Read Only Domain Controller issue

    Im having a domain named with a sinlge RWDC1 and then i had promoted RODC in another server. After promoting RODC. In Active Directory user and computer console defaultly i can able to create users and delete users because its console is not RODC console its RWDC1 console . How its is possible. After i changed to the RODC console its not possible to create or delete users. So in RODC their are telling unidirectional replication. If i use RWDC1 Active directory Console in RODC its possible to create users and delete. How its possible it is  unidirectional. Why after installing RODC its shows RWDC1 Active directory users and computers console instead of RODC Active directory users and console. Please dont give reference links.

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Glen KnightCommented:
I think I understand what you are saying.

Can you confirm which Domain Controller the snapin is connected to? Right click atvthe top if the tree and chose select domain controller.
columbusengAuthor Commented:
After promoting RODC . Its connected to RWDC console only also its possible to change to RODC console. My doubt is that. If RWDC Active directory users and computers console available in RODC means its possible to create users and delete users. So there is no secutiry. its my doubt
Glen KnightCommented:
The RODC is mainly for use in an area with lack of physical security.  It will not stop the ability to create or delete users because the console will simply connect to a writeable DC.
Your Guide to Achieving IT Business Success

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

columbusengAuthor Commented:
No. After connecting to Writable DC Console in RODC.iits possible to create and delete users . How its possible.
Glen KnightCommented:
Because the writeable console will connect to the writeable DC.  Check and you will see.
columbusengAuthor Commented:
Yes its connecting to writable DC only. Thats not my doubt . My doubt is if i connect to RWDC console in RODC means its possible to create users and delete users . After promoting RODC first it shows RWDC Active directory users and computers Console instead of  RODC Active directory users and computers console.. Whether its the default console for RODC or i had did any mistake.
Glen KnightCommented:
What you are seeing is correct.
columbusengAuthor Commented:
Fine. Is it possible to block change console option in active directory users and computers by using Group policy to prevent accessing RWDC Console.
Glen KnightCommented:
I don't think so.  It's a snapin for the MMC console.  You can blickbthe MMC console but that will block everything that uses the MMC console.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
columbusengAuthor Commented:
I accept your comments. But after real time implementation i will conform
Are you sure its been RODC, can you go to ADUC & check on DC Ou that it has been listed as an RODC

Pic is taken from Mkline site.

If you are able to make changes on RODC, its not a writable DC as data can't be written on RODC,because of unidirectional replication mechanism.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.