Windows Server 2003 DNS setup connecting 2 root servers via VPN

Posted on 2004-04-08
Medium Priority
Last Modified: 2010-03-18
Here is my unique situation.  I joined my 2003 server to an existing 2003 AD domain making it a DC in that AD domain.  The connection I used to join the domain is a VPN connection from my root server to the other root server.  Replication took place and everything looks fine from what I can tell.  I have the DNS, users, domain comtrollers, all that info.

When I try and add an additional server to the AD domain, MY root server is not responding and the domain says it is not available at this time.  Why isn't my root server acting like a root server for the AD domain if it replicated with the other root server and has the same setup?  Please help.  Thank You
Question by:George Coles
  • 3

Expert Comment

ID: 10785671
What speed is your VPN connection?  If it is slower, and your network is setup to detect slow network links, you will need to disable that function for feature to work properly.

Expert Comment

ID: 10785688
Oh...wait a minute...you mean why is the NEW root server not acting like a root server?  You may need to setup a  seperate site and also configure the second DC as a Global Catalog server.

Author Comment

by:George Coles
ID: 10786122
Thanks for your reply.  My root server is in a new site and I made it a GC.  When I try to login it is still telling me "The system cannot log you on now because the domain MYDOMAIN is not available".  Are you saying that I should add a second root server and make that a GC?  Thanks

Accepted Solution

jamesreddy earned 2000 total points
ID: 10787561
Let me try to clarify a couple things.  Maybe you can asnwer a few questions.

1.  Do BOTH sides of your network (both sides of the VPN) have a GC and a DNS server that is also an Active Directory controller?

2.  The error message you are getting, does that occur on both sides of the VPN or just the new one?

3.  Have you tried logging on as the Domain Administrator?

If you can log on as the domain administrator, but not as any other user, this is a classic symptom of not seeing a Global Catalog server as the GC is needed to authenticate everyone except Domain Administrators.

Try to take a little time and lay out your network for us.  I think at the moment, the details are sketchy.  Let's try this...does it resemble the following:

Original Network

     ADC (GC)-----------VPN----------------New ADC with GC and DNS
      / \                                                                /  \
    /     \                                                            /      \
Network A                                                      Network B

Do you have a GC in both network A and network B?  A DNS server?  And ADC (Active Directory Controller)?

Let's start there...



Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Nslookup is a command line driven utility supplied as part of most Windows operating systems that can reveal information related to domain names and the Internet Protocol (IP) addresses associated with them. In simple terms, it is a tool that can …
An article on effective troubleshooting
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Free Data Recovery software is an advanced solution from Kernel Tools to recover data and files such as documents, emails, database, media and pictures, etc. It supports recovery from physical & logical drive after a hard disk crash, accidental/inte…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question