Read-solely area controller (RODC) is a further area controller that hosts a learn-solely duplicate of a website’s Active Directory knowledge retailer. RODC is design primarily to help department workplaces with out system directors. RODC is just retailer a restricted variety of passwords, so in the occasion they're compromised or stolen, you'll be able to shortly reset these passwords.
Only Windows Server 2008 and later releases of Windows Server can act as learn-solely area controllers. Typically, you do not want to make any modifications to shopper computer systems to permit them to make use of an RODC. Client computer systems operating any of the next working methods are supported to be used with RODCs.
RODCs don’t cache passwords by default, because of this if an attacker have been to get a copy of the Active Directory database from an RODC, they might not have the ability to compromise any passwords since there are none saved there.
M. Log on to the server as a member of the Domain Admins privileges.
P. Click Start, sort dcpromo.
A. Welcome to the Active Directory Domain Services Installation wizard choice seem click on Next.
A. Read the knowledge on the Operating System Compatibility web page after which click on Next.
H. Choose a Deployment Configuration web page, click on Existing forest, click on Add a website controller to an present area, after which Click Next.
S. Type the identify of any area in the forest the place you propose to install this area controller, then Click Set alternate credentials.
S. Then sort the required username and password.
H. Select a Domain choice seem then Click Next.
N. Select the site and Click Next.
10. Select the Read-solely area controller verify field, as proven in the illustration. By default, the DNS server verify field can also be chosen after which Click Next.
eleven. At this level of the set up course of, we will specify any group or consumer who will later have the ability to install and handle the RODC, Click Next.
12. Next choice is about specifying the folders for the AD database, the log information and the System Volume.
thirteen. Directory Services Restore Mode (DSRM) password for the Domain Controller.
14. Review the knowledge offered in the Summary web page.
15. Finally, the set up and replication course of begins.
sixteen. The RODC account is created and the completion web page shows, Click Finish.