Shulou(Shulou.com)06/02 Report--

Essential skills for AD administrators (2) offline role transfer

In the previous article, we introduced the essential skills of AD administrators (1) online role transfer, but if the role is offline, if you do the migration, we actually saw in the previous article that there is a command seize during the transfer, which can be used to force the role on the offline DC server to be transferred to the normal running DC server. Today, we will introduce this. The operation is similar to the previous article. For more information, please see:

Let's first check the status of the role.

Then we shut down the ADDS-1, so it is defined as offline.

Then we start to force the transfer of roles on ADDS-1 to ADDS-2.

Start running on ADDS-2-- enter-- ntdsutil at the cmd--- command prompt

Then enter the question mark (?) To help.

Enter roles to enter administrative NTDS role owner token management

Through help, we found that there are two kinds of commands, one is transfer, the other is seize

Transfer means that all DC servers are online.

Seize is used when the role owner is offline; we use seize here to force the transfer

We first use transfer for online transmission; before transmitting, we need to connect to the server; so we need to use connections

At the fsmo maintenance command prompt, type:

Connection, enter. Go ahead? (question mark) View help

At the server connections command prompt, type:

Connect to server ADDS-2 (computer name that needs to be promoted to primary domain controller), enter.

At the server connections command prompt, type:

Quit, enter.

At the fsmo maintenance command prompt, type:

At this point, we pass? (question mark) View help commands

The order of the transfer roles is recommended in the following order

1.Seize naming master 2.Seize infrastructure master3.Seize pdc4.Seize rid master5.Seize schema master

We started to force the transmission of naming master

.Seize naming master

Seize infrastructure master

Seize PDC

Seize RID

Seize schema master

Query the role owner

In the next article, we will continue the introduction of AD-related services, operation and maintenance.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.