A Read-Only Domain Controller (RODC) is a new type of domain controller in Windows Server 2008. Its main purpose is to improve security in office branches.
The idea behind the RODC is real good; I was very much impressed with even not having GUI at all. What really no good is that, Exchange won't be able to use RODC. This really made me upset, and I cannot stop thinking, why, why, why? Another culprit is that after installation of RODC you bumped into DOS, "hey we have power Shell finally, why not have the power Shell there, as default instead of having poor limited, DOS? Why, why, why?
Anyway, I hope someone will hear out our voice and make changes. Separating server roles is a great idea in my opinion. Windows suffered enough so far for having everything on the default server installation, this includes, games, Windows media player and all other bunch of services gets installed on default windows. I never did understand having solitaire, or windows media player on your root DC/GC. The examples I brought up might be minor details, but in reality it indicates the mentality.
Anyway, when I was talking our Microsoft consultant today, he told me Exchange could not use RODC, which made me upset. Just like in AD. Today we deployed OCS (Office communication server) all groups appeared on the default container for the OCS. Why is it so hard to put them into its own OU, why why, why? Why we don't have account called service account with different Icon, so that we can distinguish from regular user account
I believe little things make difference, and we would love to see those in the near future
Oz ozugurlu Systems Engineer
MCITP (EMA), MCITP (SA),
MCSE 2003 M+ S+ MCDST
Security Project+ Server+