Windows Server 2008 RODC (Read-Only Domain Controller) Explained
Pros and Cons of Windows Server 2008 RODC (Read-Only Domain Controller)
Facts:
- stores read-only copy of Active Directory NTDS.dit database, except passwords
- support caching of universal groups
- When user authenticate, RODC verifies that account exists then forward it to a regular DC
Pros:
- Perfect for branch offices that doesn’t have IT staff on site
- Can be used by third-party applications to prevent accidental changes
Cons:
- Branch office administrators cannot modify Active Directory objects.
- extra traffic may occur due to excessive authentication packets to regular DC.
written by: InfoTechguyz