Information Technology Reference
In-Depth Information
When using a prestaged RODC account, the server that will become the RODC should
not
be joined to the domain where it will be an RODC prior to attaching to the RODC account.
If you use the Active Directory Domain Services Installation Wizard or begin the deploy-
ment from the Active Directory Administrative Center, you have to prepare the domain with
adprep.exe /rodcprep.
Installing an rODC by using Windows powerShell
Follow these steps to first stage the RODC and then install it on the target computer:
From an elevated Windows PowerShell prompt, create the staging account for the
RODC. The basic command is this:
1.
Add-ADDSReadOnlyDomainControllerAccount `
-DomainControllerAccountName "trey-rodc-03" `
-DomainName "TreyResearch.net" `
-SiteName "Default-First-Site-Name"
On the target server, complete the installation of Windows Server 2012 R2. You can use
a full installation or a core installation.
2.
Set the name of the target server to the name used to create the staging account.
3.
Assign static IPv4 and IPv6 addresses to all adapters on the target server.
4.
On the target server, install AD DS by using this command:
5.
Install-WindowsFeature `
-Name AD-Domain-Services `
-IncludeAllSubFeature `
-IncludeManagementTools
Connect to the domain and promote the RODC by using the following commands:
6.
$myCred = Get-Credential -Message "Enter your domain credentials"
Install-ADDSDomainController `
-DomainName "TreyResearch.net" `
-Credential $myCred `
-UseExistingAccount:$True
You'll be prompted for the SafeModeAdministrorPassword on the command line and
then to confirm the password. Make sure that you enter a password that meets the
length and complexity requirements for the domain.
When the domain controller promotion completes, the new RODC restarts.
7.