| Author | Messages | |
ken
Posts:171
 | | 03/14/2010 12:14 PM |
| Hi all,
What are people's thoughts on leaving RODCs in the Default Domain Controllers OU?
We are looking at deploying a few hundred of these out to departmental sites, and thinking of putting them in the relevant Business Unit OU (along with all the other servers that belong to that BU). Is this supported? Considerations we should be aware of?
Thanks
Cheers
Ken
| | | |
| tonyszko
Posts:140
| | 03/14/2010 9:01 PM |
| On 3/14/2010 1:11 PM, Ken Schaefer wrote:
> Hi all,
>
> What are people’s thoughts on leaving RODCs in the Default Domain
> Controllers OU?
>
> We are looking at deploying a few hundred of these out to departmental
> sites, and thinking of putting them in the relevant Business Unit OU
> (along with all the other servers that belong to that BU). Is this
> supported? Considerations we should be aware of?
>
If You have contact with PSS I would advise contact them to confirm
this, however as far as I know how support is approaching this supported
configuration is to keep DCs in a "Domain controllers" OU or its sub OU.
I recall that there were some issues around RODCs being in non default
OU in Windows 2008, fixed probably for R2 - check with PSS for advisory
here.
--
Tomasz Onyszko
http://www.w2k.pl/ - (PL)
http://blogs.dirteam.com/blogs/tomek/ - (EN)
| | | |
| Ravi.Sabharanjak@blackrock.com
Posts:98
| | 03/15/2010 7:01 PM |
| If you move them out, would you not need to worry about applying the
same group policies to them? If they are in different OU's, there's a
chance that they will receive different settings from different group
policies unintentionally and cause an unreliable user experience. I
would leave them in the default OU.
Regards,
-Ravi
________________________________
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Ken Schaefer
Sent: Sunday, March 14, 2010 5:12 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] RODCs & Default Domain Controllers OU
Hi all,
What are people's thoughts on leaving RODCs in the Default Domain
Controllers OU?
We are looking at deploying a few hundred of these out to departmental
sites, and thinking of putting them in the relevant Business Unit OU
(along with all the other servers that belong to that BU). Is this
supported? Considerations we should be aware of?
Thanks
Cheers
Ken
THIS MESSAGE AND ANY ATTACHMENTS ARE CONFIDENTIAL, PROPRIETARY, AND MAY BE PRIVILEGED. If this message was misdirected, BlackRock, Inc. and its subsidiaries, ("BlackRock") does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BlackRock, unless the author is authorized by BlackRock to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BlackRock. Although BlackRock operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
| | | |
| laurahcomputing
Posts:148
| | 03/15/2010 8:02 PM |
| As of W2K8 I'm very certain that PSS didn't support this configuration
- barks an error during dcdiag and is explicitly checked for during an
ADRAP, because of the "inconsistent GPO application" reason that Ravi
states.
Haven't heard if the supportability stance has changed for R2, but I
would probably doubt it.
What is the precise technical goal that you are trying to accomplish
by placing your RODCs in disparate OUs?
On Mon, Mar 15, 2010 at 2:59 PM, Sabharanjak, Ravi
<Ravi.Sabharanjak@blackrock.com> wrote:
> If you move them out, would you not need to worry about applying the same
> group policies to them? If they are in different OU’s, there’s a chance that
> they will receive different settings from different group policies
> unintentionally and cause an unreliable user experience. I would leave them
> in the default OU.
>
>
>
> Regards,
>
> -Ravi
>
>
>
> ________________________________
>
> From: activedir-owner@mail.activedir.org
> [mailto:activedir-owner@mail.activedir.org] On Behalf Of Ken Schaefer
> Sent: Sunday, March 14, 2010 5:12 AM
> To: ActiveDir@mail.activedir.org
> Subject: [ActiveDir] RODCs & Default Domain Controllers OU
>
>
>
> Hi all,
>
>
>
> What are people’s thoughts on leaving RODCs in the Default Domain
> Controllers OU?
>
>
>
> We are looking at deploying a few hundred of these out to departmental
> sites, and thinking of putting them in the relevant Business Unit OU (along
> with all the other servers that belong to that BU). Is this supported?
> Considerations we should be aware of?
>
>
>
> Thanks
>
>
>
> Cheers
>
> Ken
>
> THIS MESSAGE AND ANY ATTACHMENTS ARE CONFIDENTIAL, PROPRIETARY, AND MAY BE
> PRIVILEGED. If this message was misdirected, BlackRock, Inc. and its
> subsidiaries, ("BlackRock") does not waive any confidentiality or privilege.
> If you are not the intended recipient, please notify us immediately and
> destroy the message without disclosing its contents to anyone. Any
> distribution, use or copying of this e-mail or the information it contains
> by other than an intended recipient is unauthorized. The views and opinions
> expressed in this e-mail message are the author's own and may not reflect
> the views and opinions of BlackRock, unless the author is authorized by
> BlackRock to express such views or opinions on its behalf. All email sent to
> or from this address is subject to electronic storage and review by
> BlackRock. Although BlackRock operates anti-virus programs, it does not
> accept responsibility for any damage whatsoever caused by viruses being
> passed.
>
--
-----------------------
Laura E. Hunter
Principal, LHA Consulting Incorporated (http://www.lhaconsulting.com)
Microsoft MVP, Directory Services
(https://mvp.support.microsoft.com/profile/laura)
Author, Active Directory Consultant's Field Guide (http://tinyurl.com/7f8ll)
Author, Active Directory Cookbook, Third Edition (http://tinyurl.com/7kp3ct)
| | | |
|
|