Already asked this question a few weeks ago and did not get a reply…
after reading this:
https://docs.software-univention.de/ext-windows/5.0/en/index.html
I wrote this:
also i have noticed that the system check tools seem to be failing on a RO system even without adding in the DC software.
on your R/O domain controller did you set the R/O flags as per the Univention Admin manual BEFORE setting it up?
I did , but I ALSO found the same problem you saw on a test system, that installing the
“Active Directory compatible Domain Controller”
ALSO started to make writes to the supposedly only R/O setup, so i did nto implement it in production.