Your network contains an Active Directory domain named contoso.com.
The domain has a branch site that contains a read-only domain controller (RODC) named
RODC1.
A user named User1 is a member of the Allowed RODC Password Replication Group. User1
frequently logs on to a computer in the branchsite.
You remove User1 from the Allowed RODC Password Replication Group.
You need to ensure that the password of User1 is no longer cached on RODC1.
What should you do?
A.
Add User1 to the Denied RODC Password Replication Group, and then force Active
Directory replication.
B.Run repadmin /rodcpwdrepl rodc2.contoso.com dc.contoso.com cn=User1,cnusers,dc=contoso,dc-com.
C.Run repadmin /prp delete rodcl.contoso.com allow cn=User1, cn=users,
dc=contoso,dc=com.
D.Reset the password of User1, and then force Active Directory replication.