Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!
Course Of The Month
Become a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Remote domain controller errors - not receiving updates via active directory
Posted on 2009-04-14
I'm getting errors indicating that a remote domain controller has not been receiving updates via active directory. The only thing different with this domain controller is that it is connected to the main network via an IPSEC VPN.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
2
3 Comments
Was it working before ?
Are using Site & Services to create a new site ?
Are you attaching each IP subnet to all site ?
Be sure to have an "Intersite-Site Transports" Rules betwen you site
You can try to report the exact error with SONAR
http://www.microsoft.com/downloads/details.aspx?FamilyID=158cb0fb-fe09-477c-8148-25ae02cf15d8&displaylang=en
Are using Site & Services to create a new site ?
Are you attaching each IP subnet to all site ?
Be sure to have an "Intersite-Site Transports" Rules betwen you site
You can try to report the exact error with SONAR
http://www.microsoft.com/downloads/details.aspx?FamilyID=158cb0fb-fe09-477c-8148-25ae02cf15d8&displaylang=en
The answer was found after reading the open discussion area of the following thread http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/VPN/Q_22496206.html
It appears that by default, the Windows Server Active Directory Replication will use UDP. When using a VPN, a portion of the MTU of 1500 is taken up by overheat, leaving something like 1340 bytes available. UDP will not fragment, so these packets never reach the remote domain controller. There is a registry setting that will force Windows to use TCP instead. TCP will fragment.
It appears that by default, the Windows Server Active Directory Replication will use UDP. When using a VPN, a portion of the MTU of 1500 is taken up by overheat, leaving something like 1340 bytes available. UDP will not fragment, so these packets never reach the remote domain controller. There is a registry setting that will force Windows to use TCP instead. TCP will fragment.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Let's recap what we learned from yesterday's Skyport Systems webinar.
- Ransomware
- Experts Exchange
- Skyport Systems
- Active Directory
- Security
- *privileged credentials
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Are you ready to implement Active Directory best practices without reading 300+ pages?
You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month7 days, 5 hours left to enroll
Earn Certification
MCSA Configuring Windows 7 Exam 70-680
$49.00$44.10
622 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.