Welcome Sign in
Windows Client TechCenter
Click to Rate and Give Feedback
TechNet
TechNet Library
Windows
Windows Server
Windows Server 2008
Getting Started
Read-only Domain Controllers Step-by-Step Guide

Updated: April 25, 2007

This step-by-step guide provides instructions for planning, installing, and using a read-only domain controller (RODC). An RODC is a new type of domain controller in the Windows Server® 2008 operating system. This new type of domain controller, as its name implies, hosts read-only partitions of the Active Directory® database.

An RODC makes it possible for organizations to easily deploy a domain controller in scenarios where physical security cannot be guaranteed, such as branch office locations, or in scenarios where local storage of all domain passwords is considered a primary threat, such as in an extranet or in an application-facing role.

Organizations that can guarantee the physical security of a branch domain controller might also deploy an RODC because of its reduced management requirements that are provided by such features as unidirectional replication.

Because RODC administration can be delegated to a domain user or security group, an RODC is well suited for a site that should not have a user who is a member of the Domain Admins group.

In this guide

Tags What's this?: Add a tag
Community Content   What is Community Content?
Add new content RSS  Annotations
Processing
© 2008 Microsoft Corporation. All rights reserved. Terms of Use  |  Trademarks  |  Privacy Statement
Page view tracker