What is a Read Only Domain Controller (RODC)

Last Updated on April 26, 2017 by admin

Read Only Domain Controller or RODC is a new type of domain controller which was introduced in Windows Server 2008 or newer generation of server operating systems. It is a read-only DC which is set up in branch offices. It has the following main features:

  • There is a lack of security in branch offices. Therefore, an intruder won't be able to manipulate any data if he/she gets access to the physical server because RODC holds a read-only copy of AD and DNS data.
  • RODCs only support unidirectional replication of AD data that is from AD forest to RODC.
  • If you deploy a writeable DC in branches, this requires day to day maintenance including hardware upgrade, site-link changes, and user-credential changes etc. This will increase company operational cost to keep an IT department running in branch offices.

Leave a Comment