I have spent the last 2 weeks trying to figure out what the problem is and I am not able to find out.
But first I wanted to know the purpose of an RODC. This is what I understand. RODC is suppose to reduce a branch authentication traffic to DC and authenticate locally, this is also the case if the DC is down. Please correct me if I'm wrong.
Now this is the issue.
I have a DC Server that has DHCP service installed and has failover replication configured to an RODC server. I have an RODC that has DHCP service installed that replicates from the DC server in case the DC DHCP is down. I have clients that authenticate from RODC when the Primary DNS IP for clients is set to point to RODC and I have set the Alternate DNS IP for clients to point to DC in case RODC is down. What happens is that if DC is down the clients authenticate from the RODC but when the RODC is down the clients DO NOT authenticate from the DC (I checked the event viewer Security for authentication in RODC a Kerberos Ticket is issued). Similar is the case if I switch clients IPs to point to DC rather than RODC the clients authenticate from DC and not from RODC if DC failed. I have set the Password Replication POlicy in the DC for the RODC.
What I want is for the clients to authenticate from the RODC and if RODC is down the from DC but this does NOT happen, what happens is that clients are able to login but the Network shows as Unknown Network.
I thought this has something to do with DNS so I started fresh without DNS, its the same issue. I feel I'm missing something, either my understanding is wrong or I'm missing some part from the clients end.
I have set the RODC to point to DC as Primary DNS and Alternate DNS as itself (not loopback), I have tried the other way around as well, not working.
Could someone take the time to explain what is it that I'm not understanding or doing wrong.
Edited by TryllZ, 22 September 2016 - 04:35 AM.