How to: move FSMO Roles, Demote and re-promote a Domain Controller with PowerShell



Here are the commands you need if you want to demote and re-promote a Domain Controller with PowerShell

Move FSMO Roles:

Move-ADDirectoryServerOperationMasterRole -Identity nameofthedcwhereyouwanttomovetheroles -OperationMasterRole pdcemulator, ridmaster, infrastructuremaster, schemamaster, domainnamingmaster
(the roles you want to move)

Check if everything worked:
Get-ADDomain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator


Demote

Demote Test
Test-ADDSDomainControllerUninstallation -DemoteOperationMasterRole -LastDomainControllerInDomain -RemoveApplicationpartitions
(Only needed when it is the last Domain Controller in your Environment)

Start Demote
Uninstall-ADDSDomainController -DemoteOperationMasterRole -RemoveApplicationPartition


Promote

Promote: Windows features

Install-WindowsFeature -name AD-Domain-Services -IncludeManagementTools


Test-Promote:
Test-ADDSForestInstallation -DomainName your.domain.xx -InstallDns

(hit enter and type “SafeModeAdministratorPassword” and confirm the password again.)


Promote
Install-ADDSForest -DomainName your.domain.xxx -InstallDNS

Check
Get-ADDomainController

Comments

Popular posts from this blog

Export a list of all XenApp 7.x published applications via Powershell

Implementing Single Sign On with NetScaler and Kerberos Constrained Delegation (KCD)

How to: Create a Client Certificate for LDAPS with OpenSSL