Domain controller not responding to client request
Our company has branches which is connected by VPN and wireless
I have installed additional DC/DNS in branches as per below discussion but it seems like there is some misconfiguration as when the wireless or VPN is not connected users(PCs) will take 5-10 minutes to login. Folder redirection also enabled for these users.
https://www.experts-exchange.com/questions/27194599/Suggestion-on-installing-domain-controller.html
I installed ADC and DNS server in branches to avoid this but it seems like users(PCs) are looking for DC in the head office.
Your help is highly appreciated to sort out this issue.
I have installed additional DC/DNS in branches as per below discussion but it seems like there is some misconfiguration as when the wireless or VPN is not connected users(PCs) will take 5-10 minutes to login. Folder redirection also enabled for these users.
https://www.experts-exchange.com/questions/27194599/Suggestion-on-installing-domain-controller.html
I installed ADC and DNS server in branches to avoid this but it seems like users(PCs) are looking for DC in the head office.
Your help is highly appreciated to sort out this issue.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
O.k then it should be related to dns. Have a look at this article msmvps.com/blogs/acefekay/
let us know for further assist.
let us know for further assist.
Is your Sites Server handling DHCP for your workstations? Your not using a router for it are you?
ASKER
we have created a Vlan for it. There is DHCP in the remote locations
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Please check these events I forgot to mention this before
event ID 1925 : the attempt to establish a replication link for the following writable directory partition
Event ID 1053 : windows cannot determine the user or computer name (access denied) Group policy processing aborted
I tried Googling but solutions didn't work
event ID 1925 : the attempt to establish a replication link for the following writable directory partition
Event ID 1053 : windows cannot determine the user or computer name (access denied) Group policy processing aborted
I tried Googling but solutions didn't work
from a client machine do a nslookup to the local dns server
are all of the branch offices able to contact the man ad/dns server?
you may have hq.abc.com ny.abc.com fla.abc.com nev.abc.com la.abc.com eur.abc.com
these all have to be able to connect and have a trust relationship with hq.abc.com
Global Catalog Server TCP 3268-3269
LDAP Server TCP/UDP 389
LDAP SSL TCP/UDP 636
IPsec ISAKMP UDP 500
NAT-T UDP 4500
RPC TCP 135
unless you have a vpn between the sites you will have to use NAT routing from the router to the DNS/AD servers
work on one site at a time once you get dns/ad replication working between the 2 DNS/AD servers you can use the knowledge you have gained
to configure the remainder.
it is pretty obvious that there is not a trust relationship between the hq/branch sites and ad is not being replicated.
are all of the branch offices able to contact the man ad/dns server?
you may have hq.abc.com ny.abc.com fla.abc.com nev.abc.com la.abc.com eur.abc.com
these all have to be able to connect and have a trust relationship with hq.abc.com
Global Catalog Server TCP 3268-3269
LDAP Server TCP/UDP 389
LDAP SSL TCP/UDP 636
IPsec ISAKMP UDP 500
NAT-T UDP 4500
RPC TCP 135
unless you have a vpn between the sites you will have to use NAT routing from the router to the DNS/AD servers
work on one site at a time once you get dns/ad replication working between the 2 DNS/AD servers you can use the knowledge you have gained
to configure the remainder.
it is pretty obvious that there is not a trust relationship between the hq/branch sites and ad is not being replicated.
ASKER
Majority of these are connected through wireless not by VPN.
all branches have ADC not another domain/child domain
all branches have ADC not another domain/child domain
This shouldn't be so complicated.
1. Make sure the Client uses the Local DC in it's TCP/IP Setting. I would recommend that be the only DNS listed.
2. Setup the AD Sites & Services correctly. THAT is what associates the Client to the correct DC
If these don't seem to be behaving properly then you need to make sure these two things were done correctly to begin with.
1. Make sure the Client uses the Local DC in it's TCP/IP Setting. I would recommend that be the only DNS listed.
2. Setup the AD Sites & Services correctly. THAT is what associates the Client to the correct DC
If these don't seem to be behaving properly then you need to make sure these two things were done correctly to begin with.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks
ASKER
Sorry for not mentioning that b4