Can users still log in computers with remote Domain Controller when primary Domain Controller at corporate down?


Please help me to understand this scenario. We have a primary domain controller server at Corporate site and we also have a member domain controller server at remote site. There is a site-to-site VPN to connect Corporate site and Remote site together. My question is if Primary Domain Controller server at Corporate site goes down, can users at Remote site still log in computers while Domain Controller at Remote site is up and working? I am looking forward for your reply.

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Thomas GrassiSystems AdministratorCommented:

Yes your users will be able to logon to the Remote DC.

run this on both DC's

dcdiag >>dclogx.txt
dcdiag /test:registerindns /dnsdomain:FQDN>>dclogx.txt
dcdiag /c /v >>dclogx.txt
dcdiag /test:dns >>dclogx.txt

Check the results make sure your AD is running ok

If all is good then users from Corporate  will be able to logon also if the Corporate DC goes down.

The VPN is setup on your routers correct ?  What type of routers you have?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Will SzymkowskiSenior Solution ArchitectCommented:
This will work however things like Exchange will not work if the DC in there active directory site is down. So DNS and authentication look ups will work but you need to make sure that your clients DNS settings also have the DNS/DC from the remote site as the secondary DNS server.

randyphamAuthor Commented:

We have Sonicwall firewall at corporate and ASA5510 at Remote site. At this moment i just need to make sure Remote site users can log in at remote site when DC at corporate goes down.


We host our Exchange with Office365 so i guess it won't affect, right.

Thanks all.
Will SzymkowskiSenior Solution ArchitectCommented:
Then Exchange shouldn't be an issue.

Thomas GrassiSystems AdministratorCommented:
That is good so the VPN site to site will remain connected and if the corporate dc goes down your remote users will still be able to login to the remote dc with no problem

Again even the local users can authenticate with the remote dc if the corporate dc is down
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.