Hi, I am testing rodc in test envorenment having one 2008r2 dc, one 2008r2 rodc and one windows 7 client on same network. I added one user to password pre-populate list. Then after giving some time to replicate settings, I disconnected dc and tried to login win7 client. also I applied group policy setting to not cache password locally on win7 client. It says trust failed between workstation and primary domain. Is there any wrong configuration and if not how rodc can be tested???

Hi, Thanks for the post. Please understand that the credentials of cacheable accounts aren’t actually cached until after the initial logon to an RODC when the authentication request is forwarded to a Windows Server 2008 R2 writable DC and the credentials are replicated to the RODC. This means that if network connectivity to a writable DC becomes unavailable before cacheable accounts are authenticated against an RODC, successful logon will fail even though the accounts have been configured as cacheable. Here is some useful information you could refer to: http://technet.microsoft.com/en-us/library/cc753470(WS.10).aspx http://technet.microsoft.com/en-us/magazine/ff679947.aspx Hope this helps. MilesPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.