Mark Empson's Global notepad

Platforms and Active Directory Resources.

RODC connection object is goes AWOL

RODC connection object is goes AWOL

  • Comments 4
  • Likes

If the RODC connection object goes Absent With Out Leave (AWOL) then there are some steps to recover it, taken from the Ask the Directory Services Team's Blog site (http://blogs.technet.com/b/askds/archive/2010/10/08/friday-mail-sack-cluedo-edition.aspx)

RODCs require a special flag on their connection objects for SYSVOL replication to work. If not present, SYSVOL will not work for FRS or DFSR. To fix these servers:

1. Logon to a writable DC in the affected forest as an Enterprise Admin.

2. Run DSSITE.MSC and navigate to an affected RODC within its site, down to the NTDS Settings object. There may be no connections listed here, or there may be manually created connections.

dssitenedpyle1

3. Create a new connection object. Ideally, it will be named the same as the default (ex: "RODC Connection (FRS)").

dssitenedpyle2

4. Edit that connection in ADSIEDIT.MSC or with DSSITE.MSC attribute editor tab. Navigate to the "Options" attribute and add the value of "0x40".

dssitenedpyle3

dssitenedpyle4

5. Create more connections using these steps as necessary.

6. Force AD replication outbound from this DC to the RODCs, or wait for convergence. When the DFSR service on the RODC sees these connections, SYSVOL will begin replicating again.

More info about this 0x40 flag: http://msdn.microsoft.com/en-us/library/dd340911(PROT.10).aspx

RT (NTDSCONN_OPT_RODC_TOPOLOGY, 0x00000040): The NTDSCONN_OPT_RODC_TOPOLOGY bit in the options attribute indicates whether the connection can be used for DRS replication [MS-DRDM]. When set, the connection should be ignored by DRS replication and used only by FRS replication.

Despite the mention only of FRS in this article, the 0x40 value is required for both DFSR and FRS. Other connections for AD replication are still separately required and will exist on the RODC locally.

Comments
  • I hate editing settings in ADSI directly - but thanks for sharing. The day will come where we need this information!

  • Great article, but why on earth would an RODC connection go AWOL in the first place?

  • Automation scripts?

  • Cool. Very usefull

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment