Announcement

Collapse
No announcement yet.

RODC...changes replicating to AD?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • RODC...changes replicating to AD?

    Hello all.

    I created a 2008 RODC in a DMZ. I am a member of Domain admins and Enterprise Admins. I was testing to see what changes, if any, I could make on the RODC, and see if it replicated to our primary domain controllers.

    I enabled a disabled user account on the DMZ RODC, and it replicated in AD.

    I was under the assumption that no changes would be allowed?

    Any suggestions would be great as to what I may have done or what to look for.

    Thanks.

  • #2
    Re: RODC...changes replicating to AD?

    I presume you are a domain admin when you do this?

    IIRC (but this will need checking), IF the RODC can reach a writable domain controller, it will pass changes on, in the same way as it handles password changes:
    http://www.winvistatips.com/re-rodc-t806773.html
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment

    Working...
    X