I'm in a situation where I'm trying to help out a friend who has little knowledge of his system. He is trying to install a program onto his domain controller and it gives an error stating that it cannot be installed on a RODC. This is the only DC that he has so I am assuming it is not a RODC. Is there a specific way I can have him determine what kind of server this was loaded as? I had him send me a dcdiag /v printout, but I couldn't determine one way or another if it was read only or not.
In 'Active Directory Users And Computers' browse to the RODC's computer object the DC Type should contain say ReadOnly if it is a RODC. The computer object properties on tab 'Managed by' should also show what type of DC it is.
You can get the DC detail with the help of PS. Go to your DC and type
nltest /DSGETDC:
i.e. PS C:\Users\44012231-730> nltest /DSGETDC:ABC.COM DC: \SKYBLUE.ABC.COM Address: \123.11.1.45 Dom Guid: 44c23f06-dff1-47c9-92e2-dd060e2c2b11 Dom Name: ABC.COM Forest Name: ABC Dc Site Name: 0SHSRNKDKJ Our Site Name: GSKDJFOENL Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST CLOSE_SITE FULL_SECRET WS 0xC000 The command completed successfully