Users at main site are authenticating to remote sites DC
I have a site to site tunnel setup. At my remote site I have a DC, DHCP, DNS, & F/P server, specifically for the users located at the remote site. I have noticed that I have users at my main site authentiating to the remote server.
How can I prevent this?
I would still like the ability for the users at the remote site to authenticate to the main sites DC in the event their server goes down. Is there a way to specify an order to which servers sites should try to authenticate to?
How can I prevent this?
I would still like the ability for the users at the remote site to authenticate to the main sites DC in the event their server goes down. Is there a way to specify an order to which servers sites should try to authenticate to?
Member_2_4940386
Do you have the sites defined in Active directory?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
No I never setup any sites in AD. I just have all my servers in teh Default-First-Site and an OU under that called servers which houses the two DC's at main site, and the one DC at remote site. This is the first remote DC we have. So I just create site in the AD directory Sites and Services.msc. I currently have the a GC and DHCP at main and remote site.
So at the remote site I should have the DHCP server pointing to that DNS server first in the TCP/IP properties? What about for a secondary DNS server, is it okay for those clients to point to the main sites DNS server?
So at the remote site I should have the DHCP server pointing to that DNS server first in the TCP/IP properties? What about for a secondary DNS server, is it okay for those clients to point to the main sites DNS server?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yes you would point the secondary to the HQ DNS server for redunancy.
ASKER
I created a site for the remote network, and defined the subnet, linking it to remote site. I haven't moved the server to the newly created remote site. Do I need to do somethign with Inter-Site Transports to make sure my IP and SMTP traffic continue to flow?
ASKER
I moved the server over to the remote site... I also created a site for the Main site and moved the servers out of the Default First site container. Is that a bad idea, do I always need to have objects in the default first-site?
Do I need to configure anything else that will allow the clients at the remote site to authenticate to the main site if the remote DC goes down?
Do I need to configure anything else that will allow the clients at the remote site to authenticate to the main site if the remote DC goes down?
I would leave the HQ servers in the Default site you can change the name if you want do but I would leave it alone