Taiwan CSS Platform Team

Your Potential, Our Passion.

如何突破可設定密碼RODC複寫 cache 1500個以上的account(user或computer)

如何突破可設定密碼RODC複寫 cache 1500個以上的account(user或computer)

  • Comments 2
  • Likes

原因

If more than 1,500 accounts (users, computers, or groups) are added to the Allowed list (the msDS-RevealOnDemandGroup attribute) of an RODC, the RODC stops caching passwords for all security principals in the Allowed list. This occurs when you add security principals using either the repadmin /prp <RODCName> allow <User_Name> command or by directly modifying the msDS-RevealOnDemandGroup attribute of the RODC

解決方案 - As a workaround, add the security principals to security groups to reduce the overall number of security principals that are in the Allowed list

建議您由於此清單有1500限制,請您改由security group取代user account

您可以由此清單加入有電腦與User帳號的安全性群組,建立cache需要等待密碼複製到RODC上,跨site可能需要等待60~90分鐘

clip_image002

另外當密碼有在以下清單中代表已經cache

 

image
Comments
  • As a workaround, add the security principals to security groups to reduce the overall number of security principals that are in the Allowed list

  • After installed with Windows 7 Ultimate 64-bit ,I got some question under the XP mode.

    There are 3  ? "Virtual PC integrated device" under  other device  , How can I update / install the driver for these device ?

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment