如何突破可設定密碼RODC複寫 cache 1500個以上的account(user或computer)


原因


If more than 1,500 accounts (users, computers, or groups) are added to the Allowed list (the msDS-RevealOnDemandGroup attribute) of an RODC, the RODC stops caching passwords for all security principals in the Allowed list. This occurs when you add security principals using either the repadmin /prp <RODCName> allow <User_Name> command or by directly modifying the msDS-RevealOnDemandGroup attribute of the RODC


解決方案 – As a workaround, add the security principals to security groups to reduce the overall number of security principals that are in the Allowed list


建議您由於此清單有1500限制,請您改由security group取代user account


您可以由此清單加入有電腦與User帳號的安全性群組,建立cache需要等待密碼複製到RODC上,跨site可能需要等待60~90分鐘


clip_image002


另外當密碼有在以下清單中代表已經cache


 

image

Comments (2)

  1. Anonymous says:

    As a workaround, add the security principals to security groups to reduce the overall number of security principals that are in the Allowed list

  2. Anonymous says:

    After installed with Windows 7 Ultimate 64-bit ,I got some question under the XP mode.

    There are 3  ? "Virtual PC integrated device" under  other device  , How can I update / install the driver for these device ?