Okay, I just learned from one of the IT instructors at the college that replication does not apply to roles but to AD information only such as OU's, groups, users and computers. Those things were indeed being replicated on my secondary server. So there was not a problem after all. Told you I was a noob.
iPhone 7 review: a range of small updates add up to an excellent phone