{"id":245,"date":"2023-10-09T15:22:27","date_gmt":"2023-10-09T18:22:27","guid":{"rendered":"https:\/\/blog.4servers.co\/?p=245"},"modified":"2023-10-09T15:22:27","modified_gmt":"2023-10-09T18:22:27","slug":"245","status":"publish","type":"post","link":"https:\/\/blog.4srv.net\/index.php\/2023\/10\/09\/245\/","title":{"rendered":"Como Transferir as 5 FSMO (Mestres de Opera\u00e7\u00f5es) para outro Controlador de Dom\u00ednio atrav\u00e9s de linha de comando"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Vejo muitas pessoas com dificuldades em transferir as roles FSMO, percebi ent\u00e3o que muitos usu\u00e1rios sentem a necessidade de precisar transferir os mestres de opera\u00e7\u00f5es para outros controladores de dom\u00ednios, seja por problemas no DC Principal, seja para processo de migra\u00e7\u00e3o do Windows Server 2003 para o Windows Server 2008, ent\u00e3o resolvi criar um Post para ajudar e auxiliar nesse processo que \u00e9 a transfer\u00eancia dos Mestes de Opera\u00e7\u00f5es.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Temos 5 Mestres ou FSMO:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>PDC<\/strong>&nbsp;= \u00c9&nbsp;respons\u00e1vel por tratar altera\u00e7\u00f5es de contas de usu\u00e1rios, \u201clockouts\u201d de contas, rela\u00e7\u00f5es de confian\u00e7as com outros dom\u00ednios e pelo sincronismo do rel\u00f3gio no dom\u00ednio.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>RID MASTER<\/strong>&nbsp;=&nbsp;Cada objeto deve possuir um identificador \u00fanico, conhecido como SID. &nbsp;SID do objeto \u00e9 constru\u00eddo usando o SID do dom\u00ednio, mais um ID relativo (RID). Isto evita que dois objetos diferentes tenham o mesmo RID em todo o dom\u00ednio.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Infrastructure Master<\/strong>&nbsp;= Essa&nbsp;que sua fun\u00e7\u00e3o \u00e9 se assegurar que o&nbsp;\u201cDisplay Name\u201d&nbsp;de usu\u00e1rios pertencentes a um grupo sejam atualizados caso este atributo seja alterado. Ele \u00e9 mais importante em ambientes que possuem v\u00e1rios dom\u00ednios, pois vai assegurar que todos os grupos que um determinado usu\u00e1rio perten\u00e7a ir\u00e1 refletir o&nbsp;\u201cDisplay Name\u201d&nbsp;correto.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Domain Naming Master<\/strong>&nbsp;=&nbsp;\u00c9 a regra respons\u00e1vel por assegurar que o nome do Dom\u00ednio \u00e9 \u00fanico na floresta e evita conflitos entre outros dom\u00ednios.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Schema Master<\/strong>&nbsp;=&nbsp;O Schema \u00e9 o cora\u00e7\u00e3o do Active Directory. Ele \u00e9 composto de objetos e atributos, que modelam o Active Directory. Como o esquema pode ser customizado e deve ser o mesmo em toda a floresta Windows, a regra&nbsp;\u201cSchema Master\u201d&nbsp;se encarrega de evitar conflitos entre os DCs.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Exemplo de uso do NTDSUTIL para migrar regras FSMO.<br><br><strong>OBS:<\/strong>&nbsp;Entre com credenciais administrativas para o processo.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Entrar no Prompt e digitar:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">c:&gt;<strong>ntdsutil<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">ntdsutil:<strong>&nbsp;roles<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">fsmo maintenance:&nbsp;<strong>connections<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">server connections:&nbsp;<strong>connect to server&nbsp;seuservidor.local.br<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Binding to seuservidor.dominio.com.br \u2026<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Connected to&nbsp;seuservidor.local.br&nbsp;using credentials of locally logged on user.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">server connections:&nbsp;<strong>quit<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Para transferir a ROLE PDC digite:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">fsmo maintenance:&nbsp;<strong>transfer pdc<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Para transferir a ROLE RID MASTER digite:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">fsmo maintenance:&nbsp;<strong>transfer rid master<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Para transferir a ROLE Infrastructure Master:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">fsmo maintenance:&nbsp;<strong>Transfer infrastructure master<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Para transferir&nbsp;a ROLE&nbsp;Domain Naming Master:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">fsmo maintenance:&nbsp;(<strong>2003) Transfer domain naming master ou<\/strong>&nbsp;<strong>Transfer Naming Master (2008R2)<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Para transferir&nbsp;a ROLE Schema Master:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">fsmo maintenance:&nbsp;<strong>Transfer schema master<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Ap\u00f3s todo o processo de transfer\u00eancia, podemos verificar se realmente foram transferidos com o comando =&nbsp;<strong>netdom query fsmo<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Esse comando ir\u00e1 nos mostrar onde se encontra os 5 mestres, mostra um por um.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large is-style-default\"><img loading=\"lazy\" decoding=\"async\" width=\"429\" height=\"155\" src=\"https:\/\/blog.4servers.co\/wp-content\/uploads\/2021\/04\/2313.netdom-query-FSMO.png\" alt=\"\" class=\"wp-image-246\" srcset=\"https:\/\/blog.4srv.net\/wp-content\/uploads\/2021\/04\/2313.netdom-query-FSMO.png 429w, https:\/\/blog.4srv.net\/wp-content\/uploads\/2021\/04\/2313.netdom-query-FSMO-300x108.png 300w\" sizes=\"auto, (max-width: 429px) 100vw, 429px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Percebi que muitos usu\u00e1rios sentem a necessidade de precisar transferir os mestres de opera\u00e7\u00f5es para outros controladores de dom\u00ednios, seja por problemas no DC Principal, seja para processo de migra\u00e7\u00e3o do Windows Server 2003 para o Windows Server 2008, ent\u00e3o resolvi criar um Post para ajudar e auxiliar nesse processo que \u00e9 a transfer\u00eancia dos Mestes de Opera\u00e7\u00f5es.<\/p>\n","protected":false},"author":1,"featured_media":247,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[31,36,32],"class_list":["post-245","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-windowsserver","tag-active-directory","tag-fsmo","tag-windows-server"],"_links":{"self":[{"href":"https:\/\/blog.4srv.net\/index.php\/wp-json\/wp\/v2\/posts\/245","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.4srv.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.4srv.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.4srv.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.4srv.net\/index.php\/wp-json\/wp\/v2\/comments?post=245"}],"version-history":[{"count":4,"href":"https:\/\/blog.4srv.net\/index.php\/wp-json\/wp\/v2\/posts\/245\/revisions"}],"predecessor-version":[{"id":251,"href":"https:\/\/blog.4srv.net\/index.php\/wp-json\/wp\/v2\/posts\/245\/revisions\/251"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.4srv.net\/index.php\/wp-json\/wp\/v2\/media\/247"}],"wp:attachment":[{"href":"https:\/\/blog.4srv.net\/index.php\/wp-json\/wp\/v2\/media?parent=245"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.4srv.net\/index.php\/wp-json\/wp\/v2\/categories?post=245"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.4srv.net\/index.php\/wp-json\/wp\/v2\/tags?post=245"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}