client authenticate to remote DC instead of local RODC

alessandro belli 111 Reputation points

I have a standard DC1 on the main office (subnet  and a RODC1 on a remote office (subnet . The two subnet are connected throw VPN

On Site and Services there is s specific site (for the remote office) and a subnet ( that is linked with the remote RODC. Alo the default-first-site-name is linked with subnet

On the remote office client if check   logonserver values and with systeminfo it always show \DC1

Ip is configured to use RODC1 as dns server but anyway the client  try to logon to the DC1.

User and computer acount are added to the allowed RODC password replication group 

I read that the main rules for the client to choose the dc is the network distance but this seems to be not applied.

Why this happen? What I have to check or modify? If the VPN goes down the user is not able to login

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
10,657 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Dave Patrick 395K Reputation points MVP

    You could follow along here.

    --please don't forget to upvote and Accept as answer if the reply is helpful--