Link to home
Create AccountLog in
Avatar of AXISHK
AXISHK

asked on

Site synchronization

I have one WIndow 2008 and 2003 DC. My Window 2008 is down and I want to put the Window 2003 in a site in order to sychronize with the remote Window 2008 DC in the remote site.

When I add the Window 2003 DC to the remote site definition and start the replicate, it pop up the error
"The following eeror occurred during the attemp to contact the domain controller HKG-DC02: Directory object not found." Any idea ?

Can the Window 2008 RODC in remote site could syncrhonize with the my Window 2003 DC ?

Thanks
Avatar of arnold
arnold
Flag of United States of America image

If you do not have a functional read/write DC, you can not make changes to the AD.  You would have to restore/repair the windows 2008 DC.
The RODC can not add data since it is a read-only DC it forward the data to the DC that you say is down.


http://technet.microsoft.com/en-us/library/cc754956%28WS.10%29.aspx

http://social.technet.microsoft.com/Forums/en-US/windowsserver2008r2branchoffice/thread/975cfa10-0554-48e6-a04e-24c7a796e4fe/

Avatar of AXISHK
AXISHK

ASKER

BEJ-DC01 is a Window 2008 RODC in site BEI

HKG-DC02 is a Window 2003 DC and HKG-DC03 is a Window 2008 DC in site HKG

Just to clarify few things :
1. Is it correct for BEJ-DC01 to have only one incoming connection from HKG-DC03 ? Could I add the connection from from HKG-DC02 ?

2. Is it correct for HKG-DC03 to have incoming connetion from HKG-DC02 only ?

Thanks

replication.png
From the link I posted earlier: http://technet.microsoft.com/en-us/library/cc754956%28WS.10%29.aspx

You have to add a win2k8 DC to which the RODC from the branch will connect and get data.
Quote from:http://technet.microsoft.com/en-us/library/cc754956%28WS.10%29.aspx


"Can an RODC replicate to other RODCs?

No, an RODC can only replicate from a writable Windows Server 2008 domain controller. In addition, two RODCs for the same domain in the same site do not share cached credentials. You can deploy multiple RODCs for the same domain in the same site, but it can lead to inconsistent logon experiences for users if the WAN to the writeable domain controller in a hub site is offline. This is because the credentials for a user might be cached on one RODC but not the other. If the WAN to a writable domain controller is offline and the user tries to authenticate with an RODC that does not have the user’s credentials cached, then the logon attempt will fail. "

Open in new window

Avatar of AXISHK

ASKER

One last question. Currently, my RODC only have one inbound connection objects instead of two. Is that correct ?

Thanks

---------------------------------------------------------------------
Why does an RODC have two inbound connection objects?

This is because File Replication Service (FRS) requires its own pair of connection objects in order to function correctly.

In previous versions of Windows Server, FRS was able to utilize the existing connection objects between two domain controllers to support its replication of SYSVOL content. However, because an RODC only performs inbound replication of Active Directory data, a reciprocal connection object on the writable replication partner is not needed.

Consequently, the Active Directory Domain Services Installation Wizard generates a special pair of connection objects to support FRS replication of SYSVOL when you install an RODC. The FRS connection objects are not required by DFS Replication.
I am not sure what you are asking.
You seem to have posted the quote that answers your last question.

There is no replication going from the RODC to the remote.
RODC only has one inbound replication connection.
Avatar of AXISHK

ASKER

Under my post screenshot, there is only one connection BEJ-DC01 --> NTDS Settings --> RODC Connection (FRS) instead of two mentioned in the the document.  I really don't understand how the document says two inbound connection objects.

Thanks
ASKER CERTIFIED SOLUTION
Avatar of arnold
arnold
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of AXISHK

ASKER

Tks