Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
6 Useful PowerShell cmdlets for Windows Server 2016 Read-Only Domain Controller (RODC)
Karim Buzdar
May 1, 2017
1 Min Read
In one of my earlier posts, I showed you to deploy Windows Server 2016 read-only domain controller using server manager. However, if you are using Window Server 2016 core version you only have the option to use PowerShell.
In this article, I have compiled six useful PowerShell cmdlets which can help you to install, configure and manage an RODC on Server 2016 core version.
Promoting a server to an RODC
Install-ADDSDomainController -Credential (Get-Credential) -DomainName -InstallDNS:$true -ReadOnlyReplica:$true -SiteName "" -Force:$trueGetting a list of Denied RODC Replication Group members
Get-ADGroupMember -Identity "Denied RODC Password Replication Group" | ft DistinguishedName, Name, ObjectClassAdding user accounts to the Allowed Password Replication Group
Add-ADGroupMember -Identity 'Allowed RODC Password Replication Group' -Members -Confirm:$falseGetting a list of Allowed RODC Replication Group members
Get-ADGroupMember -Identity "Allowed RODC Password Replication Group" | ft DistinguishedName, Name, ObjectClassPrepopulating user passwords
Sync-ADObject -Source ‑Destination -PasswordOnlyGetting the list of accounts with passwords stored on the RODC
Get-ADDomainControllerPasswordReplicationPolicyUsage -Identity "" ‑RevealedAccounts | ft Name,ObjectClass
About the Author(s)
You May Also Like
.jpg?width=700&auto=webp&quality=80&disable=upscale)
.jpg?width=700&auto=webp&quality=80&disable=upscale)
