I hope this is in the right forum... I have one forest with five child domains at 2k8 functional level. Our exchange 2003 server resides in the Forest Root which is also the domain for our central office. The child domains are branch offices, each location has 2 DC's. Everything is working fine unless I lose the link to a branch office. At which point the users in that child domain/branch office can't log on to OWA because the Child DC is unavailable. I'm trying to figure out the best way to stop this from happening... I'm thinking about putting RODC's for each child in our Central Office so everyone can be authenticated to a local server. Does anyone know of a better option to accomplish this?

I suspect that the problem is with DNS. Do you have a split-brain DNS, i.e., the same DNS domain for both external and internal access, with internal hostnames resolving to internal addresses? Is OWA reachable from the Internet? If the answers to both questions is "yes", then your users won't be able to connect to OWA when the internal link is down unless they point their network settings to an external DNS server. If I'm right, adding RODCs to each office won't fix that. Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

Ed, Thanks for getting back to me. I'm not using split-brain DNS. Internal and external domain names are completely different. Yes OWA is reachable from the internet, and I only have a problem when the WAN link is down between a branch office and the main office. For example there are two offices, A and B. Office A domain is something.local and Office B is else.something.local . The offices are connected via a point to point link, with all internet access going through a firewall at Office A. Office A has the exchange server and a DC. Office B has a DC. When the point to Point Link is up, users from Office B are able to log in to OWA because the DC for else.something.local is reachable. However if the point to point link goes down there is no connection to the DC in Office B and the users can't login. I'm assuming a RODC in Office A for else.something.local would solve this issue. Does that make more sense? Is there a better option that I'm missing?

An RODC will not fix a broken link. If the IP address they get from DNS is an internal IP address, then they need the internal link to reach that address.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."