Microsoft has released a document that describes the functionality of Read-Only Domain Controllers, when to use them and how to deploy them. You must read this document if you have a branch office infrastructure Active Directory. Using RODC’s in physically insecure branch offices is highly recommended.