|
I’m not sure why you say it doesn’t store anything??? It stores
EVERYTHING, it simply doesn’t get the rights to write anything new back to your
core DCs. This is a HUGE breakthrough for those of us with smaller branch
offices that today can’t cost justify putting an entire server in a BO just to
handle authentication, but at the same time we are not willing to open the
security hole that is created if you put the DC services on a file server in
those offices. With a RODC I can deploy authentication, as well as hopefully
sites, etc. to those file servers without concern that a user might hack in and
take over my AD. The number of doors this opens to a spread server
architecture is really big. Granted, if you have no branch offices it won’t a
thing to you. From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick The part that makes me wonder about the "story" is
if it stores no secrets is the server doing anything for me? Is there a
point to deploying the server in a remote office other than just being able to
point to it in the closet and say, "see, I do to earn my
paycheck!" I'm sure there's more, but I don't yet know which parts are
public information and which are NDA. Can you tell I'm concerned about the story being created? I
like stories; don't get me wrong. But I'm concerned that the story being
spun up might be missing the mark and lead a few people astray. Safe to note that there are some features that differentiate
the RODC from a NT4 BDC and that make it appealing in some cases. But if it actually does not store anything locally, ever,
then I'm not sure it's worth the time to deploy one now is it? Al
On 7/27/06, Susan Bradley, CPA aka
Ebitz - SBS Rocks [MVP] <[EMAIL PROTECTED]>
wrote: FYI: |
- [ActiveDir] RE: [ActiveDir] Read-Only Domain Controller an... Tim Vander Kooi
