Who Should Read These Guidelines, and What Scenarios Do They Apply To?

Applies To: Windows Server 2008

These guidelines should be read by system architects and information technology (IT) professionals who are responsible for evaluating, planning, or deploying an IT infrastructure in an organization that may face a number of constraints in its Active Directory deployment. These constraints may include limited physical security in remote branch offices, limited available hardware, slow wide area network (WAN) links that connect the hub offices and branch offices, or a lack of IT experience in the branch offices.

Even though most branch office environments present a consistent set of characteristics, the requirements for deployment of IT resources in these environments may vary significantly from organization to organization. You should make sure that the recommendations in this guide apply to your specific scenario before proceeding. Because these guidelines focus on planning and deploying read-only domain controllers (RODCs) in branch offices, it is important to first determine whether RODCs help fulfill the requirements for your scenario. For more information about common characteristics of branch office deployments that an RODC can help address, see Branch Office Environment Characteristics. For more information about how to determine if an RODC is suited for your scenario, see Deciding Which Type of Domain Controller Meets the Needs of a Branch Office Location.

These guidelines explain the most important issues to consider before you decide whether RODCs are a good fit for your environment. The guidelines then focus on best practices for deploying RODCs in a remote branch office environment.


These guidelines are applicable to most organizations that have from a few branch offices to several hundred branch offices.