Read only domain controllers have been standard in a corporate environment for many years, Sage apparently still use NT methods for dealing with domain controllers. Corporates use read only DCs as standard in most cases to protect the security and integrity of AD in large implementations. The main inconvenience for Customers using Sage 200 on such network environments is the need to create users manually on that server and then change passwords on it when users change their passwords. Feedback from IT representatives of our customers are that Sage do not seem to use up to date AD APIs. RODC APIs have been available for nearly 10 years. Feedback is also This is the only app out of hundreds of AD aware apps that our customer base have that is an issue