Step 1: Take an Inventory of Branch Office Resources
Applies To: Windows Server 2008
Before you begin a deployment of read-only domain controllers (RODCs) in branch office locations, take an inventory of the following types of branch office resources.
Take an inventory of the directory-integrated applications that you run in branch offices. Test the applications in a lab environment to make sure that they work as expected with RODCs before you replace or deploy new domain controllers in branch offices. Most applications should work well with a read-only copy of the directory data. For more information about testing applications, see the Read-Only Domain Controllers Application Compatibility Guide (http://go.microsoft.com/fwlink/?LinkID=117785).
The client computers that you plan to run in branch offices with RODCs must run one of the following operating systems:
Windows 2000 Professional
Windows XP Professional
Windows Vista Business, Windows Vista Enterprise, and Windows Vista Ultimate
Windows 7 Professional, Windows 7 Enterprise, and Windows® 7 Ultimate
Windows 2000 Server
Windows Server 2003
Windows Server 2008
All 32-bit and 64-bit editions of these operating systems work with RODCs.
Check the list of known issues for client computers that interact with RODCs to determine whether you should apply the hotfix to make an RODC work for the scenario that you plan for it. For example, if you have Windows XP Professional clients or Windows Server 2003 clients, apply the hotfix to make those clients synchronize time with an RODC. Most of the known issues have a potential workaround that you can use if you cannot apply the hotfix. For more information, see Known Issues for Deploying RODCs (http://go.microsoft.com/fwlink/?LinkId=152838).
Users and computers
If you know the names of the users and computers (including all servers and workstations) in each branch office, create a list or a security group that includes those security principals for each branch. You can use this list or security group later in the deployment process to define the Password Replication Policy (PRP) for each RODC. For more information, see Step 3: Decide How to Define the Password Replication Policy.