Step 1: Take an Inventory of Branch Office Resources

Applies To: Windows Server 2008

Before you begin a deployment of read-only domain controllers (RODCs) in branch office locations, take an inventory of the following types of branch office resources.


Take an inventory of the directory-integrated applications that you run in branch offices. Test the applications in a lab environment to make sure that they work as expected with RODCs before you replace or deploy new domain controllers in branch offices. Most applications should work well with a read-only copy of the directory data. For more information about testing applications, see the Read-Only Domain Controllers Application Compatibility Guide (

Operating systems

The client computers that you plan to run in branch offices with RODCs must run one of the following operating systems:

  • Windows 2000 Professional

  • Windows XP Professional

  • Windows Vista Business, Windows Vista Enterprise, and Windows Vista Ultimate

  • Windows 7 Professional, Windows 7 Enterprise, and Windows® 7 Ultimate

  • Windows 2000 Server

  • Windows Server 2003

  • Windows Server 2008

All 32-bit and 64-bit editions of these operating systems work with RODCs.

Check the list of known issues for client computers that interact with RODCs to determine whether you should apply the hotfix to make an RODC work for the scenario that you plan for it. For example, if you have Windows XP Professional clients or Windows Server 2003 clients, apply the hotfix to make those clients synchronize time with an RODC. Most of the known issues have a potential workaround that you can use if you cannot apply the hotfix. For more information, see Known Issues for Deploying RODCs (

Users and computers

If you know the names of the users and computers (including all servers and workstations) in each branch office, create a list or a security group that includes those security principals for each branch. You can use this list or security group later in the deployment process to define the Password Replication Policy (PRP) for each RODC. For more information, see Step 3: Decide How to Define the Password Replication Policy.