Hey Itco...
It sounds like the secondary DCs do not have the audit policies in place to create event logs for changes.
Please see this KB for information on configuring the Audit Policy:
To set Windows Audit Policy using Group Policy Object Editor:
- Expand Computer Configuration > Windows Settings > Security Settings > Local Policies and selectAudit Policy in the left pane.
- Select the policy you want to define in the right pane and click Properties on the Action menu.
- Select or clear Success and Failure according to the instructions below.
Default Domain Controllers Policy
Select Success and Failure for all policies except:
- Audit object access
- Audit privilege use
For these, only select Failure.
Default Domain Policy
Default Domain Policy applies to all computers on your domain except your domain controllers.For this policy, select Success and Failure for the following:
- Audit account logon events
- Audit account management
- Audit logon events
- Audit policy change
- Audit system events