Performing a Staged RODC Installation using the GUI


Staging an RODC allows an administrator to perform installation without travelling to the site. You can stage a RODC installation in four steps. Step1, Step2 and Step3 are performed in Head office by a member of domain admin where authoritative domain controller is located. Fourth step is performed in site office where site admin and RODC is located.


· RODC NetBIOS Name: DC4

· RODC Security Group: RODCAdmins

· Forest:

Step1: Prepare Environment

· Install Operating System on RODC Server

· Activate Windows Server 2012

· Configure TCP/IP Properties of the Server

· Rename RODC Server to desired NetBIOS name (Example-DC4)

Step2: Add Site Admin into RODCAdmins Security Groups in AD

Open Active Directory Users and Computers, Right Click on desired OU, Click new, Click Group, Create a Security group named as RODCAdmins.


Add Site Admins into RODCAdmins group.

Step3: Create an RODC Computer Account

Open Active Directory users and Computers, Select Domain Controllers OU, Click on Action, Click Pre-create Read-only Domain Controller account


Click Next, On the Welcome to the Active Directory Domain Services Installation Wizard page, if you want to modify the default the Password Replication Policy (PRP), select Use advanced mode installation, and then click Next.


On the Network Credentials page, under Specify the account credentials to use to perform the installation, click My current logged on credentials, Click Next


On the Specify the Computer Name page, type the computer name of the server that will be the RODC.


On the Select a Site page, select a site from the list or select the option to install the domain controller in the site that corresponds to the IP address of the computer on which you are running the wizard, and then click Next.


On the Additional Domain Controller Options page, make the following select Domain Naming System (DNS), Global Catalog (GC), Read-only Domain Controller (RODC) and then click Next:


On the Delegation of RODC Installation and Administration page, type the name of the user or the group who will attach the server to the RODC account that you are creating. To search the directory for a specific user or group, click Set. In Select Users, Computers, or Groups, type the name of the user or group. When you are finished, click Next.


On the Summary page, review your selections. Click Back to change any selections, if necessary.


When you are sure that your selections are accurate, click Next to create the RODC account.


On the Completing the Active Directory Domain Services Installation Wizard page, click Finish.

Step4: Attach a server to an RODC account using Server Manager

This step is performed in the site office where the RODC is located. The server where you perform this procedure must not be domain member. In Windows Server 2012, you use the Add Roles Wizard in Server Manager to attach a server to an RODC account. Follow the procedure to promote a RODC at the branch office.

1. Log on to Server DC4 as local Administrator. In Server Manager, click Add roles and features. On the Before you begin page, click Next.

2. On the Select installation type page, click Role-based or feature-based installation and then click Next.

3. On the Select destination server page, click Select the local server from the server pool, click Next.

4. On the Select server roles page, click Active Directory Domain Services, click Add Features and then click Next.

5. On the Select features page, select any additional features that you want to install and click Next.

6. On the Active Directory Domain Services page, review the information and then click Next.

7. On the Confirm installation selections page, click Install.

8. On the Results page, verify Installation succeeded, and click Promote this server to a domain controller to start the Active Directory Domain Services Configuration Wizard.

9. On the Deployment Configuration page, click Add a domain controller to an existing domain, type the name of the domain and specify an account who is a member of RODCAdmins group that is delegated to manage and install the RODC, and then click Next.

10. On the Domain Controller Options page, click Use existing RODC account in this case DC4, type and confirm the Directory Services Restore Mode password, and then click Next.

11. On the Additional Options page, select the head office domain controller that you want to replicate the AD DS installation data from or if you have correct sites configured then allow the wizard to select any domain controller and then click Next.

12. On the Paths page, type the locations for the Active Directory database, log files, and SYSVOL folder, or accept default locations, and then click Next.

13. On the Review Options page, confirm your selections, click Next.

14. Once Prerequisites Check is successful then click Install.

15. To complete the AD DS installation, the server will restart automatically.

About Raihan Al-Beruni

My Name is Raihan Al-Beruni. I am working as an Infrastructure Architect in Data Center Technologies in Perth, Western Australia. I have been working on Microsoft technologies for more than 15 years. Other than Microsoft technologies I also work on Citrix validated solution and VMware data center virtualization technologies. I have a Masters degree in E-Commerce. I am certified in Microsoft, VMware, ITIL and EMC. My core focus is on cloud technologies. In my blog I share my knowledge and experience to enrich information technology community as a whole. I hope my contribution through this blog will help someone who wants more information on data center technologies.
This entry was posted in Windows Server and tagged , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s