May 24, 2024

Windows: Need to Seize Roles during DR?

In an environment that needs to come up quickly, I found a little trick that can be helpful.

NTDSUTIL.exe lets you manage which domain controllers handle which roles in your domain.

According to kb article 243267, you can script this. So in a DR situation, if you have a virtual DC (in a VM) and you want to have it seize all roles, it can be simple with the following script.

The following script will allow you to seize all roles from a batch file (seizeroles1.bat):
**********BEGIN HERE**********
ntdsutil roles connections “connect to server %1” quit “seize domain naming master” quit quit
ntdsutil roles connections “connect to server %1” quit “seize infrastructure master” quit quit
ntdsutil roles connections “connect to server %1” quit “seize PDC” quit quit
ntdsutil roles connections “connect to server %1” quit “seize RID master” quit quit
ntdsutil roles connections “connect to server %1” quit “seize schema master” quit quit
***********END HERE***********

Save the batch file as seizeroles.bat and call it from a cmd prompt with “seizeroles.bat servername.domain”

Additionally, some of this can be abbreviated (seizeroles2.bat):
**********BEGIN HERE**********
ntdsutil r c “co t s %1” q “seize domain naming master” q q
ntdsutil r c “co t s %1” q “seize infrastructure master” q q
ntdsutil r c “co t s %1” q “seize PDC” q q
ntdsutil r c “co t s %1” q “seize RID master” q q
ntdsutil r c “co t s %1” q “seize schema master” q q
***********END HERE***********

And if you really want it to shorten up, you can enter a single line to do what you want (seizeroles3.bat):
**********BEGIN HERE**********
ntdsutil r c “co t s %1” q “seize domain naming master” “seize infrastructure master” “seize PDC” “seize RID master” “seize schema master” q q
***********END HERE***********

Also I like to add a “popups off” or “p off” before the r c to keep it from prompting me as to whether I wish to perform this action or not.

Enjoy.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.