Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.
COURSE of the MONTH
8 days, 11 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Isa server 2004 and windows server 2008 ADC on branch office
Posted on 2011-03-05
Hi Experts,
I have a main office for example abc.com and here windows server 2008 domain controller is installed with 100 clinets, ISa server 2004 is used to connect one branch office with main office and windows server 2008 aditional domain controller is installed there, every things are fine, we can join clients at branch office and as well at the main office but we cant make isa member server at brach office.
also when the site to site vpn is down the branch office users can't login, I tried and worked for 5 days but could not find solution for it,
your on time assistance will be appreicated,
thanks
I have a main office for example abc.com and here windows server 2008 domain controller is installed with 100 clinets, ISa server 2004 is used to connect one branch office with main office and windows server 2008 aditional domain controller is installed there, every things are fine, we can join clients at branch office and as well at the main office but we cant make isa member server at brach office.
also when the site to site vpn is down the branch office users can't login, I tried and worked for 5 days but could not find solution for it,
your on time assistance will be appreicated,
thanks
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3 Comments
Here are some items you should look at :
1. Make sure the clients at branch office uses DNS of both local server and at main office
2. Make sure DNS is running on Branch office
3. Make the branch office DC a Global Catalog server
4. Try testing : If you still have issues then check for event logs by logging locally and see if their is any log on DC
For ISA to become member, Make sure the IP is bypass in ISA for the main DC server, Make sure DNS is right for ISA, Try checking open ports to ensure you have right connectivity and you can reach to DC on 389 port and 3268 port for both branch and main office dc
1. Make sure the clients at branch office uses DNS of both local server and at main office
2. Make sure DNS is running on Branch office
3. Make the branch office DC a Global Catalog server
4. Try testing : If you still have issues then check for event logs by logging locally and see if their is any log on DC
For ISA to become member, Make sure the IP is bypass in ISA for the main DC server, Make sure DNS is right for ISA, Try checking open ports to ensure you have right connectivity and you can reach to DC on 389 port and 3268 port for both branch and main office dc
but we cant make isa member server at brach office
There is no such thing as joining at one office or the other. It is ONE domain,..you either join the domain or you don't,...locations are irrelevant.
The ISA machine must be joined tot he Domain BEFORE the ISA Software is installed so that the Installation Routines detect the Domain build the correct System Policies within ISA to be able to interact with the Domain correctly.
All machines in need to list the DC from their own location as the first DNS in their TCP/IP Specs
Then you need to correctly setup Active Directory Sites and Services. This is what controls which DCs are used for authentication for particular things in a particular site. this is also what regulates the Replication between the two DCs over the WAN link.
There is no such thing as joining at one office or the other. It is ONE domain,..you either join the domain or you don't,...locations are irrelevant.
The ISA machine must be joined tot he Domain BEFORE the ISA Software is installed so that the Installation Routines detect the Domain build the correct System Policies within ISA to be able to interact with the Domain correctly.
All machines in need to list the DC from their own location as the first DNS in their TCP/IP Specs
Then you need to correctly setup Active Directory Sites and Services. This is what controls which DCs are used for authentication for particular things in a particular site. this is also what regulates the Replication between the two DCs over the WAN link.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions.
Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
Suggested Courses
Course of the Month8 days, 11 hours left to enroll
764 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.