Here's the scenario. I have 3x DCs. 1x PDC, 1x BDC and 1x RODC. The RODC lives on a remote site and services half a dozen PCs.
I am getting 5723 events logged on our RODC(with limited credentials) for accounts that should be serviced on our main site, so it got me wondering why these machines are crawling through a limited DSL VPN when they should be serviced locally.
I also log which servers are servicing logon requests on our main site. This is split between the PDC and BDC.
Any ideas what logic (if any) the client machines are using to find the best available PC and how I can stop local machines trying to authenticate with a DC which doesnt store it's credentials.
I am running a simple domain on SBS2008 with no trusts relationships.
Sorry if the answer is obvious!!?
Thanks in advance.