These changes
are then replicated to all the other domain controllers. Now, with Windows Server
2008, the concept of a backup domain controller has returned, this time in the form of an
RODC. Active Directory domain controllers are still multi-master, but now you have the
option of deploying RODCs throughout your network.
136 Microsoft Windows Server 2008 Administration
Why would you ever want to deploy RODCs? This domain controller mode is highly
useful if you want to provide Active Directory authentication services in a location that
is not adequately secure for a writable copy of your Active Directory database. Also, in
read-only mode, the domain controller can respond to requests more quickly since it
doesn??™t have to worry about processing changes that need to be replicated up to other
domain controllers. It is also a good option if you have an application that performs best
when installed on a domain controller. By running that application on an RODC rather
than a regular domain controller, you don??™t run the risk that the DC will be inadvertently
used by the application to make changes to your directory. You can also deploy RODCs
to provide localized authentication services to locations that have slower network connections
to your main datacenter and that do not have knowledgeable IT staff onsite.
Before you can install an RODC in your domain, the domain controller hosting the
PDC Emulator role must reside on a server running Windows Server 2008.
Pages:
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184