Q. What happens when a read-only domain controller (RODC) that's a DNS server receives a DNS write request from a client?

A. It's possible to configure an RODC as a DNS server that allows clients to query the RODC for DNS information. However, an RODC only has read-only copies of DNS information and there's no way to replicate DNS changes to writable DNS servers. An RODC cannot make DNS changes.

When a client makes a write request, they first make a request for an authoritative server to their configured DNS server, which would be the RODC in this scenario. The RODC will try to find a writable DNS server in the client's local site and send the client a name server resource record for the writable DNS server so the client can make the update. If no DC can be found in the local site, the RODC will refer the client to any writable DNS server in the environment.

After about five minutes, the RODC will try to perform a replication of the single object from the writable DNS server that was updated so its database has the data that was written by the client.

See this video for an overview of RODCs.

Related Reading:

Check out hundreds more useful Q&As like this in John Savill's FAQ for Windows. Also, watch instructional videos made by John at ITTV.net.
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.