• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 251
  • Last Modified:

Remote site will not autenticate to local Domain Controller

I have had this problem lingering for a while now.

I have a single domain with 2 Domain controllers(Server 2003) at HQ . I also have four remote sites set up with a DC in each (both windows 2000 and windows 2003). on the rare occurance that the VPN between HQ and the remote sites breaks (ISP outage, Powerloss etc..), the users in the remote sites lose all domain activity. They can't log on, they lose access to shared resources. the desktops are all XP Pro and I'm not sure why they can't even log on with the cached profile.

I have checked a few destops in the remote sites to find out which logon server they are using.
The set logonserver command at a command prompt returns their local domain controller.

This happens for sites with both server 2000 and 2003 domain controllers.

I would like to get to a point where each site can function on a local level even if the VPN connection dies.

Any help is much appreciated.

2 Solutions
Is your forest set to Native Mode.  If so, it could be a global catalog problem.  All logins in a native mode domain need to contact a global catalog server.  No GC server, no login.  This can be fixed by configuring the DCs at the remote sites as Global Catalog servers.
Brian PiercePhotographerCommented:
You must also provide alternate DNS servers on site and specify them in the TCP/IP properties.
jmarenghiAuthor Commented:
Thanks Darylx & KCTS

I believe the problem was the Global Catlog setting on the DC's in the remote sites. I just need to wait to break the vpn and try to have a user restart a PC down there.

I should be all set with DNS resolution for the remote clients because the DC's in the remote sites all run DNS with forwarders for their respective ISP's.

I'll give out the points after I test

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now