skip to content »

Rodc dns not updating

rodc dns not updating-57

This problem is normally seen when you promote a new DC into the domain.There are no errors up to the reboot, but the Netlogon and SYSVOL shares are never created. Clues to a non-replicating DC usually produce errors that show up in DCdiag output, in the Repadmin/showreps report, or by observing errors in the DS Event log.

What new attributes support the RODC Password Replication Policy?The following attributes have been added to the Active Directory schema to expedite the functionality that is required for RODC caching operations:ms DS-Reveal-On Demand Group.This attribute points to the distinguished name (DN) of the Allowed List.The credentials of the members of the Allowed List are permitted to replicate to the DS-Never Reveal Group.This attribute points to the distinguished names of security principals whose credentials are denied replication to the RODC.If replication was broken in both directions you might look at a broken network connection or a DNS problem, but being broken in only one direction is hard to troubleshoot. "Outbound replication" refers to the replication operation where another DC pulls from a DC.

For instance, If DC1 and DC2 are replication partners, DC1 replicates inbound from DC2. Outbound replication for DC1 refers to DC2 pulling replication from DC1.

Note that we listed the GUID of the good DC first (destination) and the GUID of the broken DC last (source).

This creates a link from the broken DC to the good DC. In Sites & Services, check to make sure there are automatically generated connection objects from the broken machine to the good one (root) and make sure Replicate Now works on that object without error. Check the Directory Services, System and Application event logs for related errors.

A default list of security principals whose credentials are denied replication to the RODC is provided.

This improves the security of RODCs that are deployed with default DS-Revealed List.

This has no impact on the ability of these security principals to authenticate using the RODC.