Solved

Log on to domain from different network over vpn

Posted on 2011-09-29
7
161 Views
Last Modified: 2012-06-27
Issue: RPC Server unavailable

I know I'm getting the above error because the Laptop cannot find the DC because I am trying to logon to the domain from a different network over a vpn.  This error happens on those 'branch' networks that have their own DC and a different domain.  i.e. I am loging on to a laptop on the ABC domain but the branch network I'm currently on is on the XYZ domain.  nslookup is clearly not able to find the right DC which is at the other end of the branch VPN.

I have made entries in LMHOSTS to compensate but this does not work in this situation. I obviously cannot make the ABC domain DNS server the primary LAN side DNS entry on the XYZ domain.  So to clarify;
- Laptop configured for logon to ABC domain is traveling to branch Network on XYZ domain
- Laptop user logs on the Laptop to be authenticated over vpn on the ABC DC
- ABC DC is not visible so RPC Server not available

Curious, other than the obvious, what do others do as a permanent solution to fix this?

Thx!
0
Comment
Question by:Defianse
  • 4
  • 2
7 Comments
 
LVL 6

Expert Comment

by:bluemeln
ID: 36816666
Questions:
1. Are XYZ and ABC in the same forest? If yes, are they at the same level, or is XYZ actually XYZ.ABC?
2. Did you ever set up a domain trust?
3. What is the domain level of each domain, i.e. mixed, 2003 (any 2000 or 2008 in the mix)?
0
 
LVL 6

Expert Comment

by:penguinjas
ID: 36816846
You could try creating a DNS fowarder in xyz domain to forward unresolved DNS requests to the ABC domain.  This sounds like an issue with DNS resolution so lmhosts would not make a difference.

To test if it's DNS you could add a host entry for the ABC domain controller on the workstation.  Windows checks the hosts file before querying a DNS server.
0
 

Author Comment

by:Defianse
ID: 36816996
bluemein: Q1 & 2 answer is no.  Q3 answer is server 2003R2 but not really the concern, I don't think.

penguinjas: It's definitely a DNS issue.  Question is how to resolve.  'Add host entry for ADC Domain controller on local machine.  I already have an entry in the hosts file but maybe I need to append the domain name to that entry?  I did that in the lmhosts but not the hosts.  My hosts file contains only the netbios name.  That's sounds like it's a possible solution.  I'll try this.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 

Author Comment

by:Defianse
ID: 36817276
Resolved.

Added remote domain DC to forwarders list in local dns server.  Works perfectly.
0
 

Author Comment

by:Defianse
ID: 36817725
I've requested that this question be closed as follows:

Accepted answer: 0 points for Defianse's comment http:/Q_27361997.html#36817276

for the following reason:

I was able to find the solution before an expert was able to provide me with one.
0
 
LVL 6

Accepted Solution

by:
penguinjas earned 500 total points
ID: 36817726
In my response I stated "You could try creating a DNS fowarder in xyz domain to forward unresolved DNS requests to the ABC domain. " 

He said he "Added remote domain DC to forwarders list in local dns server" to resolve.  

That's what I suggested.
0
 

Author Closing Comment

by:Defianse
ID: 36818464
I'm really sorry!  that's so blatant I don't even know what to say.  I completely misread that (selective I guess) and completely missed the part about dns forwarders.  My apologies and you're so right!  I'd add more point just as a penalty if I could!
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question