infrastructure master
Seize PDC
Seize RID master
Seize schema master

 

 

 

 

 

»
  • 瀏覽次數: 2093

Creative Commons license icon Creative Commons license icon