Hi Support Community,
we deployed an RODC within an perimeter already and its working fine. In my understanding the RODC forwards all authentication to the internal RW-DC if the passwort is not cached by the PRP (Allowed RODC Group).
Is there a way to prevent the pass through for a subset of defined users/computers i dont want to be authenticated at the perimeters rodc from the perimeters AD-site? As on option is it possible to archive this goal by modify the LDAP access to this user/computer accounts and remove the read access for anyone?
Ty.