This was sort of an aside to a question I discussed with a fellow MVP today…
- Get hex format of domain SID
- Send to new DC with operational attribute becomePDC
Simple huh?
Ok here is a little more detail.
Â
Get hex format of domain SID
adfind -b dc=domain,dc=com -s base objectsid -sidbinout
Of if you want to work with the default domain
adfind -default -s base objectsid -sidbinout
G:\>adfind -default -s base objectsid -sidbinout
AdFind V01.31.00cpp Joe Richards (joe@joeware.net) March 2006
Using server: r2dc1.test.loc:389
Directory: Windows Server 2003
Base DN: DC=test,DC=locdn:DC=test,DC=loc
>objectSid: 010400000000000515000000aa867905c1c5484bba6236d5
1 Objects returned
Â
Send to new DC with operational attribute becomePDC
admod -h DC_to_Become_PDC -rootdse bin##becomePDC::domain_sid
G:\>admod -h r2dc1 -rootdse bin##becomepdc::010400000000000515000000aa867905c1c5484bba6236d5
AdMod V01.06.00cpp Joe Richards (joe@joeware.net) June 2005
Modifying ROOTDSE…
DN Count: 1
Using server: r2dc1.test.loc
Modifying specified objects…
  DN: ROOTDSE…The command completed successfully
Â
