# Best Practices - [Enable Active Directory Recycle Bin](https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/how-to-connect-sync-recycle-bin) # Links & Tutorials - [Add alternate UPN suffixes - AWS Directory Service (amazon.com)](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_upn_suffixes.html) # FSMO Roles ## Get FSMO roles ```PowerShell Get-ADDomain | fl PDCEmulator,RIDMaster,InfrastructureMaster ``` ```PowerShell Get-ADForest | fl SchemaMaster,DomainNamingMaster ``` ## Transfer FSMO roles ### Separate Commands ```PowerShell Move-ADDirectoryServerOperationMasterRole "DC02-2019" -OperationMasterRole PDCEmulator ``` ```PowerShell Move-ADDirectoryServerOperationMasterRole "DC02-2019" -OperationMasterRole RIDMaster ``` ```PowerShell Move-ADDirectoryServerOperationMasterRole "DC02-2019" -OperationMasterRole InfrastructureMaster ``` ```PowerShell Move-ADDirectoryServerOperationMasterRole "DC02-2019" -OperationMasterRole SchemaMaster ``` ```PowerShell Move-ADDirectoryServerOperationMasterRole "DC02-2019" -OperationMasterRole DomainNamingMaster ``` ### One Command ```PowerShell Move-ADDirectoryServerOperationMasterRole "DC02-2019" -OperationMasterRole PDCEmulator,RIDMaster,InfrastructureMaster,SchemaMaster,DomainNamingMaster ```