Transfer FSMO roles using NtdsUtil command

Transfer FSMO roles

1. Log on to domain controller that is located in the forest where FSMO roles are being transferred. It    is recommended that you log on to the domain controller that you are assigning FSMO roles to.
 
   Note: The logged-on user should be a member of the Enterprise Administrators group to transfer Schema master or Domain naming master roles, or a member of the Domain Administrators group of the domain where the PDC emulator, RID master and the Infrastructure master roles are being transferred.

2. Click Start, click Run, type ntdsutil in the Open box, and then click OK.

3. Type roles, and then press ENTER.

4. Type connections, and then press ENTER.

5. Type connect to server <servername>, where <servername> is the name of the server you want to use (i.e. domain controller that you are assigning FSMO roles to), and then press ENTER.

6. At the server connections: prompt, type q, and then press ENTER again.

7. Type transfer <role>. where <role> is the role you want to transfer, press ENTER.

Example:
transfer schema master
transfer domain naming master (In Server 2003)
transfer naming master (In Server 2008)
transfer rid master
transfer pdc
transfer infrastructure master

8. You will receive a warning message asking if you want to perform the transfer. Click on Yes.

9. After you transfer the roles, type q and press ENTER until you quit Ntdsutil.exe.

FSMO Roles

FSMO roles

There are five FSMO roles. Two of them are Forest-wide and three of them are Domain-wide roles.

The Forest-wide FSMO roles are common for entire forest and by default are there on the first Domain Controller within forest-root domain.

The Domain-wide roles are separate for each domain within the forest.

Forest-wide FSMO roles:

Schema master

The Schema master role is forest-wide and there is one for each forest. This role is required to extend the schema of an Active Directory forest. Schema contains the attributes or properties of each object of an Active Directory object.

Domain Naming master

The Domain naming master role is forest-wide and there is one for each forest. This role is required to add or remove domains or application partitions to or from a forest.

Domain-wide roles are:

Relative Identifier (RID) master

The RID master role is domain-wide and there is one for each domain. This role is required to allocate the RID pool so that new or existing domain controllers can create user accounts, computer accounts or security groups.

PDC Emulator master

The PDC emulator role is domain-wide and there is one for each domain. PDC is the core and most important role for any domain. PDC is used to sync time between Domain Controllers and between Domain Controllers and other Computers.

It is used to keep track of wrong password entered by user and also receives an update of user and computer password changed on another Domain Controller.

Infrastructure master

The Infrastructure master role is domain-wide and there is one for each domain. This role is responsible for updating group membership updates and other references of objects from one domain to another domain. It is required for multi domain environment and not for single domain environment. And to update SID attributes and distinguished name attributes for objects that are referenced across domains.

Note: It is not recommended to have Global Catalogue and Infrastructure role on the same Domain Controller in Multi Domain Controller, which is an exception if all the Domain Controllers are Global Catalogue. Global Catalogue has partial information of all the objects of other domain therefore it does not allow updates of cross domain.

800F081F

Error Code 800F081F

The error code 800F081F usually occurs when Windows Update or Microsoft Update cannot determine the cryptographic service provider, or a file Windows Update requires (named catalog store) is corrupted.

Run System Update Readiness tool to resolve the issue.

80070490

Error Code 80070490

This error code usually occurs when there is a corruption in the Component Based Servicing manifest.

Run System Update Readiness tool and check 'CheckSUR' log under 'c:\Windows\Logs\CBS'.
Look for errors.
If this didn't detect any errors, open cmd prompt as an Administrator.
Run SFC /Scannow.

For patch KB967723:

Please check whether KB967723 has already been installed on your computer through List of installed updates.
If so, it is possible that this update is reoffered.
Go Hide the update.

Uninstall multiple Windows Updates using Batch File

Create a Batch Script to uninstall number of updates together:

Copy the below mentioned commands (replace the 'Windows Update ID' numbers with the ones you want to uninstall) in a text file and save the file with '.bat' extension.

for %%a in (
2844286
2847311
2849470
) do start "" /w wusa /uninstall /kb:%%a /quiet /norestart

Run the Batch File as an Administrator to uninstall the Windows Updates.

List and Uninstall Windows Update through Command

1. Command to get a list of the installed Windows Updates
wmic qfe get "HotFixID" /format:table

This will list the installed updates directly in the console.

2. Run the below mentioned command to get the list of installed Windows Update in a Text file.
wmic qfe list brief /format:texttablewsys >"%Path_of_the_text_file%"

Where %Path_of_the_text_file% is the path of the text file to be created, as C:\Installed_Updates.txt

3. To uninstall an Update, use the below command:
wusa.exe /kb:%HotfixId% /uninstall /quiet /norestart

where %HotfixId% is the 'Windows Update ID' number. For example, to uninstall update KB279503 you need to run the following:

wusa.exe /kb:279503 /uninstall /quiet /norestart

Create a Bootable USB Flash Drive

To create a bootable USB flash drive/ Pen Drive using DiskPart

1. Insert a USB flash drive into a running computer.

2. Open a Command Prompt as an administrator, type
diskpart

3. In the new command line window that opens, to determine the USB flash drive number or drive letter, at the command prompt, type
list disk, and then click ENTER.
The "list disk" command displays all the disks on the computer. Note the drive number or drive letter of the USB flash drive.

4. At the command prompt, type
select disk <X>
where X is the drive number or drive letter of the USB flash drive, and then click ENTER.

5. Type
clean, and then click ENTER.
This command deletes all data from the USB flash drive.

6. To create a new primary partition on the USB flash drive, type
create part pri, and then click ENTER.

7. To select the partition that you just created, type
select part 1, and then click ENTER.

8.To format the partition, type
format fs=ntfs quick, and then click ENTER.

9. Type
active, and then click ENTER.

10. Type
exit, and then click ENTER.

Extract the ISO to the root of the USB flash drive.

Insert the USB flash drive in the USB port and boot the system.