Your company has 250 branch offices. Your network contains an Active Directory domain. The domain controllers run Windows Server 2008 R2. You plan to deploy Readonly Domain Controllers (RODCs) in the branch offices.
You need to plan the deployment of the RODCs to meet the following requirements:
– Build each RODC at the designated branch office.
– Ensure that the RODC installation source files do not contain cached secrets.
– Minimize the bandwidth used during the initial synchronization of Active Directory Domain Services (AD?DS).
What should you include in your plan?
A.
Use Windows Server Backup to perform a full backup of an existing domain controller. Use the backup to build the new RODCs.
B.
Use Windows Server Backup to perform a custom backup of the critical volumes of an existing domain controller. Use the backup to build the new RODCs.
C.
Create a DFS namespace that contains the Active Directory database from one of the existing domain controllers. Build the RODCs by using an answer file.
D.
Create an RODC installation media. Build the RODCs from the RODC installation media.
Explanation:
http://technet.microsoft.com/en-us/library/cc770654%28WS.10%29.aspx
Installing AD DS from Media
Applies To: Windows Server 2008, Windows Server 2008 R2
You can use the Ntdsutil.exe tool to create installation media for additional domain controllers that you are creating in a domain. By using the Install from Media (IFM) option, you can minimize the replication of directory data over the network. This helps you install additional domain controllers in remote sites more efficiently.
Ntdsutil.exe can create four types of installation media, as described in the following table.
You must use read-only domain controller (RODC) installation media to install an RODC. For RODC installation media, the ntdsutil command removes any cached secrets, such as passwords. You can create RODC installation media either on an RODC or on a writeable domain controller. You must use writeable domain controller installation media to install a writeable domain controller. You can create writeable domain controller installation media only on a writeable domain controller.
If the source domain controller where you create the installation media and the destination server where you plan to install ActiveDirectory Domain Services (ADDS) both run Windows Server2008 with Service Pack2 or later or Windows Server2008R2, and if you are using Distributed File System (DFS) Replication for SYSVOL, you can run the ntdsutil ifm command with an option to include the SYSVOL shared folder in the installation media. If the installation media includes SYSVOL, you must use Robocopy.exe to copy the installation media from the source domain controller to the destination server. For more information, see Installing an Additional Domain Controller by Using IFM.