Move-FSMOs

1.1.2

Move-FSMOs.ps1

                                
<#PSScriptInfo

.VERSION 1.1.2

.GUID fe8a1f3a-c888-4c84-a8af-3a4827d462f1

.AUTHOR teestar@the-windows.expert

.COMPANYNAME 

.COPYRIGHT 

.TAGS 

.LICENSEURI 

.PROJECTURI 

.ICONURI 

.EXTERNALMODULEDEPENDENCIES 

.REQUIREDSCRIPTS 

.EXTERNALSCRIPTDEPENDENCIES 

.RELEASENOTES

#>

<# 

.DESCRIPTION 

 Transfers FSMO roles from one DC to another DC 

#> 

Param()

<#

.SYNOPSIS

Transfers FSMO roles from one DC to another DC

.DESCRIPTION

Transfers FSMO roles from current DC to another DC. This must be run on a domain joined computer in the same domain and forest with at least domain admin rights. There is no functionality to specify alternate domains or forests.

If DC is permanently offline, then the FSMO role will be seized 

.Example

./Move-FSMOs

.INPUTS

No inputs required

.OUTPUTS

Dsiplays new FSMO role holders

.NOTES

Author: Tim Jardim

Date:   14.02.17

Version:1.001.002

#>

# Define Functions

  Function Get-FSMOs

      {  

       $FSMO_Dom=Get-ADDomain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator

       $FSMO_For = Get-ADForest | Select-Object DomainNamingMaster, SchemaMaster

       $FSMO = @{

          InfrastructureMaster= $FSMO_Dom.InfrastructureMaster

          RIDMaster           = $FSMO_Dom.RIDMaster

          PDCEmulator         = $FSMO_Dom.PDCEmulator

          DomainNamingMaster  = $FSMO_For.DomainNamingMaster

          SchemaMaster        = $FSMO_For.SchemaMaster

         }

       Return $FSMO

      }

# End Function declaration

#

# Define FSMORoles

  $FSMORoles =@("PDCEmulator", "RIDMaster", "InfrastructureMaster", "SchemaMaster", "DomainNamingMaster")

  Clear-Host

#

# Check for AD module

#

  If (! (Get-Module -List ActiveDirectory)) 

  {

   Write-Host "AD module not found, exiting" -ForegroundColor Red

   Break

  }  

# Get FSMO role holders  

  $FSMO=Get-FSMOs

# Get domain controllers in domain   

  $DomainControllers = ([System.Directoryservices.Activedirectory.Domain]::GetCurrentDomain()).DomainControllers.Name

# Check number of DCs-Must be greator than 1

  If (($DomainControllers.Count) -lt 2 )

    {

     Write-Host "Only one domain controller found-exiting" -ForegroundColor Red

     Break

    }

  ForEach ($FSMORole in $FSMORoles)      

    {

    # Define  DC to replicate to

      $FSMOScripts='$FSMO' + "." +$FSMORole

      $CurrentDC=  (Invoke-Expression $FSMOScripts)

      $DC=$DomainControllers | Where-Object {! ($_ -match $CurrentDC)} | Out-GridView -Title "Select DC to move $FSMORole" -PassThru

      Write-Host "Transfering $FSMORole to $DC" -ForegroundColor Cyan

      Try

        {

         $Server = Get-ADDomainController -Identity $DC

         Move-ADDirectoryServerOperationMasterRole -Identity $Server -OperationMasterRole $FSMORole -Force -Confirm:$false  -ErrorAction Stop

         Write-Host "Successfully transfered $FSMORole to $DC`n" -ForegroundColor Green

        }

      Catch

        {

         Write-Host "Error transfering $FSMORole to $DC`n" -ForegroundColor Red

        }

    }

  Write-Host "Current FSMO assignment"  -ForegroundColor Cyan

  Get-FSMOs