New DC or child domain

Posted on 2011-10-22
Last Modified: 2012-08-13

I am setting up a new remote office in Hong Kong, and would like it to be as secure as possible ( as it is China ) and not have all current AD information replicated to the Hong Kong office, so was wonder if a child domain would be the best solution?

Hong Kong office will be using the current Exchane 2010 server in the parent domain and some resorces in the parent domain.

So the main purpose would be security to prevent head office user accounts residing on a Hong Kong server.



Question by:gdaysh
    LVL 39

    Accepted Solution

    Hi, in my opionion the best solution to fulfill your requirements would be Read Only Domain Controller (RODC) for the existing domain. That' secure option which allows you to keep controll and have secure DC in Hong Kong

    Please google about RODC step-by-step implementation because it's inconvenient to post links from mobile :/

    LVL 41

    Expert Comment

    I agree that RODC is a much better idea.
    LVL 6

    Expert Comment

    If You Have 15 to 20 Users and You want Secure way of replication then RODC is best

    Install RODC in Server Core :

    Hope it Helps


    Osama Mansoor

    Author Comment

    Excellent - totally overlooked RODC - thanks :)
    LVL 39

    Expert Comment

    by:Krzysztof Pytko
    You're welcome :)


    Featured Post

    How does your email signature look on mobiles?

    Do your employees use mobile devices to reply to emails? With mobile becoming increasingly important to the business world, it is in your best interest to make sure that your email signature looks great across all types of devices.

    Join & Write a Comment

    If you migrate a Terminal Server licenses server inside the 2008 server family, you can takte advantage of the build-in migration tool. If you like to migrate an older 2003 Server (and the installed client CALs) to a 2008 R2 server for example, you …
    I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
    This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
    This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now