Hi,
The Microsoft "RODC Guidance for administering the password replication policy" says :
"If more than 1,500 accounts (users, computers, or groups) are added to the Allowed list (the msDS-RevealOnDemandGroup attribute) of an RODC, the RODC stops caching passwords for all security principals in the Allowed list. This occurs when you add security principals using either the repadmin /prp <RODCName> allow <User_Name> command or by directly modifying the msDS-RevealOnDemandGroup attribute of the RODC using a tool such as Active Directory Users and Computers.As a workaround, add the security principals (users, computers, groups) that you want to be cached on the RODC to a group, add that group to the Allowed list, and then remove these security principals from the Allowed List. Because they are members of that group that is in the Allowed List, the RODC can replicate their passwords."
Does this 'workaround' allow the RODC to cache more than 1.500 passwords ?
Thank you for your help,
V1.
