VPN users not authenticating

We lost a domain controller last week which caused us lots of problems but most of them are now resolved except we have a number of users who connect via VPN who cannot access any file shares on the servers.

When they try to connect to a share, it prompts for a username and password with a message to say "The system detected a possible attempt to compromise security.  Please ensure that you can contact the server that authenticated you"

I suspect the problem relates to the subnet that the VPN users are coming from as when the user plugs directly into the LAN, the computer works perfectly, but I can't prove my theory as neither the client nor the server log any errors that I can see.

The domain controller that went down also served as a DNS server and I'm not sure that is working correctly but any suggestions for troubleshooting this problem greatly received!

Many thanks
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SandeshdubeySenior Server EngineerCommented:
I would recommend to verify the health of DCs first by running dcdiag/q and repadmin /replsum.You mentioned on DC is removed,how was the demotion normal or forcefully?.If server was crashed have you performed metadata cleamup?

You need to point the VPN client DNS setting to online dns DC as this may be one of the cause.

Ensure that DNs/DC role is configured on all DCs.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
cjohnson300Author Commented:
It was the dcdiag that pointed me to the problem.  The KDC service wasnt running on the DC on the LAN the VPN users were connecting to, hence the authentication/trust issues.  Restarting the service (changing from Disabled) cured the problem it seems.

When the machine was plugged into the LAN directly, it was able to contact a different DC at another site which is why it worked ok then.

Many thanks for your help
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.