Setup: I have two domain controllers (2008 R2, forest functional 2008R2). One is my primary, and the other was set up recently as a read only domain controller (DCpromo, check the box for read only domain controller).
My problem: The read only domain controller isn't seeming all that read only. I can create user accounts on it, delete user accounts on it, and all of this propagates to my normal domain controller.
Work done thus far: I've deleted an account originally made on the read only, watched it propagate, deleted an account originally made on the regular domain controller and watched that propagate, created a user on the normal domain controller and watched it propagate (had to make sure I didnt botch my names). I've checked sites and services and the only connection I see under NTDS is named "RODC Connection (FRS)" going from my normal domain controller to the RODC.
Shouldn't this be working? How can I verify the setup was done correctly? Any ideas? Thanks in advance for any help, or for at least reading this =)
My problem: The read only domain controller isn't seeming all that read only. I can create user accounts on it, delete user accounts on it, and all of this propagates to my normal domain controller.
Work done thus far: I've deleted an account originally made on the read only, watched it propagate, deleted an account originally made on the regular domain controller and watched that propagate, created a user on the normal domain controller and watched it propagate (had to make sure I didnt botch my names). I've checked sites and services and the only connection I see under NTDS is named "RODC Connection (FRS)" going from my normal domain controller to the RODC.
Shouldn't this be working? How can I verify the setup was done correctly? Any ideas? Thanks in advance for any help, or for at least reading this =)