No announcement yet.

Domain Controller Read Only (RODC)- Not reachable

  • Filter
  • Time
  • Show
Clear All
new posts

  • Domain Controller Read Only (RODC)- Not reachable


    I am having issues with our RODC. I have Two DCs (GC).

    Now we have many branches (21), and we thought to make their authentication much easier by deploying RODC on each branch.

    So for each branch I've created a RODC and also for each branch we have created a new "Site" @ Active Directory Sites and Services with their subnets.

    Also I've enabled @ Group Policy the "Domain Controller in the Next Closest Site"

    Everything looks fine at our deployment - but when users at our branches doing a login into our domain, they still authenticate infornt of our two DC and not infront of our RODC.

    Any ideas what can solve this issue?

    Thank you

  • #2
    Re: Domain Controller Read Only (RODC)- Not reachable

    Are the client computer and the user account both added to the AllowedRODCPasswordReplication Group? This group can be configured during dcpromo for the RODC if you select Advanced mode on the Welcome page or post-dcpromo on the Properties of the RWDC, on the Password replication tab.

    By default, the RODC will not authenticate any user or computer logons - it will foward them unless the user or computer account is added to that allowed policy group.

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    ** Remember to give credit where credit's due **
    and leave Reputation Points for meaningful posts