Avatar of David Goldsmith
David Goldsmith asked on

Clients won't login to local domain controller when WAN link is down

I have a Win2K AD domain in a school district, and have multiple sites configured in AD, each with their own domain controller. These sites are connected physically by T1. When the T1 is up and operational, the clients login just fine, and by running a script, I can tell that they are authenticated by the local on-site domain controller. But when the WAN is down, they can't log in at all. The local DC's are configured as GC controllers, and each site has all their resources local. I designed it this way so they would be able to continue to work when the WAN link was unavailable. But it's not working. Something is still tying them to the main site, where the PDC emulator resides. Shouldn't I be able to log these clients in with local resources when the WAN is down?
Windows Networking

Avatar of undefined
Last Comment
Gareth Gudger

8/22/2022 - Mon
Gareth Gudger

Yes you should.

Are these all separate domains? Or is it the same domain but with a DC in each location?

Also, how are you binding the NICs in the DCs? I assume these are multihomed to allowed internet access or do they have a different gateway for that purpose?
ASKER
David Goldsmith

Single domain, separate DC in each location. Servers not multi-homed, they have a gateway to get back to the District Office and on out to the internet.
Gareth Gudger

Is a DNS server operating locally on the local DCs? And are the clients using the local DNS if you check their IP info?
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
ASKER
David Goldsmith

No local DNS, only primary DNS servers at main site. Is that it? I have to have DNS services running on each remote DC?
ASKER CERTIFIED SOLUTION
Gareth Gudger

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
David Goldsmith

As I'm asking that question, it's becoming obvious to me that I would definitely need DNS at the site in order to route network requests internally...either that, or implement a local hosts file on the clients for internal requests.
Gareth Gudger

Depends on the number of clients you have at each location I guess. I would say if you have more than 5 to 10 use a DNS server...less headache.

Also a DNS server in each location should improve performance (as long as the local DNS server you implement is listed first in the clients IP settings with the remote second).
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
David Goldsmith

Thanks, that was a forehead slapper...I should have known that one...
Gareth Gudger

Happens to all of us. :)