What is the exact risk associated with RODC and password caching and how easily once someone had the RODC could they extract the password ? and second part of question is the risk associated with RODC password caching any less secure than placing a RWDC at the site instead of the RODC ?

Physical acces to the database is generally considderd less secured in a branch site than in a highly secured datacenter.Physical acces to a DCs databse makes it easy to obtain passwords. Cf. http://www.l0phtcrack.com, but if you use drive encryption one could argue about this.RODC is less vulnerable to contaminate the DCs back home, cause undesirable changes are not replicated back to the Datacenter RWDC's.Prepopulation Mechanism http://technet.microsoft.com/en-us/library/cc755310(WS.10).aspx so I would say a RWDC is less secure than a RODC. The main question is how insecure is the physical location and who has acces to it.

So if you had the same site with a RODC and RWDC at the site (in the example scenario the security of the site is the same for both DC types) then the RWDC would pose the biggest security threat ?

The premise of having an RODC is being able to provide domain services to an environment that has been designated as high risk. If the RODC does get compromised, the incident is minimized due to the read-only nature of an RODC and because it will only contain a small sub-set of credentials. Therefore one will not have to issue a password reset to all users. In terms of what is the exact risk, that is only something you can decide since it is the sum of so many pieces. How valuable is the data? Are you 24x7? What type of users are at the remote site? What is the security posture of this site? So on and so forth. The following TechNet article is a great start and there are many other reference that seem to branch out from there: http://technet.microsoft.com/en-us/library/cc732801(v=ws.10).aspx

Thanks for input PJHanson.

In the last episode of <4f1cd10e-e1ec-49ee-a8b4-d50b5fd29b13@communitybridge.codeplex.com>, MicroBlogger said: So if you had the same site with a RODC and RWDC at the site (in the example scenario the security of the site is the same for both DC types) then the RWDC would pose the biggest security threat ? Yes. Without disk encryption, all it takes is physical access to a RWDC, the ability to take it offline for 15 minutes or so without anyone noticing and a bit of creativity to gain administrative access to the entire Active Directory environment.