There are certain scenarious when installing a Read Only Domain Controller (RODC) is a suitable approach. Tightening the security at remote sites and reducing the replication traffic are probably two of the main reasons to choose this approach.
Before you proceed with the installation of an RODC in your network, you have to make sure that it covers certain requirements. Here is a brief overview:
– PDC Emulator – the DC holding the PDC FSMO in the domain where you intend to install RODC must be running Windows Server 2008.
– Global Catalog – you need to have a GC running Windows Server 2008.
– Domain Functional Level must be at least Windows Server 2003
– Forest Functional Level must be at least Windows Server 2003
– Schema modification – you must run once in the forest adprep /rodcprep
In addition, you must have in mind the following:
– Global Catalog – if there are Outlook clients in the branch office, the RODC should be configured as GC.
– Authentication Requests – the RODC forwards authentication requests to a Global Catalog, running Windows Server 2008, in a site that is closest to the site with the RODC.
– Multiple RODCs – RODCs in the same site DO NOT SHARE information with each other. If the connection to a writable DC is down, there could be inconsistent logon experiences for the users
In the following Step-by-Step video tutorial, we demonstrate the installation of RODC:
Stay tuned on NetoMeter – subscribe to NetoMeter RSS.
Dean
1 comment
Jimmie P…
Kudos, just passing thru….
Comments are closed.