Create a Dedicated RODC Replication Hub
Updated: June 3, 2009
Applies To: Windows Server 2008
To minimize the impact on your load-balancing and monitoring processes while you roll out read-only domain controllers (RODCs) in your branch offices, you can create a new dedicated hub site to be used solely for RODC replication.
Creating a dedicated RODC replication hub should be used only as a temporary measure to separate the new branch office environment that you plan to deploy from the existing environment. This solution adds management costs compared to the solution that consists of upgrading your hub entirely to Windows Server 2008. Therefore, this is usually not the preferred solution.
If you need to separate the Windows Server 2008 deployment from your existing deployment—for example, for maintaining compatibility with an existing application or for some other nontechnical reason—this solution can provide some operational separation. But it should be used temporarily because it increases the complexity of the environment.
The new dedicated RODC replication hub site will contain only writeable Windows Server 2008 domain controllers. For example, in the following illustration, a new site named RODC Hub is created specifically to replicate with RODCs that are deployed in branch office sites. The new site has a site link with the original hub site, named Central Hub, which contains the Windows Server 2003 domain controllers.
An advantage to creating a dedicated RODC replication hub site is that it helps maintain load-balancing for existing Windows Server 2003 bridgehead servers in the current hub site. It also helps improve load-balancing for Windows Server 2008 domain controllers in the new RODC replication hub site.
To decrease replication latency between the two hub sites, you can enable change notification on the site link that contains them. With change notification enabled, replication occurs between the sites after a source domain controller notifies a target domain controller about recent changes instead of replication occurring during the schedule for the site link. To enable change notification, complete the following procedure.
Membership in Domain Admins, or equivalent, for the domain that contains the RODCs, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (http://go.microsoft.com/fwlink/?LinkId=83477).
To enable change notification on a site link
Click Start, click Administrative Tools, and then click Active Directory Sites and Services.
In the console tree, double-click Sites, double-click Inter-Site Transports, and then click IP.
In the details pane, right-click the site link that contains the Central Hub site and the RODC Hub site, and then click Properties.
Click Attribute Editor, and then click options. By default, the options attribute has a value of <not set>.
If the default value appears, click Edit, type 1, and then click OK twice.
If another value appears, add 1 to that existing value. For example, if the current value is 2, change the value to 3.
After you create a dedicated hub site for RODC replication, complete the following steps to replace a Windows Server 2003 domain controller in a branch office location with an RODC:
Create a new site link between the branch office site and the dedicated RODC replication hub.
Complete the steps in Replace a Windows Server 2003 Domain Controller in a Branch Office with a Windows Server 2008 RODC or Upgrade a Windows Server 2003 Domain Controller in a Branch Office and Make It an RODC.