The Mysterious Case of the Self-Moving FSMO Roles

Hello all! This is Chris Cartwright from Directory Services. I had a coworker, Eric Jansen, reach out to me from the field and ask about an incident on site he was looking into a scenario where "the PDCE (Primary Domain Controller Emulator) and DNM (Domain Naming Master) mysteriously moved…" to a DC in another site. He said what was weird was who the logs said performed it. He also said that the other site used their own procedures to build their DCs, which apparently included using Windows Servers Essentials for the base OS. Now, I have never heard of anyone doing that in an enterprise environment, but it got us curious…

