SYSVOL share is not replicating between RODCs and Writable Controllers

Event id 2843 in Directory Service is logged

“The Knowledge Consistency Checker was unable to locate a replication connection for the read-only local directory service.  A replication connection with the following option must exist in the forest for correct FRS system behavior.

 

Additional Data

Option:

64

User Action

Restore the original replication connection for the local directory service instance on a writable directory service instance. “

 

1. On a writable DC, please run adsiedit.msc after logon as Enterprise administrator.
2. then in adsiedit.msc, please establish a new connection:

1). For Connection Point, please “Select a well known Naming context”: Configuration
2). for Computer, please input the Name of the writable DC.
3). then click OK to connect.
4). once connect, please expand:

CN=Configuration,DC=DC Name,DC=Domain Name,DC=com,
\CN=Sites
\CN=Site Name
\CN=Servers
\CN=RODC Name

\CN=NTDS Settings
5). then in the right pane, right click and open the properties of “CN=Name of Full DC”.
6). in the properties dialog, please set Filter to check on:

Mandatory
Optional

Constructed
Backlinks
System-Only

7). then in the list, find Options
8). edit it and set the data to: 0x41
9). Save and apply
10). switch to Security tab, click Advanced, click Add, click “object types”, select computers, click OK, input the RODC name, click Check Name, click OK.

In the Permission for RODC Name dialog box, click Properties tab, locate Read fromServer, Write fromServer, Read schedule, Write schedule and give RODC permission to this four permissions. Click OK to save.
11). monitor to check whether the new gpo can be replicated to RODC.

VN:F [1.9.22_1171]
Rating: 6.0/6 (4 votes cast)
SYSVOL share is not replicating between RODCs and Writable Controllers, 6.0 out of 6 based on 4 ratings

Leave a Reply

Your email address will not be published. Required fields are marked *