Share via

Primary domain controller was down, unable to transfer/seize FSMO roles to secondary domain

Shiro S 1 Reputation point
2022-03-11T08:04:48.093+00:00

Hi Support,

We have 2 domains controller and now our primary domains controller (PDC) was down, the PDC was holding FSMO roles such as schema, domain naming and infrastructure. We unable to seize or transfer FSMO roles to Secondary domain controller (SDC). Global catalog & DNS was enabled for both DC.
Both DC was running on VM, no backup. The PDC which is running on faulty disk and we unable to bring it online.

We have read all article and didnt found any solutions which is able to resolve our issues.

I have to transfer FSMO roles to secondary DC so I can perform metadata cleanup, right?

Regards,
Shiro

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,635 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,244 questions
0 comments

5 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Thameur-BOURBITA 32,636 Reputation points
    2022-03-11T11:05:03.277+00:00

    Hi,

    If the primary PDC is down, try to fix it before performing a seizing for FSMO roles or metadata cleanup.
    If it's not possible to fix the failed DC , you can perform metadata cleanup and FSMO seizing.

    The FSMO role seizing can be performed through the following powershell command: 

    Move-ADDirectoryServerOperationMasterRole -Identity TargetDc -OperationMasterRole SchemaMaster,DomainNamingMaster,PDCEmulator,RIDMaster,InfrastructureMaster -Force

    For metadata cleanup you can refer to the following link:
    ad-ds-metadata-cleanup

    Please don't forget to mark helpful reply as answer

    0 comments
  2. Shiro S 1 Reputation point
    2022-03-14T02:01:52.46+00:00

    Hi Thameur,

    I was having a problem to run the command to force transfer FSMO roles to secondary DC,

    182606-fsmo-failed.jpg

    Attached with error message. FYI, our AD01 was totally lost, unable to recover.

    How to fix or recover back the FSMO roles (Schema, naming and infra)?

    Regard,
    Shiro

    0 comments
  3. Anonymous
    2022-03-14T02:08:00.667+00:00
    0 comments
  4. Shiro S 1 Reputation point
    2022-03-14T06:32:11.59+00:00

    Hi,

    I'm able to transfer the FSMO roles to secondary DC, however I'm not able to remove the PDC (which already offline).

    The error message as below:
    182616-metadata-cleanup.jpg

  5. Thameur-BOURBITA 32,636 Reputation points
    2022-03-14T06:59:41.79+00:00

    Hi,

    You can use one of the GUI tools to perform metadata cleanup : Active Directory Users and Computers or Active Directory Sites and Services:

    Clean up server metadata using GUI tools

    Concerning the command below you should replace the targetDC by the name of second domain controller still alive: 

     Move-ADDirectoryServerOperationMasterRole -Identity **TargetDc** -OperationMasterRole SchemaMaster,DomainNamingMaster,PDCEmulator,RIDMaster,InfrastructureMaster -Force

    Please don't forget to mark helpful reply as answer