Programming4us
         
 
 
Windows Server

Windows Server 2008: Installing a Read-Only Domain Controller (part 2)

12/29/2010 9:54:17 AM

Conducting an RODC Installation

As mentioned earlier, an RODC can be implemented on either a full installation of Windows Server 2008 R2 or on a Windows Server 2008 R2 Server Core installation. The upcoming sections include step-by-step instructions on installing an RODC for both types of scenarios.

Installing an RODC on a Full Installation of Windows Server 2008 R2

Before installing an RODC within your Active Directory infrastructure, ensure the prerequisites are met and you fully understand the circumstances under which the RODC should not be used or else you will jeopardize the success of your installation.

Now, let’s look at how to install an RODC; this example assumes the base Windows Server 2008 R2 system has already been installed. The installation is very similar to a traditional domain controller installation; however, the final steps include Read-Only Domain Controller settings. To conduct the installation with the Active Directory Domain Services Wizard, follow these steps:

1.
Log on to the new branch office Windows Server 2008 R2 system with an account that has domain administrative privileges.

2.
Click Start, Run, and type dcpromo.exe. Click OK to commence the full installation of an RODC. Alternatively, you can add the Active Directory Domain Services role via Server Manager.

Note

The Active Directory Domain Services Wizard checks to see if the Active Directory Domain Services binaries are installed. If they are not, the wizard will begin installing them.

3.
On the Welcome to the Active Directory Domain Services Wizard page, click Next to commence the installation of Active Directory Domain Services (AD DS) on the server.

4.
Review the warning on the Operating System Compatibility page, and then click Next.

5.
On the Choose a Deployment Configuration page, ensure the Existing Forest option is selected, and then specify Add a Domain Controller to an Existing Domain. Click Next to continue, as illustrated in Figure 1.

Figure 1. Adding a new RODC to an existing domain.


6.
On the Network Credentials page, type the name of any domain in the forest where you plan to install the domain controller. After the domain name is entered, specify the account credentials that have permissions to conduct the dcpromo process and that will be used to perform the installation. You can either use the current logged-on credentials or specify alternate credentials. Click Next to continue, as displayed in Figure 2.

Figure 2. Specifying network credentials for the RODC installation.


Note

If the computer is part of a workgroup and is not associated with an Active Directory domain, you must specify alternate domain credentials because the existing credentials are associated with the local server.

7.
On the Select a Domain page, specify the domain where the new RODC will be added, and then click Next.

8.
On the Select a Site page, specify whether the wizard should add the new RODC to a site based on the subnet defined in Active Directory Sites and Services. Alternatively, select a site manually. Click Next to continue.

9.
On the Additional Domain Controller Options page, select the additional options for the domain controller. The options include DNS Server, Global Catalog, and Read-Only Domain Controller (RODC). Ensure that, at the very least, the RODC option is selected, as shown in Figure 3. Click Next to continue.

Figure 3. Ensuring the RODC option is selected.


Note

The RODC option will not be available if a writable domain controller does not already exist in the domain.

10.
At the next step of the installation, the Active Directory Domain Services Wizard prompts you to enter a user or group on the Delegation of RODC Installation and Administration page. Ultimately, the user or group you specify will be responsible for attaching a server to the RODC account and subsequently managing the RODC after the installation is complete. If a user or group is not specified, the installation wizard will automatically allow the Domain Admin or Enterprise Admin group to attach to the RODC. Enter a group on the Delegation of RODC Installation and Administration page, and then click Next, as displayed in Figure 4.

Figure 4. Specifying a group on the Delegation of RODC Installation and Administration page.


Note

For simplicity, it is a best practice to specify a group and add users to the group as needed. Each user associated with the group will have the opportunity to log on to the RODC and will have full control over the server.

11.
Enter the folder location of the database, log files, and sysvol files on the Location for Database, Log Files, and sysvol page, and then click Next to continue.

Note

For maximum performance and recoverability, it is a best practice to store the database and log files on separate volumes.

12.
On the next page, enter a Directory Services Restore Mode administration password, and then click Next.

13.
Review the selections on the Summary page, and then click Next to finalize the installation.

Note

It is possible to export the RODC selections to an answer file if needed. This comes in handy when creating additional Server Core installation Read-Only Domain Controllers.

14.
Click Finish and reboot the new RODC system upon completion of the installation wizard.
Other -----------------
- Windows Server 2008: Understanding Read-Only Domain Controllers (part 2) - Understanding When to Leverage RODCs
- Windows Server 2008: Understanding Read-Only Domain Controllers (part 1)
- Windows Server 2008 : Understanding the Windows AIK (part 5) - Understanding Sysprep
- Windows Server 2008 : Understanding the Windows AIK (part 4) - Understanding ImageX and the .wim File Format
- Windows Server 2008 : Understanding the Windows AIK (part 3) - Understanding Windows PE
- Windows Server 2008 : Understanding the Windows AIK (part 2) - Understanding Windows SIM and Answer Files
- Windows Server 2008 : Understanding the Windows AIK (part 1)
- Windows Server 2008 : Configuring Windows Media Services (part 14) - Configuring Proxy Settings
- Windows Server 2008 : Configuring Windows Media Services (part 13) - Configuring Caching Settings
- Windows Server 2008 : Configuring Windows Media Services (part 12) - Enabling Cache/Proxy
- Windows Server 2008 : Configuring Windows Media Services (part 11) - Configuring Security for Windows Media Services
- Windows Server 2008 : Configuring Windows Media Services (part 10)
- Windows Server 2008 : Configuring Windows Media Services (part 9) - Using the Multicast Announcement Wizard
- Windows Server 2008 : Configuring Windows Media Services (part 8) - Using the Unicast Announcement Wizard
- Windows Server 2008 : Configuring Windows Media Services (part 7) - Using the Create Wrapper Wizard
- Windows Server 2008 : Configuring Windows Media Services (part 6) - Configuring Source Settings
- Windows Server 2008 : Configuring Windows Media Services (part 5)
- Windows Server 2008 : Configuring Windows Media Services (part 4) - Creating a New Publishing Point
- Windows Server 2008 : Configuring Windows Media Services (part 3) - Using Windows Media Services Management Tools
- Windows Server 2008 : Configuring Windows Media Services (part 2) - Installing Streaming Media Services
 
 
Most View
- Creating and Using a SQL Azure Database
- Exchange Server 2010 : Upgrading from and Coexisting with Exchange Server 2007 (part 2) - Upgrading Message Connectivity From Exchange Server 2007
- SQL Server 2008 R2 : Database Pages (part 1) - Data Pages
- SOA with .NET and Windows Azure : Windows Workflow Foundation (part 7)
- SharePoint 2010 : Create a Personal or Public View for a List or Library (part 2) - Create a Calendar View
- Windows 7 : Backing Up Your Files
- Microsoft Exchange Server 2003: Configuring Information Stores (part 1) - Adding Storage Groups and Databases
- SQL Server 2008 Analysis Services : Understanding SSAS and OLAP
- SharePoint 2010 : Site Administration - Provisioning a site via Windows PowerShell
- Windows 7 : Managing a User Account
Top 10
- Implementing Edge Services for an Exchange Server 2007 Environment : Utilizing the Basic Sender and Recipient Connection Filters (part 3) - Configuring Recipient Filtering
- Implementing Edge Services for an Exchange Server 2007 Environment : Utilizing the Basic Sender and Recipient Connection Filters (part 2)
- Implementing Edge Services for an Exchange Server 2007 Environment : Utilizing the Basic Sender and Recipient Connection Filters (part 1)
- Implementing Edge Services for an Exchange Server 2007 Environment : Installing and Configuring the Edge Transport Server Components
- What's New in SharePoint 2013 (part 7) - BCS
- What's New in SharePoint 2013 (part 6) - SEARCH
- What's New in SharePoint 2013 (part 6) - WEB CONTENT MANAGEMENT
- What's New in SharePoint 2013 (part 5) - ENTERPRISE CONTENT MANAGEMENT
- What's New in SharePoint 2013 (part 4) - WORKFLOWS
- What's New in SharePoint 2013 (part 3) - REMOTE EVENTS