Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Remote domain controller errors - not receiving updates via active directory

Posted on 2009-04-14
3
Medium Priority
?
545 Views
Last Modified: 2012-05-06
I'm getting errors indicating that a remote domain controller has not been receiving updates via active directory.  The only thing different with this domain controller is that it is connected to the main network via an IPSEC VPN.
0
Comment
Question by:kahuna7
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 1

Expert Comment

by:htam
ID: 24140766
Was it working before ?

Are using Site & Services to create a new site ?
Are you attaching each IP subnet to all site ?
Be sure to have an "Intersite-Site Transports" Rules betwen you site

You can try to report the exact error with SONAR
http://www.microsoft.com/downloads/details.aspx?FamilyID=158cb0fb-fe09-477c-8148-25ae02cf15d8&displaylang=en
0
 
LVL 2

Accepted Solution

by:
kahuna7 earned 2000 total points
ID: 24149123
The answer was found after reading the open discussion area of the following thread   http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/VPN/Q_22496206.html 

It appears that by default, the Windows Server Active Directory Replication will use UDP.  When using a VPN, a portion of the MTU of 1500 is taken up by overheat, leaving something like 1340 bytes available.  UDP will not fragment, so these packets never reach the remote domain controller.  There is a registry setting that will force Windows to use TCP instead.  TCP will fragment.
0
 
LVL 2

Author Closing Comment

by:kahuna7
ID: 31570503
This feels weird to award points to myself when the original thread gave me the impetus for the answer, but according to the close answer pop-up, this is how the answer and subsequent point assigning should be done.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question