Solved

Remote domain controller errors - not receiving updates via active directory

Posted on 2009-04-14
3
539 Views
Last Modified: 2012-05-06
I'm getting errors indicating that a remote domain controller has not been receiving updates via active directory.  The only thing different with this domain controller is that it is connected to the main network via an IPSEC VPN.
0
Comment
Question by:kahuna7
  • 2
3 Comments
 
LVL 1

Expert Comment

by:htam
ID: 24140766
Was it working before ?

Are using Site & Services to create a new site ?
Are you attaching each IP subnet to all site ?
Be sure to have an "Intersite-Site Transports" Rules betwen you site

You can try to report the exact error with SONAR
http://www.microsoft.com/downloads/details.aspx?FamilyID=158cb0fb-fe09-477c-8148-25ae02cf15d8&displaylang=en
0
 
LVL 2

Accepted Solution

by:
kahuna7 earned 500 total points
ID: 24149123
The answer was found after reading the open discussion area of the following thread   http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/VPN/Q_22496206.html 

It appears that by default, the Windows Server Active Directory Replication will use UDP.  When using a VPN, a portion of the MTU of 1500 is taken up by overheat, leaving something like 1340 bytes available.  UDP will not fragment, so these packets never reach the remote domain controller.  There is a registry setting that will force Windows to use TCP instead.  TCP will fragment.
0
 
LVL 2

Author Closing Comment

by:kahuna7
ID: 31570503
This feels weird to award points to myself when the original thread gave me the impetus for the answer, but according to the close answer pop-up, this is how the answer and subsequent point assigning should be done.
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Installing 3rd Party SSL for enabling LDAP over SSL 13 31
IPSec/L2TP 25 25
Need to learn more about SecurityProtocolType.Tls12 3 27
Changing passwords 3 20
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question