Adding RODCs to Domains
When you install an RODC, you should use Advanced Installation mode. This mode allows you to configure Password Replication Policy, delegate administrative permissions, and install from media.
Password Replication Policy controls whether passwords are replicated to the RODC that you are installing. As discussed in "Setting Password Replication Policy" later in this chapter, you can configure denied accounts, for which passwords are never replicated, and allowed accounts, for which passwords are always replicated.
Through delegation of administrative permissions, you allow a specified user or group to act as the local administrator of the RODC while granting no other administrative permissions in the domain. For ease of administration, ...