Getting your bearings and knowing everything you can about a Forest/Domain you are migrating is key. Which domain controllers in the Forest and Domains hold the Operation Masters roles is one of those important details as you modify or decommission domain controllers. In Today’s article I am showing you how to identify your Operations Master Roles and then how to migrate them to other domain controllers using PowerShell.
Honestly, this is my go to procedure to migrated the Operation Masters roles. Using these PowerShell commands is much easier to move Operations Master Roles than hunting and pecking through the different Active Directory management consoles. Here is how to do it.
Identify Operations Master Roles:
Multi-Level Domain to get Operations Master Roles location
Get-ADDomain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator
Get-ADForest | Select-Object DomainNamingMaster, SchemaMaster
Single Level Forest to get Operations Master Role locations.
Get-ADDomainController -Filter * | Select-Object Name, Domain, Forest, OperationMasterRoles |Where-Object {$_.OperationMasterRoles} |Format-Table –AutoSize
Move Roles:
Now that we know where the Operations Master Roles reside, we can now move them to other domain controllers with another simple command.
Note: Permission are key. You will either need Enterprise or Domain Administrator permissions to perform these moves.
Move-ADDirectoryServerOperationMasterRole -Identity “Target-DC” -OperationMasterRole 0,1,2,3,4
What do the Numbers mean? Here is the Key:
PDCEmulator = 0
RIDMaster = 1
InfrastructureMaster = 2
SchemaMaster = 3
DomainNamingMaster = 4
From one PowerShell window you can identify and move any Operations Master role in your Forest or individual domain. No more opening multiple Active Directory management consoles. Whether you are moving the roles before a Domain Controller rebuild or migrating the roles off for other reorganizational reason, this makes it easy.
VirtuallyAware 