Adding Server ROles to an IIS installation on an RODC

In a recent case I was involved with I stumbled upon something quite interesting. The customer had set up a brand new Windows 2008 Server running IIS, and made it into a Read Only Domain Controller (RODC). Having done this they now wanted to add the FTP-server Role to the existing IIS installation and found that they couldn't.

The reason for this is that the RODC is quite picky about what server roles and features it will allow you to install. I recommend looking at the following articles, but they still don't cover everything.

Applications That Are Known to Work with RODCs
https://technet.microsoft.com/en-us/library/cc732790.aspx

Planning for Application Compatibility with RODCs
https://technet.microsoft.com/en-us/library/cc731746.aspx

The main lesson to be learned is that although the application is listed as known to work with RODCs that doesn't necessarily mean it installs well once the server has been promoted to RODC. When it comes to FTP you have two valid options to get this working:

  1. Install the FTP server before promoting the server to RODC
  2. Install the FTP Service 7.5 for IIS7. This is a stand-alone installer and works just fine.

/ Johan

Comments