?
Solved

Clients won't login to local domain controller when WAN link is down

Posted on 2004-04-01
9
Medium Priority
?
383 Views
Last Modified: 2006-11-17
I have a Win2K AD domain in a school district, and have multiple sites configured in AD, each with their own domain controller. These sites are connected physically by T1. When the T1 is up and operational, the clients login just fine, and by running a script, I can tell that they are authenticated by the local on-site domain controller. But when the WAN is down, they can't log in at all. The local DC's are configured as GC controllers, and each site has all their resources local. I designed it this way so they would be able to continue to work when the WAN link was unavailable. But it's not working. Something is still tying them to the main site, where the PDC emulator resides. Shouldn't I be able to log these clients in with local resources when the WAN is down?
0
Comment
Question by:David Goldsmith
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 10734881
Yes you should.

Are these all separate domains? Or is it the same domain but with a DC in each location?

Also, how are you binding the NICs in the DCs? I assume these are multihomed to allowed internet access or do they have a different gateway for that purpose?
0
 

Author Comment

by:David Goldsmith
ID: 10735357
Single domain, separate DC in each location. Servers not multi-homed, they have a gateway to get back to the District Office and on out to the internet.
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 10735448
Is a DNS server operating locally on the local DCs? And are the clients using the local DNS if you check their IP info?
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 

Author Comment

by:David Goldsmith
ID: 10735559
No local DNS, only primary DNS servers at main site. Is that it? I have to have DNS services running on each remote DC?
0
 
LVL 31

Accepted Solution

by:
Gareth Gudger earned 2000 total points
ID: 10735645
Yes if you lose DNS capabilities you wont be able to log on. Set up a secondary DNS server at each local location (just put it on with the DC) and specify the secondary DNS server as an additional DNS server in the clients IP settings.
0
 

Author Comment

by:David Goldsmith
ID: 10735656
As I'm asking that question, it's becoming obvious to me that I would definitely need DNS at the site in order to route network requests internally...either that, or implement a local hosts file on the clients for internal requests.
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 10735697
Depends on the number of clients you have at each location I guess. I would say if you have more than 5 to 10 use a DNS server...less headache.

Also a DNS server in each location should improve performance (as long as the local DNS server you implement is listed first in the clients IP settings with the remote second).
0
 

Author Comment

by:David Goldsmith
ID: 10735853
Thanks, that was a forehead slapper...I should have known that one...
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 10735943
Happens to all of us. :)
0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes you might need to configure routing based not only on destination IP address, but also on a combination of destination IP address (or hostname) and destination port number. I will describe a method how to accomplish this with free tools. …
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question