How to log in a AD domain computer on a remote site

I have a small sales remote site with no DC.
I have sent one of my "main site" user computer that is attach to my AD domain over there and now I would like users configured in my domain to be able to log into that computer.
This computer is located in a remote physical site which has a permanent vpn tunnel to my site.
My site ip range is 192.168.123/24 and over there it's 10.10.10/24

How can I have this domain computer see my domain from there ?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.


Where was the point of failure?  If Network Address Translation is already configured then the remote DC client should be able to see the DC server.
philjansAuthor Commented:
When I put a domain username and password windows tells me the domain cannot be contacted...
I putted in the host file the ip address of my dc    dc1     dc1.domain.local

and that's all.

When I log local and I ping domain.local I get as an answer
The 2 dns server listed are and ... should I had the dns of my server here
Will SzymkowskiSenior Solution ArchitectCommented:
You do not REQUIRE a DC at a remote office to have them on the domain. All you need to do is make sure that you have a VPN tunnel back to the main office (which you stated). Then you just need to configure the the clients to point to your DNS servers on your domain.

You will need to make sure that if you are using a DHCP server to update the scopes with the correct DNS entries as well. Other than that, nothing else is required.

Make sure that you have a completely open tunnel and not blocking anything on the firewall.

You will also want to put the subnet for whatever you remote site is into the same Site where you are pointing the clients to the DC.

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

philjansAuthor Commented:
But if I point the dns to my main domain, that means that if they go on the web and look for an address like, it will request the ip from my DNS server which will add trafic and slow their browsing?
How can I have all dns request for domain.local go to but all other dns request go to their local internet dns provider?
Will SzymkowskiSenior Solution ArchitectCommented:
In that case it will do the DNS query on your DNS servers in the main office. From there you need to setup routing on the firewall at your remote site. So any traffic on 192.168.12x go this route and anythnig else go external.

Another way around this is setting up a Windows DNS server and using this as a Secondary zone for your domain. This way you can add forwarders of your local ISP for each remote facility but still access the domain as well because the zone will be present.

DNS queries are very low bandwidth, so you should not have a problem.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
philjansAuthor Commented:
Thanks for the info!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.