Information Technology Reference
In-Depth Information
The server must be a workgroup member, not a domain member, to install the RODC role with del-
egated installation.
Activity 12-5: Installing an RODC
Time Required:
20 minutes
Objective:
Install a domain controller with the RODC option.
Description:
You're opening a branch office with about 20 users. No server administrators work
in the branch office, and there's no designated equipment room to keep the DC secure. You opt
to use an RODC so that branch office users have some benefits of a local DC without the secu-
rity risks. Before you can install Active Directory Domain Services, you must remove Active
Directory Certificate Services because these services can't reside on the same server.
1. Log on to
Server1XX
as Administrator.
2. Open Server Manager and start the Remove Roles Wizard. Click
Next
.
3. In the Remove Server Roles window, click to clear the
Active Directory Certificate Services
check box, and then click
Next
.
4. In the Confirm Removal Selections window, click
Remove
. When the removal is finished,
click
Close
.
5. When prompted to restart the server, click
Yes
. When the server restarts, log on as
Administrator. The removal of AD CS continues. Click
Close
when the removal is finished.
6. In Server Manager, click the
Roles
node, and then click
Add Roles
to start the Add Roles
Wizard. Click
Next
.
7. In the Select Server Roles window, click the
Active Directory Domain Services
check box,
and then click
Next
. Read the information in the Active Directory Domain Services window,
and then click
Next
.
8. In the Confirm Installation Selections window, read the information messages and click
Install
. When the installation is finished, click
Close
.
9. Open a command prompt window, type
dcpromo
, and press
Enter
to start the Active
Directory Domain Services Installation Wizard. Click
Next
. In the Operating System
Compatibility window, click
Next
.
10. In the Choose a Deployment Configuration window, click the
Existing forest
option button,
and then click
Next
.
11. In the Network Credentials window, the W2k8adXX.com domain and the option to use
your current logged-on credentials are selected by default. Click
Next
.
12. In the Select a Domain window, the w2k8adXX.com domain is selected by default. Click
Next
.
13. In the Select a Site window, make sure the
Use the site that corresponds to the IP address of
this computer
check box is selected. Click
Next
.
14. In the Additional Domain Controller Options window, click the
Read-only domain con-
troller (RODC)
check box. The DNS server and Global catalog check boxes should be
selected by default. Click
Next
.
15. In the Delegation of RODC Installation and Administration window, you can specify a user
or group to complete the RODC installation. The user or group members will also have local
administrative rights on the server (but not for the domain). If you don't specify a user or
group, only members of Domain Admins or Enterprise Admins can continue the installation.
You're not delegating administration, so click
Next
.
16. In the Location for Database, Log Files, and SYSVOL window, click
Next
.
17. In the Directory Services Restore Mode Administrator Password window, type
Password01
in the Password and Confirm Password text boxes, and then click
Next
.
Search WWH ::
Custom Search