Using this option, deploy a domain controller that contains a read-only replica of the existing domain into an existing forest environment. Use this option to deploy a domain controller that contains an un-editable replica of a domain structure into an existing forest environment.
To deploy an RODC in an existing domain
1. Edit task_sequence_name (where task_sequence_name is the name of the task sequence to which you want to add the task sequence step) for:
· LTI as described in Configure the Task Sequence Properties Task Sequence Tab
· ZTI using Configuration Manager 2012 as described in Configuring ZTI Task Sequence Steps in Configuration Manager 2012
· ZTI using Configuration Manager 2007 R3 as described in Configuring ZTI Task Sequence Steps in Configuration Manager 2007 R3
2. Add a new task sequence step based on the Configure ADDS task sequence type for:
· LTI on the Task Sequence tab (In the task sequence hierarchy, click Add, click Roles, and then click Configure ADDS.)
· ZTI in the task sequence hierarchy (Click Add, click MDT, and then click Configure ADDS.)
3. On the Properties tab, type the relevant information in the following boxes:
· Name. Type a name for the task.
· Description. Type a description of the task; for example, Server_Name Site_Name (where Server_Name is the name of the server and Site_Name is the name of the domain).
4. In the Create box, click New read-only domain controller (RODC) replica.
5. In the Existing domain DNS name box, type the name of an existing DNS server.
6. In the Replication source domain controller box, type the name of the domain controller to be replicated within the existing environment. The directory services database replicates this domain controller.
7. In the Account box, type the name of an account with permissions to add a domain controller to the existing network (typically, a domain Administrator account), and then click Set.
8. In the Recovery (safe mode) password box, type a password to use for safe mode recovery.
You use this password to recover from a failed AD DS service. Make note of this password in case AD DS must be recovered.
9. In the Advanced Properties section, complete the task configuration as described in Configure AD DS Advanced Properties, and then click OK.
For more information about DCPROMO command-line options, go to Dcpromo.