locked
Push password/objects to all RODC daily? RRS feed

  • Question

  • I am finding the default options for an RODC is not working for our needs. Most of our clients have a main office with 30 to 50 users and branch offices with less than 10 users. Users from the main office frequently roam to branch offices. I have been manually replicating those user and computer(laptop) objects to each RODC and it is too much to keep up with.

    Is there a way for an Master PDC to replicate all domain username/password/computer objects to the RODC at each branch office daily? There is no security concern for the branch office server, which I believe is the intention for the default setting.


    @luv2geek
    Thursday, August 25, 2011 3:31 PM

Answers

  • Hello,

    You have to enable RODC PRP: http://technet.microsoft.com/en-us/library/cc730883(WS.10).aspx

    I don't know another option for that.

     


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Microsoft Student Partner 2010 / 2011
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows 7, Configuring
    Microsoft Certified IT Professional: Enterprise Administrator
    Microsoft Certified IT Professional: Server Administrator 

    Thursday, August 25, 2011 3:45 PM
  • Hi,

     

    What do you mean by saying “I have been manually replicating those user and computer(laptop) objects to each RODC”? Any troubles when doing this? As others said, you need to configure the Password Replication Policy properly. For more information, please also check the following link:

     

    Password Replication Policy Administration

    http://technet.microsoft.com/en-us/library/cc753470(WS.10).aspx   

     

    Please update us the results.

     

    Thanks.

    Nina


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Wednesday, August 31, 2011 10:55 AM

All replies

  • Hello,

    You have to enable RODC PRP: http://technet.microsoft.com/en-us/library/cc730883(WS.10).aspx

    I don't know another option for that.

     


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Microsoft Student Partner 2010 / 2011
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows 7, Configuring
    Microsoft Certified IT Professional: Enterprise Administrator
    Microsoft Certified IT Professional: Server Administrator 

    Thursday, August 25, 2011 3:45 PM
  • Your question is not exactly coming to me.

    If you want your objects to be transferred to rodc add all of them to the allowed rodc group or give permission in prp. . Now the security credential of the privileged users will not be cached on rodc by default  due to security. For scheduling them to replicate once in a day use sites.

    • Proposed as answer by vinit pandey Saturday, September 10, 2011 9:54 AM
    Wednesday, August 31, 2011 7:10 AM
  • Hi,

     

    What do you mean by saying “I have been manually replicating those user and computer(laptop) objects to each RODC”? Any troubles when doing this? As others said, you need to configure the Password Replication Policy properly. For more information, please also check the following link:

     

    Password Replication Policy Administration

    http://technet.microsoft.com/en-us/library/cc753470(WS.10).aspx   

     

    Please update us the results.

     

    Thanks.

    Nina


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Wednesday, August 31, 2011 10:55 AM