Seizing and operation master roles is done, when Operational master roles are not transferred.
It is a last step of trasfferirng a role.
There is a lots of risk in seizing operations master roles.
Seizing roles:
1)when you want to expand your schema,, seize a schema master role
2)when your domain controller do not add a domain,, seize a domain naming master role
3)when you can not create an object in active directory, seize a RID master role
4)when your server create proble for password authentication or time synchronization,, seize a PDC emulator role
5)seizeing an infrastructure role may affect cross domain refrence updates.
while seizing role, your domain controller must be offline. It is not connected to network
Once you decided to seizing a operation role, The domain can't be used as a Domain controller again.'
How to check,which domain hold which operation master role in a forest?
write a command, netdom query fsmo
Error for RID master role like this
For seizing a role
1)Open a comman prompt and run a command ntdsutil
Now you get ntdsutil prompt
2)now in ntdsutil prompt write roles
ntdsutil: roles
it open fsmo maintenance prompt
3)in fsmo maintenance prompt write connections
fsmo maintenance: connections
it change command prompt to server connections
4)now in server connection prompt write connect to server Domain1
server connections: connnect to server Domain1
it connect you to Domain1,Domain1 is a domain from which you want to seize your operation master role
5)exit from the server connections prompt
server connections: quit
the command prompt change to fsmo maintenance
6)here we are seizing a RID master role,so write a command Seize RID master
fsmo maintenance: Seize a RID master
confrom to yes
Now remove server from the active directory
1)open command prompt,write a command ntdsutil
now command prompt chage to ntdsutil
2)ntdsutil: metadata cleanup
3)metadata cleanup: connections
4)server connections: connect to server Domain1
after connecting to Domain1, now return back to the metadata cleanup
server connections: quit
5)metadata cleanup: select operation target
6)select opertion target: list domain
it display all the domain in your forest
7)after selecting a domain select a site from which you want to remove domain controller
select operation target: list sites
for select a site
select operation target: select site 0
here 0 is a number of a site
8)now select a server which you want to remove
select operation target: list servers in site
for remove a sever
select operation target: select sever 2
9)quit form the select operation target prompt
select operation target prompt: quit
10)in metadata cleanup prompt write a command remove selected server
metadata cleanup: remove selected server
11)The last step to remove server from the forest
start-->adminstrative Tools-->Active Directory Sites and Services
sites-->servers-->(Delete server from which you seize a operation master role)
12)now Remove Active Directory service form Seizing a domain controller
in command prompt write a command dcpromo /forceremoval
It is a last step of trasfferirng a role.
There is a lots of risk in seizing operations master roles.
Seizing roles:
1)when you want to expand your schema,, seize a schema master role
2)when your domain controller do not add a domain,, seize a domain naming master role
3)when you can not create an object in active directory, seize a RID master role
4)when your server create proble for password authentication or time synchronization,, seize a PDC emulator role
5)seizeing an infrastructure role may affect cross domain refrence updates.
while seizing role, your domain controller must be offline. It is not connected to network
Once you decided to seizing a operation role, The domain can't be used as a Domain controller again.'
How to check,which domain hold which operation master role in a forest?
write a command, netdom query fsmo
Error for RID master role like this
For seizing a role
1)Open a comman prompt and run a command ntdsutil
Now you get ntdsutil prompt
2)now in ntdsutil prompt write roles
ntdsutil: roles
it open fsmo maintenance prompt
3)in fsmo maintenance prompt write connections
fsmo maintenance: connections
it change command prompt to server connections
4)now in server connection prompt write connect to server Domain1
server connections: connnect to server Domain1
it connect you to Domain1,Domain1 is a domain from which you want to seize your operation master role
5)exit from the server connections prompt
server connections: quit
the command prompt change to fsmo maintenance
6)here we are seizing a RID master role,so write a command Seize RID master
fsmo maintenance: Seize a RID master
confrom to yes
Now remove server from the active directory
1)open command prompt,write a command ntdsutil
now command prompt chage to ntdsutil
2)ntdsutil: metadata cleanup
3)metadata cleanup: connections
4)server connections: connect to server Domain1
after connecting to Domain1, now return back to the metadata cleanup
server connections: quit
5)metadata cleanup: select operation target
6)select opertion target: list domain
it display all the domain in your forest
7)after selecting a domain select a site from which you want to remove domain controller
select operation target: list sites
for select a site
select operation target: select site 0
here 0 is a number of a site
8)now select a server which you want to remove
select operation target: list servers in site
for remove a sever
select operation target: select sever 2
9)quit form the select operation target prompt
select operation target prompt: quit
10)in metadata cleanup prompt write a command remove selected server
metadata cleanup: remove selected server
11)The last step to remove server from the forest
start-->adminstrative Tools-->Active Directory Sites and Services
sites-->servers-->(Delete server from which you seize a operation master role)
12)now Remove Active Directory service form Seizing a domain controller
in command prompt write a command dcpromo /forceremoval
No comments:
Post a Comment