Location: List Archives

List Archives

This forum is an archive of all posts to our mailing list over the past few years.  The forum is set read only therefore to contribute you will need to join our list community.  See more info about this here.

List Archives

Forums >ActiveDir Mail List Archive >List Archives
Subject: [ActiveDir] Core
Prev Next
You are not authorized to post a reply.

AuthorMessages
tvanderkooiUser is Offline

Posts:15

07/28/2006 3:26 AM  
I™m not sure why you say it doesn™t store anything??? It stores
EVERYTHING, it simply doesn™t get the rights to write anything new back to your
core DCs. This is a HUGE breakthrough for those of us with smaller branch
offices that today can™t cost justify putting an entire server in a BO just to
handle authentication, but at the same time we are not willing to open the
security hole that is created if you put the DC services on a file server in
those offices. With a RODC I can deploy authentication, as well as hopefully
sites, etc. to those file servers without concern that a user might hack in and
take over my AD.  The number of doors this opens to a spread server
architecture is really big. Granted, if you have no branch offices it won™t a
thing to you.



From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Al Mulnick
Sent: Friday, July 28, 2006 10:08 AM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: Re: [ActiveDir] Read-Only Domain Controller and Server Core



The part that makes me wonder about the "story" is
if it stores no secrets is the server doing anything for me? Is there a
point to deploying the server in a remote office other than just being able to
point to it in the closet and say, "see, I do to earn my
paycheck!"  



I'm sure there's more, but I don't yet know which parts are
public information and which are NDA.



Can you tell I'm concerned about the story being created? I
like stories; don't get me wrong.  But I'm concerned that the story being
spun up might be missing the mark and lead a few people astray.



Safe to note that there are some features that differentiate
the RODC from a NT4 BDC and that make it appealing in some cases.

But if it actually does not store anything locally, ever,
then I'm not sure it's worth the time to deploy one now is it?



Al







On 7/27/06, Susan Bradley, CPA aka
Ebitz - SBS Rocks [MVP]
wrote:

FYI:

http://blogs.msdn.com/jolson/archive/2006/07/27/679801.aspx

         Read-Only Domain Controller
and Server Core


List info   : http://www.activedir.org/List.aspx
List FAQ    : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
You are not authorized to post a reply.
Forums >ActiveDir Mail List Archive >List Archives > [ActiveDir] Core



ActiveForums 3.7
AdventNet Banner
Friends

Friends

Namescape
Members

Members

MembershipMembership:
Latest New UserLatest:jonrmeyer
New TodayNew Today:7
New YesterdayNew Yesterday:0
User CountOverall:4279
People OnlinePeople Online:
VisitorsVisitors:140
MembersMembers:1
TotalTotal:141
Online NowOnline Now:
01: alamedadad

Ads

Copyright 2008 ActiveDir.org
Terms Of Use