In this article, I am going to show you, How to Create Pre-Staged Read Only Domain Controller? and How to Install Read Only Domain Controller in Server 2016?
RODC stands for Read Only Domain Controller , and by creating these types of domains you have just created read a copy of your Active Directory, and when the higher security factor in their servers need to use this solution. This type of domain controller in Active Directory is merely a copy of the information held and is able to query the user for authentication to be accountability, you cannot enter into this new data server and that is why it is called the RODC.
Create Read-Only Domain Controller in Server 2016
Step 1: You can perform the staging operation of a read‐only domain controller computer account by opening the Active Directory Administrative Center ﴾Dsac.exe﴿. Click the name of the domain in the navigation pane. Double‐click Domain Controllers in the management list. Click Pre‐create a Read‐only domain controller account in the tasks pane.
Step 2: On the Welcome to the Active Directory Domain Services Installation Wizard, Select Use Advanced Mode Installation and then click Next.
Step 3: On the Network Credential page, Select My correct logged on Credential. The Credentials you use must be a member of the domain admins or Enterprise Admins group. Click next.
Step 4: The Specify the Computer Name dialog requires you to enter the single‐label Computer name of a domain controller that does not exist. The domain controller you configure and attach to this account later must have the same name, or the promotion operation will not detect the staged account.
NOTE: The server must not be joined to a domain because we are creating Pre-staged RODC. Later when you come up with this account name, automatically it will come as an RODC.
Step 5:Select a Site shows a list of Active Directory sites for the current forest. The staged read‐only domain controller operation requires you to select a single site from the list. The RODC uses this information to create its NTDS Settings object in the Configuration partition and joins itself to the correct site when it starts for the first time after being deployed. Click next.
Step 6: The Additional Domain Controller Options, enables you to specify that an RODC domain controller a DNS Server and a Global Catalog. Microsoft recommends that read‐only domain controllers provide DNS and GC services, so both are installed by default; one intention of the RODC role is branch office scenarios where the wide area network may not be available and without those DNS and global catalog services, computers in the branch will not be able to use AD DS resources and functionality.
Step 7: On the Delegation of RODC Installation and Administration page, specify a group or individual user to be the Admin of RODC. If you don’t specify any additional names or groups, then the RODC do not have an Admin, and for every small they will visit the Domain Controller.
Step 8: On the Summery page, you are watching all the settings of the wizard and you can then export the settings to an answer file for use with unattached installation. Click next.
Step 9: on the Completing the Active Directory Domain Services Installation wizard. to close the wizard, click Finish.
The Active Directory Domain Services Installation Wizard creates the staged read‐only domain controller in Active Directory. You cannot cancel this operation after it starts.
Install Read Only Domain Controller Server 2016
Before going on further in this lesson. I am using VMware Virtual Machine for this Process, I have already created the environment on my Domain Controller, right now I am in SRV-2. I am installing an RODC to link this server to the DC, so follow these step by step Guide.
Step 1: Open Server Manager. In the left pane of Server Manager, click Roles, and in the details pane, under Roles Summary, click Add Roles. The Add Roles Wizard opens.
Step 2: If you see the before you begin page, click next to open Select installation type page, select Rule-based or Feature-based installation and click next.
Step 3: On the Select destination Server interface, choose a select server from the Server Pool and then select the server that will host the role. Click Next.
Step 4: In Select Server Role, in Role, Select Active Directory Domain Services. In the Add Feature that are required for Active Directory Domain Services Manager? Click Add Feature and then click Next. This task will install the Active Directory Domain Services Tool. Click Next.
Step 5: On the Feature window, leave the default selection and then next. Read the Active Directory Domain Services page and click next. Then click install on the Confirm page.
Step 6: Let the Active Directory Domain Services installation process will be finished successfully. When it has finished click Promote this serve to a domain controller link.
Step 7: To add a read‐only domain controller to an existing domain, select Add a domain controller to an existing domain and click the Select button to Specify the domain information for this domain. Server Manager automatically prompts you for valid credentials Enter the Credentials of the Domain Controller.
Step 8: On the Domain Controller Options page, select Read only domain controller(RODC) and type a password for Directory Services Restore Mode. When you are done click next.
Step 9: On the RODC Option page, Specify the Admin for the RODC, also click on Add and insert the RODC clients to cache their Account Passwords.
Step 10: On the Additional Options box, beside Replicate from, click the drop-down box, click SRV-1,Nyazit.com, and then click Next.
Step 11: The Paths page enables you to override the default folder locations of the AD DS database, the database transaction logs, and the SYSVOL share. The default locations are always in subdirectories of %systemroot%. Then click next.
Step 12: The Review Options page enables you to validate your settings and ensure that they meet your requirements before you start the installation. Click NEXT.
Step 13: The Prerequisites Check is a new feature in AD DS domain configuration. This new phase validates that the server configuration is capable of supporting a new AD DS forest.
Step 14: Click Install to begin the domain controller promotion process. This is last opportunity to cancel the installation. You cannot cancel the promotion process once it begins. The computer will reboot automatically at the end of promotion, regardless of the promotion results.
It was all about, How to Create Pre-Staged Read Only Domain Controller? and How to Install Read Only Domain Controller in Server 2016? I hope you have learned this article, I hope you will ask your questions, give us your suggestions, opinion about what articles we have to write. If you faced any problem tell us below by comment, Feel free to tell us. we’re waiting for your suggestion.