Windows Server – Locating, Transferring, and Seizing FSMO Roles

FSMO Roles KB ID 0001257 

Problem

I’ve written about transferring and sizing FSMO roles, (Flexible Single Master Operations) before, see the following article;

Transferring Your FSMO Roles

Now you have a PowerShell Commandlet to help ‘Move-ADDirectoryServerOperationMasterRole‘.

FSMO Roles : Solution

As before you can view your FSMO role holders, by using the following command.

[box]netdom query fsmo[/box]

To transfer them to another server, (in the case a host called LAN-2016.

[box]Move-ADDirectoryServerOperationMasterRole -Identity LAN-2016 -OperationMasterRole SchemaMaster,  DomainNamingMaster, PDCEmulator, RIDMaster, InfrastructureMaster
[/box]

If you can’t be bothered to type the names, you can also use numbers, i.e.

  • PDCEmulator 0
  • RIDMaster 1
  • InfrastructureMaster 2
  • SchemaMaster 3
  • DomainNamingMaster 4

Obviously this will move them all, omit any you don’t want to move!

How to Seize FSMO Roles In Server 2016

Easy! Same command as above, but you put the ‘-Force’ switch on the end of the command, i.e.

[box]Move-ADDirectoryServerOperationMasterRole -Identity LAN-2016 -OperationMasterRole SchemaMaster,  DomainNamingMaster, PDCEmulator, RIDMaster, InfrastructureMaster -Force
[/box]

Note: If you prefer to do this graphically, then see the following article.

Transferring Your FSMO Roles

Related Articles, References, Credits, or External Links

NA

Windows SBS – Moving the Windows Software Update Services Database (SUSDB.mdf)

KB ID 0000609

Problem

Last week a client rang in to say their servers system drive was running out of room. A quick scan showed me the biggest thing on there was a 12 GB database called SUSDB.mdf.

A few searches told me what I’d already guessed from the name, WSUS was the offender, so I set about moving it to their data drive that had lots of free space.

Solution

1. Launch the Windows SBS Console > Backup and Server Storage > Server Storage > Move Windows Update Repository Data.

2. If you are using third party backup software you may see this warning > OK.

3. Locate the Drive you want to Migrate TO and select it > Next.

4. This will move a few GB of data across to the new location. However it does NOT move the database itself.

5. To actually move the Database > Start > All Programs > Microsoft SQL Server 2005 > SQL server Management Studio Express, (Note: You may need to run as administrator).

6. Change the server name to the following and log in.

[box].pipeMSSQL$MICROSOFT##SSEEsqlquery[/box]

7. Expand Databases > Locate the SUSDB Database > Right Click > Detach.

8. Tick the “Drop Connections” box > OK.

9. I suggest you COPY the database from the system drive to the new drive.

10. Once its moved across, back in the SQL management studio > Right click Databases > attach.

11. Add.

12. Browse to the NEW location of the SUSDB.mdf file > OK.

13. OK.

14. Once the database is successfully added back in you can go back to the system drive and delete the original WSUS database.

15. When finished, it’s good practice to tidy up the database > From within the Window Server Update Services Console > Options > Server Cleanup Wizard.

16. Select All > Next > Prepare to wait A LONG TIME (this will probably take a few hours!)

17. When its finished you should see something like this.

Related Articles, References, Credits, or External Links

NA

McAfee MOVE AV Multi-Platform Issue – MOVE AV Protection Disabled

KB ID 0000980 

Problem

There are a number of reasons for you seeing this error, you will see this even if the Offload server(s) are shut down. In my case it was a new deployment, and the Windows firewall on the MOVE Offload server was blocking communication.

McAfee Updater OK
MOVE AV Multi-Platform Issue – MOVE AV Protection Disabled

Solution

Below I will configure the Windows firewall on my MOVE Offload Server, if you would prefer to do this via Group Policy see the following article.

Windows – Open a Firewall Port with Group Policy

1. On the Offload server > Windows Key+R > WF.msc {Enter} > Inbound Rules > New Rule.

2. Select Port > Next > TCP > Enter Port 9053* > Next.

*Note: TCP Port 9053 is the default, though this can be changed in policy.

3. Allow the Connection > Next > Domain > Next.

4. Give the rule a descriptive name, and a comment (optional) > Finish.

5. The rule should now be visible.

6. Now your MOVE clients should look like this.

 

Related Articles, References, Credits, or External Links

NA