Solved

Domain Controller on Windows 2008 Server Core for Branch Offices

Posted on 2011-09-25
3
227 Views
Last Modified: 2012-06-27
Hi Experts,

What's yours' opinion on having Ready Only DC's (RODC) installed onto Windows 2008 Server Core for branch offices?

Have you ever done it yet? What are the pros and cons?

Tks for the help!

Rodrigo Garcone

0
Comment
Question by:garconer
3 Comments
 
LVL 22

Expert Comment

by:yo_bee
ID: 36596672
I have not done a Server Core of ADDS, but I have done a Print server and it works wells.
You need to allow for Windows Remote Management (WS-Management) (Service WinRM) ports to use server manager
This can be enabled via Powershell.
http://technet.microsoft.com/en-us/magazine/ff700227.aspx

I find this a very viable solution with my experience so far with the Print Server and plan on doing so when we upgrade our DC's
Once you have RSAT installed on your workstation you will have access to the MMC.
Since this is a read only there really should be little to have to deal with.
http://blogs.technet.com/b/keithcombs/archive/2007/07/14/windows-server-2008-screencast-core-read-only-dc-creation.aspx

I would not do this until you have tested in a lab.
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 36597223
Do you have physical security issues at your branch offices?  that would be the reason for the RODC.

I like server core, I like that they added sconfig to 2008 R2   http://technet.microsoft.com/en-us/edge/Video/ff710829

I'd probably go to 2008 R2 in your case.

thanks

Mike
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 36597407
I love having RODC in branch offices, because it means that I can make a password change/reset/unlock without waiting for replication or needing to connect to the local DC.

There are some downsides to running core on your branch servers: BranchCache won't run for sure; will your printer drivers work?; probably can't run WireShark under core for network sniffing. I do run ADS under Core for my DMZ and that works fine. I use my branch servers as a sniffing station for branch LAN/WAN traffic, which pushes me to full Windows, as does BranchCache (not setup yet, but I would like to use it).  
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now