Experts Exchange connects you with the people and services you need so you can get back to work.

Remote domain controller errors - not receiving updates via active directory

I'm getting errors indicating that a remote domain controller has not been receiving updates via active directory. The only thing different with this domain controller is that it is connected to the main network via an IPSEC VPN.

kahuna7

Asked: 2009-04-14

Advertise Here

1 Solution

LVL 1

htamCommented: 2009-04-14

Was it working before ?

Are using Site & Services to create a new site ?
Are you attaching each IP subnet to all site ?
Be sure to have an "Intersite-Site Transports" Rules betwen you site

You can try to report the exact error with SONAR
http://www.microsoft.com/downloads/details.aspx?FamilyID=158cb0fb-fe09-477c-8148-25ae02cf15d8&displaylang=en

LVL 2

kahuna7Author Commented: 2009-04-15

The answer was found after reading the open discussion area of the following thread http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/VPN/Q_22496206.html

It appears that by default, the Windows Server Active Directory Replication will use UDP. When using a VPN, a portion of the MTU of 1500 is taken up by overheat, leaving something like 1340 bytes available. UDP will not fragment, so these packets never reach the remote domain controller. There is a registry setting that will force Windows to use TCP instead. TCP will fragment.

LVL 2

kahuna7Author Commented: 2009-04-15

This feels weird to award points to myself when the original thread gave me the impetus for the answer, but according to the close answer pop-up, this is how the answer and subsequent point assigning should be done.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Remote domain controller errors - not receiving updates via active directory

Join & Write a Comment Already a member? Login.

Featured Post