How to give the minimum required permission :c a user who wants to promote a RODC.

AB: you must be a Domain Admin to create a delegation; user must be allowed to attach the server.

or just B: user must be allowed to attach the server.
To install an RODC, you must be a member of the Domain Admins group.

Optional: delegate RODC installation
You can perform a staged installation of an RODC in which the installation is completed in two stages by different individuals. The first stage of the installation, which requires domain administrative credentials, creates an account for the RODC in AD DS. The second stage of the installation attaches the actual server that will be the RODC in a remote location, such as a branch office, to the account that was previously created for it. You can delegate the ability to attach the server to the account to a nonadministrative group or user in the remote location.

During the first stage of the installation, the wizard records all the data about the RODC that will be stored in the distributed Active Directory database, including the read-only domain controller account name and the site in which it will be placed. This stage must be performed by a member of the Domain Admins group.

The administrator who creates the RODC account can also specify at that time which users or groups can complete the next stage of the installation. The next stage of the installation can be performed in the branch office by any user or group who was delegated the right to complete the installation when the account was created. This stage does not require any membership in built-in groups, such as the Domain Admins group. If the user who creates the RODC account does not specify any delegate to complete the installation (and administer the RODC), only a member of the Domain Admins group or the Enterprise Admins group can complete the installation.
During the second stage, the wizard installs AD DS on the server that will become the RODC, and it attaches the server to the domain account that was previously created for it. This stage typically occurs in the branch office or other remote location where the RODC is deployed. During this stage, all AD DS data that resides locally, such as the database, log files, and so on, is created on the RODC itself. You can replicate the installation source files to the RODC from another domain controller over the network, or you can use the install from media (IFM) feature. To use IFM, use Ntdsutil.exe to create the installation media.

The server that will become the RODC must not be joined to the domain before you try to attach it to the RODC account. As part of the installation, the wizard automatically detects whether the name of the server matches the names of any RODC accounts that have been created in advance for the domain. When the wizard finds a matching account name, it prompts the user to use that account to complete the RODC installation.
https://technet.microsoft.com/en-us/library/cc754629%28v=ws.10%29.aspx

S品N品コピーブランド専門店
ぜひ一度のS品N品コピーブランド品をお試しください。
驚きと満足を保証できます。
ご利用を心からお待ちしております。
営業時間： ご注文はオンラインにて年中無休２４時間受付けております。