Server 2012 R2 Questions on Read Only Domain Controllers

This is just a placeholder for questions that I've thought of, but for whatever reason haven't gotten around to answering for myself. Feel free to chime in if you know any.

  1. What happens if a user tries to login to a read only domain controller if their password has expired on the read/write domain controller, but there is no connection between the RODC and the regular DC?
  2. What happens if a user with cached credentials on a RODC attempts to change their password? What if the RODC is no longer connected to the regular network?
  3. What happens if a user with credentials that are cached on a disconnected RODC goes to corporate, changes their password (because they want to or are forced by policy), and then returns to the site with the disconnected RODC?
  4. What is the design purpose of having to add a domain controller to the "Cloneable Domain Controller" group before creating a clone?
  5. What happens if you add a RODC into the "Cloneable Domain Controller" group?

No comments:

Post a Comment