規劃網域控制站位置Planning Domain Controller Placement

適用於:Windows Server 2016、Windows Server 2012 R2、Windows Server 2012Applies To: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

您已收集的所有網路資訊會用來設計網站拓撲、計劃要放置網域控制站,包括森林根網域控制站、地區網域控制站之後操作主要角色與通用伺服器。After you have gathered all of the network information that will be used to design your site topology, plan where you want to place domain controllers, including forest root domain controllers, regional domain controllers, operations master role holders, and global catalog servers.

Windows Server 2008,您也可以利用唯讀網域控制站 (Rodc)。In Windows Server 2008 , you can also take advantage of read-only domain controllers (RODCs). RODC 是一種全新的網域控制站裝載的 Active Directory 資料庫唯讀磁碟分割。An RODC is a new type of domain controller that hosts read-only partitions of the Active Directory database. 除了 account 的密碼,RODC 會保留所有的 Active Directory 物件和寫入網域控制站保留屬性。Except for account passwords, an RODC holds all the Active Directory objects and attributes that a writable domain controller holds. 不過,無法變更已儲存在 RODC 資料庫。However, changes cannot be made to the database that is stored on the RODC. 必須在 [寫入網域控制站和再複製到 RODC 變更。Changes must be made on a writable domain controller and then replicated back to the RODC.

RODC 的設計目的是主要部署遠端或分支 office 環境,通常會有少數使用者、不良實體的安全性、相當不良網路頻寬中樞網站,以及瞭解有限資訊技術 (IT) 的人員。An RODC is designed primarily to be deployed in remote or branch office environments, which typically have relatively few users, poor physical security, relatively poor network bandwidth to a hub site, and personnel with limited knowledge of information technology (IT). 以改善的安全性及網路資源更有效率存取部署 Rodc 結果。Deploying RODCs results in improved security and more efficient access to network resources. 如需 RODC 功能的詳細資訊,請查看 AD DS: Read-Only 網域控制站 (http://go.microsoft.com/fwlink/?LinkID=106616)。For more information about RODC features, see AD DS: Read-Only Domain Controllers (http://go.microsoft.com/fwlink/?LinkID=106616). 如需有關如何部署 RODC 資訊,Step-by-Step 指南的 Read-Only 網域控制站 (http://go.microsoft.com/fwlink/?LinkID=92728)。For information about how to deploy an RODC, see the Step-by-Step Guide for Read-Only Domain Controllers (http://go.microsoft.com/fwlink/?LinkID=92728).

注意

本指南不解釋您如何判斷適當的數字的網域控制站在每個網站每個網域網域控制站的硬體需求。This guide does not explain how you determine the proper number of domain controllers and the domain controller hardware requirements for each domain that is represented in each site.

在本區段中In this section