• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 784
  • Last Modified:

Set RDP server to authenticate with RODC

I have 2 forests, A and B, connected with a 2 way trust over a VPN tunnel.
In Forest A, I have an RDP Server.
Users in Forest B can login to the RDP Server using their own domain credentials, but logon is slow as it authenticates back with the domain controllers in Forest B.

I have installed a Read Only Domain Controller (Forest B) in Forest A, hoping to speed up the authentication. However, when users that logon to the RDP server is still authenticating back to the old DC in Forest B, rather than the RODC in Forest A.

How can I make them authenticate to the RODC?

I have granted the users membership to "Allowed RODC Password Replication Group", as well as verified that their accounts are visible in the "Accounts whose passwords are stored in this Read-only Domain Controller".
I have also the domain controllers assigned correctly to the 2 Sites with correct subnets in Active Directory sites and services.
0
frukeus
Asked:
frukeus
1 Solution
 
Jian An LimSolutions ArchitectCommented:
i have a think about that.
the behaviour mainly driven by the 2 way trust setup
if you have setup your 2 way trust to go over the VPN, it will fly over the VPN.

so i think you need to change your 2 way trust to trust the RODC.

but i am guessing there must be something prohibited not to trust a rodc
0
 
frukeusAuthor Commented:
I read somewhere that the 2 way trust will always check with the DC first instead of RODC.
0

Featured Post

Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now