Remote site will not autenticate to local Domain Controller

Posted on 2007-10-11
Last Modified: 2013-12-05
I have had this problem lingering for a while now.

I have a single domain with 2 Domain controllers(Server 2003) at HQ . I also have four remote sites set up with a DC in each (both windows 2000 and windows 2003). on the rare occurance that the VPN between HQ and the remote sites breaks (ISP outage, Powerloss etc..), the users in the remote sites lose all domain activity. They can't log on, they lose access to shared resources. the desktops are all XP Pro and I'm not sure why they can't even log on with the cached profile.

I have checked a few destops in the remote sites to find out which logon server they are using.
The set logonserver command at a command prompt returns their local domain controller.

This happens for sites with both server 2000 and 2003 domain controllers.

I would like to get to a point where each site can function on a local level even if the VPN connection dies.

Any help is much appreciated.

Question by:jmarenghi
    LVL 10

    Accepted Solution

    Is your forest set to Native Mode.  If so, it could be a global catalog problem.  All logins in a native mode domain need to contact a global catalog server.  No GC server, no login.  This can be fixed by configuring the DCs at the remote sites as Global Catalog servers.
    LVL 70

    Assisted Solution

    You must also provide alternate DNS servers on site and specify them in the TCP/IP properties.

    Author Comment

    Thanks Darylx & KCTS

    I believe the problem was the Global Catlog setting on the DC's in the remote sites. I just need to wait to break the vpn and try to have a user restart a PC down there.

    I should be all set with DNS resolution for the remote clients because the DC's in the remote sites all run DNS with forwarders for their respective ISP's.

    I'll give out the points after I test


    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Suggested Solutions

    The question has been asked on multiple occasions as to how best to do printing in a remote desktop or terminal services environment.   It seems that this particular question has plagued several people and most especially as Terminal Services, as…
    A quick step-by-step overview of installing and configuring Carbonite Server Backup.
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now