New in Windows Server 2008 is the option to create a
read-only domain controller (RODC). To deploy an RODC, the domain
controller that holds the PDC emulator operations master role (also
known as flexible single master operations or FSMO) for the domain must
be running Windows Server 2008. In addition, the functional level for
the forest must be Windows Server 2003.
Because
the administration of a Server Core is done from the command line only
(at least initially), dcpromo must be run with a host of options to
promote the Server Core installation to a domain controller (read-only
or standard). From the Windows Server 2008 Technical Library, here are
the command line options for dcpromo. The options can optionally be specified in an answer file.
So, to create a RODC on a Server Core installation without also installing DNS, the command line would be:
dcpromo
/unattend /ReplicaDomainDNSName:
/ReplicaOrNewDomain:ReadOnlyReplica /SiteName:
/InstallDNS:No /DatabasePath:"C:\NTDS" /LogPath:"C:\NTDS"
/SysVolPath:"C:\SYSVOL"
Obviously, the
paths for the database, logs, and sysvol would need to be changed to the
appropriate location for your environment. The bulk of the parameters
are pretty self-explanatory, but two need attention called out. First,
the /ReplicaOrNewDomain:ReadOnlyReplica parameter is what defines the DC
as a RODC. Using /ReplicaOrNewDomain:Replica creates a standard DC in
an existing domain. Using /ReplicaOrNewDomain:NewDomain should be pretty
obvious, but it does introduce a slew of different required parameters
and options. Also, when creating a RODC you must specify the site name
using the /SiteName parameter. I’m not sure, but I would assume this is
for the enabling of universal group membership caching. So, if you
haven’t figured it out, you’ll need to create the site for the RODC in
AD DS before you promote the server to a RODC.
Other handy parameters:
- /ConfirmGC:No – Do not configure the server as a GC (Default is Yes).
- /CriticalReplicationOnly:Yes – This forces dcpromo to only replicate the critical directory information before rebooting, postpoting the full replication of the remaining AD DS information until after a reboot; can be useful for large directories to speed up the dcpromo process (Default is No).
- /ReplicationSourceDC:
– This forces the replication operation to use a specific domain controller.
1 comment:
The King Casino - Ventureberg
The King Casino is owned ventureberg.com/ by British casino operator https://septcasino.com/review/merit-casino/ Crown Resorts and operated หาเงินออนไลน์ by Crown Resorts. deccasino It is owned by worrione.com British ADDRESS: CASTLE
Post a Comment