I have a Win2K AD domain in a school district, and have multiple sites configured in AD, each with their own domain controller. These sites are connected physically by T1. When the T1 is up and operational, the clients login just fine, and by running a script, I can tell that they are authenticated by the local on-site domain controller. But when the WAN is down, they can't log in at all. The local DC's are configured as GC controllers, and each site has all their resources local. I designed it this way so they would be able to continue to work when the WAN link was unavailable. But it's not working. Something is still tying them to the main site, where the PDC emulator resides. Shouldn't I be able to log these clients in with local resources when the WAN is down?