Article Summary: This article provides information on seizing Flexible Single Master Operations (FSMO) roles from a Windows domain controller that is no longer operational.
Important: This article discusses seizing FSMO roles held by a domain controller that is no longer operational. For information on transferring FSMO roles between two operational DCs, refer to this article instead.
In an Active Directory (AD) forest, Flexible Single Master Operations (FSMO) roles are special roles distributed among one or more DCs. Of the five FSMO roles, three are held by one DC per domain:
The other two roles are held by one DC in the entire forest:
For information about the function of each FSMO role and guidelines for their placement in an AD forest, see Microsoft Knowledgebase article 223346.
It is sometimes necessary to seize a role from a domain controller that is no longer functioning or has been removed from the domain without being properly demoted first.
Important: Roles should only be seized when the original holder of the role can't or won't be recovered. If a DC fails but can be recovered by restoring a system-state backup, do not seize any FSMO roles it held; restore the backup instead. If a DC fails in such a way that its operating system must be reinstalled and no system-state backup is available, any FSMO roles it held should be seized by a working DC.
Seizing FSMO Roles Using the Command Line
Note: It is not possible to seize FSMO roles using the graphical interface.
Important: When a FSMO role has been seized, the original role holder must not be brought back online until after its operating system has been reinstalled.
It is also possible to seize FSMO roles in PowerShell by using the Move-ADDirectoryServerOperationMasterRole cmdlet with the -force parameter.
For more information about seizing FSMO roles, see Microsoft Knowledgebase article 255504.
ID de l'article : SLN156016
Date de la dernière modification : 09/03/2014 12:52 PM
Merci pour vos commentaires.