Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Windows Server 2008 R2 SYSVOL

5 views
Skip to first unread message

Kevin

unread,
Dec 29, 2009, 1:49:00 AM12/29/09
to
Is Sysvol on a 2008 R2 RODC ALWAYS in read-only mode or is it read-only,
ONLY when DFS-r is in use?


Florian Frommherz [MVP]

unread,
Dec 29, 2009, 2:02:42 AM12/29/09
to
Howdie!

Kevin wrote:
> Is Sysvol on a 2008 R2 RODC ALWAYS in read-only mode or is it read-only,
> ONLY when DFS-r is in use?

It is read-only. Changes won't replicate out to writable DCs.

Cheers,
Florian

Meinolf Weber [MVP-DS]

unread,
Dec 29, 2009, 2:52:19 AM12/29/09
to

Hello Kevin,

Yes, see "Read-only SYSVOL" for more details in:
http://technet.microsoft.com/en-us/library/cc771957(WS.10).aspx

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Kevin

unread,
Dec 29, 2009, 5:14:06 AM12/29/09
to
Does this hold good in a windows 2003 domain?, is there any specific DFL or
FFL for DFS Replication?

"Florian Frommherz [MVP]" <flo...@frickelsoft.net> wrote in message
news:uN%232rTFi...@TK2MSFTNGP05.phx.gbl...

Florian Frommherz [MVP]

unread,
Dec 29, 2009, 9:47:59 AM12/29/09
to
Kevin,

Kevin wrote:
> Does this hold good in a windows 2003 domain?, is there any specific DFL or
> FFL for DFS Replication?

Not sure if I understand your point. DFS does not rely on a specific DFL
or FFL level. Writable DCs have a writable copy of SYSVOL/NETLOGON and
can therefore replicate changes out to other DCs.

Cheers,
Florian

JustinHa

unread,
Jan 4, 2010, 4:25:02 PM1/4/10
to

"Kevin" wrote:

> .
>
Hi,
I have added the following text to the topic at
http://technet.microsoft.com/en-us/library/cc771957(WS.10).aspx in order to
clarify this point. The update should appear later this week.

There have been improvements to DFSR for SYSVOL replication such that SYSVOL
on an RODC that runs Windows Server 2008 R2 is absolutely read-only. In
Windows Server 2008, a delegated administrator could still write changes to
SYSVOL on an RODC, and the change would not be overwritten (though it would
not replicate out either). In Windows Server 2008 R2, the changes are
overwritten even if the delegated admin for the RODC somehow manages to
modify it. The following table summarizes the behavior changes between FRS
and DFSR and between Windows Server 2008 and Windows Server 2008 R2:

Windows Server 2008 RODC where SYSVOL is replicated with FRS
Local changes are not replicated out, and local changes are not discarded

Windows Server 2008 RODC where SYSVOL is replicated with DFSR
Local changes are not replicated out, and they are discarded

Windows Server 2008 R2 RODC where SYSVOL is replicated with FRS
Local changes are not replicated out, and local changes are not discarded

Windows Server 2008 R2 RODC where SYSVOL is replicated with DFSR
Local changes are blocked by a file system filter driver

Thanks,
Justin [MSFT]
Active Directory Documentation Team

0 new messages