In part 5 of this series I talked about the server core and which impact it can have when we look at security. Because there is a smaller footprint there is less to patch and thus less security risks. This can be a valuable server to put into a branch office, take the possibility to encrypt the hard drives with the Bitlocker technology into consideration and you have a secured server. No need to put this server into a secured room, drives are encrypted and not readable when accessed from another computer, most of the branch offices don’t have any these server rooms.
You now know the first improvement for the Branch Offices, but there are more. Take the Read only Domain controller for example.
An RODC hosts a read-only replica of the database in Active Directory Domain Services (AD DS). Before Longhorn server when the users from the branch offices needed to authenticate they had to do it with a Domain Controller over the WAN links. Another alternative was to put a Domain controller at the branch office. However this was not a good solution because most of the branch offices doesn’t have the adequate security for the domain controllers.
Furthermore, branch offices often have poor network bandwidth when connected to a hub site. This can increase the amount of time required to log on. Now RODC will give the possibility to deploy a Domain Controller the remote site without to be concerned about the physical security. Because there is only read-only replica of the database and by default all attributes are replicated except the account passwords. However this can be defined through group policies, you can specify which accounts that are allowed to replicate the passwords.
Another security feature within the RODC is the possibility to assign an Administrator that can do a local logon without being a Domain Administrator, this will also limit the security risks.
RODC functionality addresses these problems:
- Administrator role separation
- Unidirectional replication
- Credential caching
- Read-only Active Directory database
Another new feature is the Restartable Active Directory. With the Restartable AD we can stop the AD services so that we are able to apply the updates to the Domain controller or for example do and offline defragmentation of the AD without the need of restarting the server. Because most of AD Domain controllers hosts other services, we do not impact the availability of other services like DHCP or DNS.
When AD is stopped on a server it behaves it two ways, first the server will be in a Active Directory Restore mode, the AD database is offline, further the server behaves as it is a member server of a domain and users can still logon through another domain controller.
If you take the combination of a Server Core, Read Only Domain Controller and Bitlocker technology you have a secured server with a limited footprint.
Previous Posts in this series: