locked
Cannot Join Domain behind RODC RRS feed

  • Question

  • Hi!

    We are getting error message while joining pcs to our domain. The PCs are located in a branch office where we have a windows 2008 RODC. RODC is already connected to the head office DC. We used our main domain admin user to connect the clients but same error.

    The error is "The specified domain either does not exist or could not be contacted."

    The DNS on clients are pointing to RODC IP. We have already allowed RODC to connect to our internal network from our Firewall.

    Any Suggestions?

    Thanks.

    Saturday, April 20, 2013 3:25 PM

Answers

All replies

  • Hi,

    Thanks for posting your issue in the forum.

    Regarding the current issue, please understand that it is not possible to join a computer to a RODC, we must access to the DC who has PDCE role while join a PC to the domain. Therefor we will need to give PCs access through the firewall to gain access to the domain properly.

    At this time, I suggest we could try to refer to the following article for troubleshooting.

    Troubleshooting RODC's: Troubleshooting domain joins against RODC's

    http://blogs.technet.com/b/instan/archive/2008/08/13/troubleshooting-rodc-s-troubleshooting-domain-joins-against-rodc-s.aspx

    Regarding more detailed information about RODC, please refer to the article below.

    All About (RODC)Read Only Domain Controllers

    http://awinish.wordpress.com/2011/10/04/rodc-read-only-domain-controller/

    Hope this helps.

    Best Regards,

    Andy Qi


    Andy Qi
    TechNet Community Support

    • Marked as answer by Andy Qi Tuesday, April 30, 2013 9:47 AM
    Tuesday, April 23, 2013 8:12 AM
  • Thanks for the reply. Well after reading the given posts I am now reluctant to have RODCs in branches. The only reason for having RODCs was to have a single domain for all branches with less traffic.

    I can also join my branch computers to my H.O domain directly since there is already VPN connectivity among them but what about the authentication traffic and slowness on user logon.

    Any suggestions?

    What can be the best solution and practice?

    Thanks.

    Tuesday, April 23, 2013 8:57 AM