MCITP: Server Administrator Intermediate CA Role
Once these prerequisites have been met, your environment will be prepared to accept a Windows Server 2008 RODC. However, to make any environment completely ready to take an RODC, you will need to execute the following command on the schema master:
This will tell the schema master to look for an RODC and to expect that MCITP Certificate domain controller to not be writable. Afterward, on the installation level, you can install either an RODC as a normal RODC or an RODC running Windows Server Core. In Exercise 3.4, we show you the process of installing an RODC on a full installation of Microsoft Windows. The advantage of using Server Core is that the installation is light, ef?cient, and very stable. Administrators may choose to use a Server Core installation of an RODC if they?re running in an insecure location that will not be accessed very often. That way, the server has an extremely light load and is running the bare essentials necessary to accomplish the task at hand.
Installing an RODC
Prerequisites: To perform this exercise, you must have at least one Windows Server 2008 machine operating at the Windows Server 2003 domain and forest functional level. Additionally, you must have at least one writable domain controller operating Windows Server 2008 in your environment.
1. Make sure you are logged in as either a domain or enterprise administrator.
2. Open the command-line console on the Windows Server 2008 domain controller, and
initiate the adprep /rodcprep command. (You must run this with enterprise admin-
istrator credentials.) Alternatively, you may log on to any given domain controller in the environment MCITP Exams as long as you initiate the command from the source ?les on the Windows Server 2008 DVD.
3. Click Start, type dcpromo into the Search box, and then press Enter. This will begin the Active Directory Domain Services Installation Wizard.
4. Select Existing Forest and then Add A Domain Controller To An Existing Domain. Then click Next.
5. On the Network Credentials page, type the name of your domain and any usernames or passwords that are required for the Domain Admins group. Click Next.
6. Select the domain for the RODC, and then click Next.
7. Select the Active Directory site where you want to install your read-only domain con- troller, and then click Next.
8. On the next page, make sure you select the DNS Server checkbox as well as the Read-Only Domain Controller checkbox. Although it is not required, you should prob- ably also make this machine a global catalog server. Click Next.
9. Reboot your new read-only domain controller.
Processing your request, Please wait....
