Microsoft, Active Directory Login issue.

We have 2 AD servers, One in Main Office *(10.1.1.10)  the other on a 3mb line in a Branch Office (10.4.1.10) .   We have replaced the Main Office AD server with a new Server.
All the roles was moved before the old server was demoted. The Main Office server has the Global Catalog.    All of the other servers has 10.1.1.10 and 10.4.1.10 for DNS/WINS in that order.

My issue is when the Main Office AD server is rebooted. No one is able to login to the domain.  I get domain cannot be found.
LVL 4
EdwardAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Matthew MillersCommented:
You can disable the requirement for a GC to be reachable, but it may be simpler to configure the remote office DC as a GC.

Enable or disable a GC:
http://technet2.microsoft.com/windowsserver/en/library/7b1c3e1c-ef32-4b8e-b4c4-e73910575f611033.mspx

How to disable the requirement that a global catalog server be available to validate user logons
http://support.microsoft.com/kb/241789



From http://technet2.microsoft.com/windowsserver/en/library/0e4d2466-68e8-40d8-8c72-099f8bc259ff1033.mspx?mfr=true

In a single-domain forest, configure all domain controllers as global catalog servers. Because every domain controller stores the only domain directory partition in the forest, configuring each domain controller as a global catalog server does not require any additional disk space usage, CPU usage, or replication traffic. In a single-domain forest, all domain controllers act as "virtual global catalog servers" in that they can all respond to any authentication or service request. This special condition for single-domain forests is by design (authentication requests do not require contacting a global catalog server, as they do when there are multiple domains and a user can be a member of a universal group that exists in a different domain). However, only domain controllers that are designated as global catalog servers can respond to global catalog queries on the global catalog port 3268.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DarylxCommented:
Check the DNS zone on the branch office DNS server.  Is the DNS zone up to date?

or it could be a global catalog issue as mentioned above.  Check the branch office server is configured a global catalog server.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.