This topic is resolved

Share

This topic contains 11 replies, has 2 voices, and was last updated by  Karim Buzdar 8 months ago.

  • Author
    Posts
  • #101947
     Karim Buzdar 
    Moderator
    • Topics: 24
    • Replies: 80
    Post count: 251
    Member Points: 6,145
    Rank: Level 1

    Hi Michael/everyone,

    I have one Windows Server 2016 write-able DC and one Windows Server 2016 read-only DC. I have created a user on write-able DC and added it to allowed RODC replication group on RODC. When I login from Windows 10 client, It’s password is not cached and I do not see it in list on RODC.

    Please see the attached screen shots. Any thoughts?

    Thank you,

    Karim

    Attachments:
    You must be logged in to view attached files.
    0
  • #101954
     Michael Pietroforte 
    Keymaster
    • Topics: 138
    • Replies: 337
    Post count: 1046
    Member Points: 7,244
    Rank: Level 1

    I only see one attachment. Maybe the Password Replication Policy hasn’t been replicated yet? Is this the screenshot from the RODC?

    0
    • #101959
       Karim Buzdar 
      Moderator
      • Topics: 24
      • Replies: 80
      Post count: 251
      Member Points: 6,145
      Rank: Level 1

      Thank you,

      Yes, these screen shots are from RODC.

      Attached is the second screen shot with this message.

      / Karim

      Attachments:
      You must be logged in to view attached files.
      0
  • #101977
     Michael Pietroforte 
    Keymaster
    • Topics: 138
    • Replies: 337
    Post count: 1046
    Member Points: 7,244
    Rank: Level 1

    Did you log on with the user account and did the corresponding machine use the RODC as logon server? You can also try to prepopulate the password.

    0
    • #102017
       Karim Buzdar 
      Moderator
      • Topics: 24
      • Replies: 80
      Post count: 251
      Member Points: 6,145
      Rank: Level 1

      Yes, I login with user account. How can I check my corresponding machine if it is using RODC as logon server? Do you have any idea? I expect any built-in command.

      I have both write-able DC and read-only DC in same site. Does this matter?

      0
      • #104377
         Michael Pietroforte 
        Keymaster
        • Topics: 138
        • Replies: 337
        Post count: 1046
        Member Points: 7,244
        Rank: Level 1

        The logon server should be stored in an environment variable. On a command prompt you can run this: echo %LOGONSERVER%

        0
        • #104384
           Karim Buzdar 
          Moderator
          • Topics: 24
          • Replies: 80
          Post count: 251
          Member Points: 6,145
          Rank: Level 1

          Ok, Thank you Michael.

          0
        • #106827
           Michael Pietroforte 
          Keymaster
          • Topics: 138
          • Replies: 337
          Post count: 1046
          Member Points: 7,244
          Rank: Level 1

          So was that the problem? I mean did the client machine logon to a DC instead of the RODC?

          0
        • #106833
           Karim Buzdar 
          Moderator
          • Topics: 24
          • Replies: 80
          Post count: 251
          Member Points: 6,145
          Rank: Level 1

          Hi Michael,
          I still need to check and find out the solution. I’ll post an update here.

          / Karim

          0
        • #106857
           Karim Buzdar 
          Moderator
          • Topics: 24
          • Replies: 80
          Post count: 251
          Member Points: 6,145
          Rank: Level 1

          Hi Michael,

          I just setup AD sites, and placed RODC and WRDC in separately. It worked. Check attached screen shots 🙂

          I am marking it as answer.

          / Karim

          Attachments:
          You must be logged in to view attached files.
          1+

          Users who have liked this topic:

          • avatar
        • #106865
           Michael Pietroforte 
          Keymaster
          • Topics: 138
          • Replies: 337
          Post count: 1046
          Member Points: 7,244
          Rank: Level 1

          Great. So it seems the password was never cached on the RODC because it wasn’t the workstation’s logon server.

          0
        • #106871
           Karim Buzdar 
          Moderator
          • Topics: 24
          • Replies: 80
          Post count: 251
          Member Points: 6,145
          Rank: Level 1

          Yes, exactly that was the issue.

          0

You must be logged in to reply to this topic.

CONTACT US

Please ask IT administration questions in the forum. Any other messages are welcome.

Sending
© 4sysops 2006 - 2017

Log in with your credentials

or    

Forgot your details?

Create Account