Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users
Course Of The Month
3 days, 4 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Isa server 2004 and windows server 2008 ADC on branch office
Posted on 2011-03-05
Hi Experts,
I have a main office for example abc.com and here windows server 2008 domain controller is installed with 100 clinets, ISa server 2004 is used to connect one branch office with main office and windows server 2008 aditional domain controller is installed there, every things are fine, we can join clients at branch office and as well at the main office but we cant make isa member server at brach office.
also when the site to site vpn is down the branch office users can't login, I tried and worked for 5 days but could not find solution for it,
your on time assistance will be appreicated,
thanks
I have a main office for example abc.com and here windows server 2008 domain controller is installed with 100 clinets, ISa server 2004 is used to connect one branch office with main office and windows server 2008 aditional domain controller is installed there, every things are fine, we can join clients at branch office and as well at the main office but we cant make isa member server at brach office.
also when the site to site vpn is down the branch office users can't login, I tried and worked for 5 days but could not find solution for it,
your on time assistance will be appreicated,
thanks
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3 Comments
Here are some items you should look at :
1. Make sure the clients at branch office uses DNS of both local server and at main office
2. Make sure DNS is running on Branch office
3. Make the branch office DC a Global Catalog server
4. Try testing : If you still have issues then check for event logs by logging locally and see if their is any log on DC
For ISA to become member, Make sure the IP is bypass in ISA for the main DC server, Make sure DNS is right for ISA, Try checking open ports to ensure you have right connectivity and you can reach to DC on 389 port and 3268 port for both branch and main office dc
1. Make sure the clients at branch office uses DNS of both local server and at main office
2. Make sure DNS is running on Branch office
3. Make the branch office DC a Global Catalog server
4. Try testing : If you still have issues then check for event logs by logging locally and see if their is any log on DC
For ISA to become member, Make sure the IP is bypass in ISA for the main DC server, Make sure DNS is right for ISA, Try checking open ports to ensure you have right connectivity and you can reach to DC on 389 port and 3268 port for both branch and main office dc
but we cant make isa member server at brach office
There is no such thing as joining at one office or the other. It is ONE domain,..you either join the domain or you don't,...locations are irrelevant.
The ISA machine must be joined tot he Domain BEFORE the ISA Software is installed so that the Installation Routines detect the Domain build the correct System Policies within ISA to be able to interact with the Domain correctly.
All machines in need to list the DC from their own location as the first DNS in their TCP/IP Specs
Then you need to correctly setup Active Directory Sites and Services. This is what controls which DCs are used for authentication for particular things in a particular site. this is also what regulates the Replication between the two DCs over the WAN link.
There is no such thing as joining at one office or the other. It is ONE domain,..you either join the domain or you don't,...locations are irrelevant.
The ISA machine must be joined tot he Domain BEFORE the ISA Software is installed so that the Installation Routines detect the Domain build the correct System Policies within ISA to be able to interact with the Domain correctly.
All machines in need to list the DC from their own location as the first DNS in their TCP/IP Specs
Then you need to correctly setup Active Directory Sites and Services. This is what controls which DCs are used for authentication for particular things in a particular site. this is also what regulates the Replication between the two DCs over the WAN link.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
A safe way to clean winsxs folder from your windows server 2008 R2 editions
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job.
The first step is to acquire the necessary licen…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten.
The USB drive must be s…
Suggested Courses
Course of the Month3 days, 4 hours left to enroll
Earn Certification
MCSA Configuring Windows 7 Exam 70-680
$49.00$44.10
696 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.