Pre-populate Users’ passwords on a Read-Only Domain Controller (RODC)

When a branch users and computers logs in, the RODC contacts a writeable DC for their authentication and caches their password provided Password Replication Policy (PRP) is configured. However, you can prepopulate the passwords cache on RODC with user and computer accounts before they try to log in at the branch site. 

Pre-populating passwords cache on an RODC ensures branch users and computers can still log in when a WAN link between Read-Only DC and Writeable DC is down. You can pre-populate password cache by using ADUC MMC snap-in or PowerShell.

Before you move ahead, add users and computers to Allowed RODC Password Replication Group otherwise password replication won’t occur.

Pre-populate Users’ Passwords Using Active Directory User and Computer MMC Snap-in

Step 1. Open Active Directory User and Computer MMC Snap-in and make sure you are connected to writeable DC

Step 2. Expand domain node and click Domain Controllers

Step 3. In the right-pane Right-click the RODC computer account -> click Properties

Step 4. Click Password Replication Policy tab

Step 5. Click Advanced

Step 6. Click Prepopulate Passwords and enter the desired user or computer account

Step 7. When you are asked for confirmation, click Yes

Step 8. Wait for confirmation 

Pre-populate Users’ Passwords Using PowerShell
Step 1. Open PowerShell with elevated privileges 
Step 2. Execute the following script. Make sure to replace the parameter values

$users = Get-ADUser -SearchBase "OU=Students,dc=yourdomain,dc=com" -Filter * foreach ($user in $users) {Get-ADObject -identity $user | Sync-ADObject -object -Source  -Destination  -PasswordOnly}

References