DC not authenticating local users

Discussion in 'Active Directory' started by Sneakie, Dec 10, 2008.

  1. Sneakie

    Sneakie Guest

    I have a WAN between 2 remote sites. The primary site has the MO and 2 DC's
    and the remote site has 1 DC. When the link between the 2 sites goes down,
    the DC at the remote site fails to authenticate the local users at that
    site. How do I set the remote DC to authenticate the local users at that
    site?
    Thanks
     
    Sneakie, Dec 10, 2008
    #1
    1. Advertisements

  2. Sneakie

    Rajesh J S Guest

    Hi Sneakie

    one of the possible reason is unavailability of Global Catalog (GC)
    In your environment anouth DCS are GCs or not?
    If its not make both DCs as GC. Then it will solve your problem.
    For enableing GC
    http://technet.microsoft.com/en-us/library/cc758330.aspx

    If still same issue please let me know.

    I hope it may help you.

    Rajesh J S
    MCP, MCSA
     
    Rajesh J S, Dec 10, 2008
    #2
    1. Advertisements

  3. Hello Sneakie,

    If you have a single forest domain like domain.com with more sites, make
    all DC's DNS server with AD integrated zones and Global catalog servers.
    The clients preferred DNS server should be the one in there own site. I assume
    this is not the case in the moment. If the site machines can not contact
    a DNS server they can not login. Also make sure that you only use domain
    internal DNS servers on the NIC configuration and no external,s like your
    ISP's DNS server.

    Best regards

    Meinolf Weber
     
    Meinolf Weber [MVP-DS], Dec 10, 2008
    #3
  4. Hello Rajesh,

    Basically a Global catalog is only contacted when you use Universal groups.
    For normal logon's a GC is not needed.

    Best regards

    Meinolf Weber
     
    Meinolf Weber [MVP-DS], Dec 10, 2008
    #4
  5. Sneakie

    Sneakie Guest

    Thank you, will try this as soon as the link is re established, as I am sure
    it would need to be for the GC to replicate across.

    Will keep you posted.
     
    Sneakie, Dec 10, 2008
    #5
  6. Jorge de Almeida Pinto [MVP - DS], Dec 10, 2008
    #6
  7. Howdie!
    [X] What Jorge and Meinolf said :)

    cheers,

    Florian
     
    Florian Frommherz [MVP], Dec 10, 2008
    #7
  8. Hi,
    Is the authentication failed for every user in that remote site?
    Have you configure sites and subnets?
    Are remote DCs also DNS server?
    Are compuets at remote location pointing to DC located in thier site?

    Making Global Catalog in this situation would not help you. You remote users
    should be authenticate by thier remote DCs.

    please check the setting and get back to me.
     
    Rahisuddin Shah, Dec 10, 2008
    #8
  9. Sneakie

    Atif Guest

    I am also having same problem. I have 50 remote office each office has one DC
    /GC/DNS. I have created site for each offices and their subnet in Site and
    Services.

    But when remote users login to domain it does not uses their local DC for
    logon Server it uses redemly logon server.
    Please advice me.

    Thanks
    Atif
     
    Atif, Feb 27, 2009
    #9
  10. Hello Atif,

    If you have a single forest domain like domain.com with more sites, make
    all DC's DNS server with AD integrated zones and Global catalog servers.
    The clients preferred DNS server should be the one in there own site. I assume
    this is not the case in the moment.

    Also make sure that you only use domain internal DNS servers on the NIC configuration
    and no external,s like your ISP's DNS server.

    Best regards

    Meinolf Weber
     
    Meinolf Weber [MVP-DS], Feb 28, 2009
    #10
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.