Read-Only Domain Controller Planning and Deployment Guide

Updated: April 26, 2012

Applies To: Windows Server 2008, Windows Server 2012

This section provides an overview of the guide, including what is covered in this guide as opposed what is covered in other related guides.

To obtain a copy of this guide in .doc format, see Planning and Deploying Read-Only Domain Controllers on the Microsoft Download Center (

Purpose of this guide

The purpose of this guide is to explain what a read-only domain controller (RODC) is, how an RODC works, and how you can plan for and deploy RODCs in your environment. The guide is meant to be a comprehensive resource for all the information that you might need in order to use an RODC in any scenario. It will be updated continuously as additional information about using RODCs is learned as a result of customer experiences and product team recommendations.

Active Directory Domain Services in the Perimeter Network (Windows Server 2008) (

This guide details various deployments with AD DS in perimeter networks with a focus on how to plan for and deploy RODCs. Because it covers information beyond RODCs, it is offered as a separate guide.

This guide consists of the following sections:

Understanding Planning and Deployment for Read-Only Domain Controllers

This section explains what an RODC is, and it covers general issues that affect any of the scenarios that include an RODC. This chapter also provides steps for installing and administering an RODC.

Read-Only Domain Controller Branch Office Guide

This section describes special planning and deployment steps for placing RODCs in branch offices.

Appendix A: RODC Technical Reference Topics

This section includes supplemental information that can help some organizations with planning an RODC deployment.

Appendix B: Read-Only Domain Controller Related Events

This appendix covers events that can be logged for various operations RODCs.

Appendix C: Acronyms Used in This Planning and Deploying Read-Only Domain Controller Guide

This appendix includes some of the acronyms that are commonly used in discussion about RODCs.

RODCs are one of many new features that are introduced in Active Directory® Domain Services (AD DS) in the Windows Server® 2008 operating system. The following links provide more information about the other new Active Directory features and the steps that you can take to try them out:

The following guides cover related scenarios for planning and deploying AD DS and RODCs: