Deploy and Manage Domain Controllers Part 2
The "Deploy and Manage Domain Controllers Part 2" module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises: Install Domain Controller using IFM, Install Read-Only Domain Controller (RODC), Manage Password Replication Policy.
The Deploy and Manage Domain Controllers Part 2 module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises:
- Install Domain Controller using IFM
- Install Read-Only Domain Controller (RODC)
- Manage Password Replication Policy
Lab Time: It will take approximately 1 hour to complete the exercises in this lab.
- Install a domain controller from Install from Media (IFM)
- Install and configure a read-only domain controller (RODC)
- Configure password replication policy for RODC
Exercise 1 - Install Domain Controller using IFM
Large organizations that maintain Active Directory Domain Services (AD DS) typically deploy domain controllers in different locations. Modifications made in a domain controller in one site replicate to other domain controllers in the entire network to synchronize the changes made in the directory service.
If there is a requirement to install a new domain controller in a remote site, initial replication traffic can be reduced by using the install from media (IFM) method for the new domain controller.
Exercise 2 - Install Read-Only Domain Controller (RODC)
For organizations that maintain a remote site where IT support personnel is not available to maintain the server, a Read-Only Domain Controller or RODC may be a viable option for ensuring that user logons will be validated in the local network. RODCs maintain a read-only copy of the Active Directory database which it receives from a writeable domain controller in a Windows domain network. An RODC must have a reliable network connection to ensure that its Active Directory database is synchronized with other domain controllers in the domain.
Exercise 3 - Manage Password Replication Policy
The Password Replication Policy determines if an RODC should be permitted to cache a password. When the RODC authenticates a user sign-in request, it looks up to the Password Replication Policy to find out if the password for the user account should be cached. If the same user account was authenticated by the same RODC, subsequent sign-ins function efficiently.
When configuring Password Replication Policy, it will list the accounts that are permitted to be cached and the accounts that are denied from being cached.
After a successful installation of the RODC in PLABSA01 in the previous exercise, you must setup Password Replication Policy on the writeable domain controller in PLABDC01 that will act as the RODCs replication partner.
IT & Cybersecurity certification hands on practice labs and practice exams for certifications and skill development.
See the full benefits of our immersive learning experience with interactive courses and guided career paths.