Wednesday, February 24, 2010

Read Only Domain Controller Prerequisites

Below I'm going to go into the prerequisites for a Read Only Domain Controller:

- The PDC Emulator must be on a Windows Server 2008 Domain Controller

- Must recieve updates from a Windows Server 2008 DC. This means your AD site link with the lowest cost in which the RODC will recieve updates from must have a Windows Server 2008 DC.

- DFL/FFL must be at least Windows Server 2003 functional level.

- Must have run ADPREP /RODCPREP on your domain

- Only one RODC Per Domain, Per Site. In an active directory site you can have only one RODC, however if you have multiple domains you in a forest it breaks this rule as you can have one in each site per domain.

5 comments:

  1. What is the reason behind having only one RODC per domain?

    ReplyDelete
  2. Hi mate you can have more then one RODC per domain. You cannot have more then one RODC in an active directory site. So you can place an RODC in each site for that given one domain. However Active Dirctory sites and services is not specific to a single domain, its specific to a forest. If you have multiple domains in your forest they all share the same AD Topology illistrated in sites and services. So if you have multiple domains in your forest, they can all have 1 RODC in that active directory site. This means it is possible for 1 active directory site to have multiple RODC's, but there can only be 1 for each domain.

    Hope this makes sense now?

    ReplyDelete
  3. I managed to create 2 RODCs in one domain in one site....

    ReplyDelete
  4. Headache with RODC.i have one forest with two separate domains (A and B)for the B domain i have rodc to several branch offices.i want to have users from domain A to logon to the sites with the rodcs of B. this is possible but when i have a wan offline is any way for the users of domain A to logon without problems

    ReplyDelete
  5. I've two domains A & B at locations X & Y, also I have a Rodc at location Y that working as a backup for domain B. Can I use it as a backup for domain A. Will there be any issues with this structure as it is used for production purpose.

    ReplyDelete