Move a single FSMO role

Sometimes you just want to move a single FSMO role

 

function move-afsmo {            
[CmdletBinding()]            
param([string]$server,             
            
[ValidateSet("schema", "domain", "rid", "infra", "pdc")]            
[string]$fsmo            
)            
$dom = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()            
$sid = ($dom.GetDirectoryEntry()).objectSid            
$dc = [ADSI]"LDAP://$server/rootDSE"            
            
switch ($fsmo.ToLower()){            
    "schema" {$role = "becomeSchemaMaster"; break}            
    "domain" {$role = "becomeDomainMaster"; break}            
    "rid"    {$role = "becomeRidMaster"; break}            
    "infra"  {$role = "becomeInfraStructureMaster"; break}            
    "pdc"    {$role = "becomePDC"; break}            
}            
            
if ($role -eq "becomePDC"){ $dc.Put($role, $sid[0])}            
else {$dc.Put($role, 1) }            
$dc.SetInfo()            
}

 

This function takes a domain controller name and a role and performs the transfer.

move-afsmo -server dc02 -fsmo schema                                       
move-afsmo -server dc02 -fsmo domain                                       
move-afsmo -server dc02 -fsmo rid                                          
move-afsmo -server dc02 -fsmo infra                                        
move-afsmo -server dc02 -fsmo pdc 

The roles are validated on input to determine the given value is in the set of roles. A switch statement sets the role to input to the Put() method. The transfer is performed as previously

Advertisements
This entry was posted in PowerShell and Active Directory. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s