need urgent assistance

Posted on 2012-09-02
Medium Priority
Last Modified: 2012-09-03
hello, i just installed our first RODC on windows server 2008 core using an answer file.

now that it has rebooted after the install, we are unable to log in. using domain admin credentials getting: "user name or password is incorrect"

also, when i open the RODC server object in dsa.msc i am unable to view properies on the password replication tab. i click it and the properties does not launch

Question by:siber1
  • 6
  • 3
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38359477
Did the replication completed.?
Check the DNS Pointing in DSRM mode
run ipconfig /registerdns and restart netlogon all DC you have

Author Comment

ID: 38359522
yes replication completed.
i can log in via safe mode w/networking

im getting access is denied when trying to replicate any naming contexts to the RODC.
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38359538
Please attach

dcdiag /q from healthy and RODC
repadmin /showrepl & repadmin /replsum from healthy
ipconfig /all from both DC

Also Check if any condition in given link matches your situation
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.


Author Comment

ID: 38359658
sarang, i appreciate your assistance, but i've already done a fair bit of due dilligence prior to posting this. i've gone through those articles already.
this is RODC related, getting "invalid username / password" even when running dcdiag /test:advertising

I really need someone to contribute that has experience with RODC deployments.

LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38359675

I understand this but as a remote support we do gather primary test result ...This is something called step by step
The reason for asking above tests are to get onground scenario of the setup and Not only myself but other forum posters going through the things could also get a better picture  and provide you better assistance

Author Comment

ID: 38359695
looks like in order to log in i would need to run this command:
Repadmin /rodcpwdrepl RODC15 HUBDC12 CN=MikeDan,OU=DatacenterUsers,DC=contoso,DC=com CN= MikeDanLaptop,OU=DatacenterComputers,DC=contoso,DC=com

does anyone know the answers to the following questions re: RODC / server core
1. what should the "primary group" membership be? i.e. on rwdc it is domain controllers, what should it be for RODC's? currently the primary group is set to domain computers.
should i set this to "read-only domain controllers security group" as the primary?

2. what should the Security permissions be for domain n/c with reference to the enterprise read-only domain controllers security group?
LVL 24

Accepted Solution

Nagendra Pratap Singh earned 1000 total points
ID: 38360228
Check your answer file and reinstall. This will take like 50 minutes.

Author Comment

ID: 38360925
npsingh123 that could be a problem. this is installed on windows 2008 server core, and requires me to be able to log into the machine in normal mode [not safe mode] in order to run the dcpromo and demote. problem is, i cannot log into the RODC as mentioned above.

get invalid username / password on anything i try

Author Comment

ID: 38361216
can anyone help out here??

Author Closing Comment

ID: 38361637
ended up re-installing and changing site.

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question