You can transfer a domain controller both in case of its inoperability, and in case of health. The main difference is that it is advisable to transfer a failed mechanism only if a backup copy has been deployed in advance. This is the only way to recover data later.
It is necessary
Computer, domain controller
Instructions
Step 1
Create a backup domain controller. To do this, run the dcpromo wizard on any network server. It will help you create a controller in a domain that already exists. As a result, the Active Directory (AD) directory service is deployed to the secondary server.
Step 2
Run the DNS server installation. All settings and zone are stored in AD. From there, all records are copied to the backup controller by default. Wait for this to happen. Specify the IP address of the base domain controller with the address of the primary DNS server.
Step 3
Check the functionality of the backup controller. Create a user account on any of them. It will appear on the backup device, but at first - as disabled, and after 2-3 minutes - as active. This is a signal that the backup mechanism is working.
Step 4
If the domain has two or more controllers, then specify how fsmo roles are redistributed between them. To do this, use the commands:
dsquery server –hasfsmo schema
dsquery server - hasfsmo name
dsquery server - hasfsmo rid
dsquery server - hasfsmo pdc
dsquery server - hasfsmo infr
dsquery server –forest -isgc
Each of the teams will highlight the owner of a particular role. In most cases, the owner of all roles is the base controller.
Step 5
Voluntarily transfer fsmo roles from the base controller to the standby controller. This is necessary for the second one to cope with all tasks as the main one. Use Active Directory for this. First, make sure the account is in the Domain Admins, Schema Admins, and Enterprise Admins sections. Then start the classic fsmo role transfer via AD consoles.
Step 6
Open "Active Directory Domains and Trust" on the controller from which the role will be transferred. Right-click on the "Active Directory Domains and Trust" image and select the "Connect to a domain controller" command. In this case, from the list, select the controller to which the role will be transferred. Right-click on the Active Directory Domains and Trust component and find the Operations Masters command. A dialog box will appear. In it, find the line "Change the master of operations" and click "Change". A pop-up request to transfer the role appears. Answer in the affirmative. Role transferred successfully.
Step 7
Similarly, use the Active Directory Users and Computers console to transfer the Primary Domain Controller, Infrastructure Master, and RID Master roles. Before transferring the schema master role, register the library containing the Active Directory schema management documentation in the system:
regsvr32 schmmgmt.dll
Add the Active Directory Schema snap-in to the mmc console, change the role master in it according to the previous scheme.
Step 8
When all roles have been transferred, deal with the Main Directory Keeper option. Go to Active Directory: "Sites and Services" and find the controller on which you transferred all the data. Open the properties of its NTDS settings and check the global catalog.
