规划域控制器放置Planning Domain Controller Placement

适用于:Windows Server 2016、Windows Server 2012 R2、Windows Server 2012Applies To: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

收集了将用于设计站点拓扑的所有网络信息后,请规划要在何处放置域控制器,包括林根域控制器、区域域控制器、操作主机角色持有者和全局编录服务器。After you have gathered all of the network information that will be used to design your site topology, plan where you want to place domain controllers, including forest root domain controllers, regional domain controllers, operations master role holders, and global catalog servers.

在 Windows Server 2008 中,还可以利用只读域控制器 (Rodc) 。In Windows Server 2008 , you can also take advantage of read-only domain controllers (RODCs). RODC 是一种新型的域控制器,承载 Active Directory 数据库的只读分区。An RODC is a new type of domain controller that hosts read-only partitions of the Active Directory database. 除帐户密码之外,RODC 保存了可写域控制器所保留的所有 Active Directory 对象和属性。Except for account passwords, an RODC holds all the Active Directory objects and attributes that a writable domain controller holds. 但是,不能对存储在 RODC 上的数据库进行更改。However, changes cannot be made to the database that is stored on the RODC. 更改必须在可写域控制器上进行,然后复制回 RODC。Changes must be made on a writable domain controller and then replicated back to the RODC.

RODC 主要用于在远程或分支机构环境中部署,这通常是相对较少的用户、物理安全性差、中心站点的网络带宽相对较差的人员,以及 (IT) 的信息技术知识有限的人员。An RODC is designed primarily to be deployed in remote or branch office environments, which typically have relatively few users, poor physical security, relatively poor network bandwidth to a hub site, and personnel with limited knowledge of information technology (IT). 部署 Rodc 会提高安全性并更有效地访问网络资源。Deploying RODCs results in improved security and more efficient access to network resources. 有关 RODC 功能的详细信息,请参阅 AD DS:只读域控制器For more information about RODC features, see AD DS: Read-Only Domain Controllers. 有关如何部署 RODC 的详细信息,请参阅 只读域控制器循序渐进指南For information about how to deploy an RODC, see the Read-Only Domain Controllers Step-by-Step Guide

备注

本指南不说明如何确定每个站点中每个域的正确数量的域控制器和域控制器硬件要求。This guide does not explain how you determine the proper number of domain controllers and the domain controller hardware requirements for each domain that is represented in each site.

本节内容In this section