Trouble finding DC to authenticate against?

Discussion in 'Server Networking' started by Jeff M, Jun 28, 2006.

  1. Jeff M

    Jeff M Guest

    Hope you guys and ladies can shed some light on this one for me. We have 2
    2003 DC's at our corporate location and a new 2003 DC in a remote facility in
    Mexico. Last week the Mexico facility lost its link to the corporate
    location here in the states and all of the XP clients in Mexico could not
    login. They received the error that no domain controller could be found for
    your domain etc. Event ID 5719 in the system log of the clients. My
    question is why would the local clients not see the DC that is at there local
    site and what would cause this?
     
    Jeff M, Jun 28, 2006
    #1
    1. Advertisements

  2. Because they have your DC/DNS listed in their DNS settings instead of their
    own.

    Use active Directory "Sites". The purpose of the Sites Object in AD is to
    manage remote locations over slow links (a.k.a. undependable links). The AD
    separation of Sites is by IP Segment so make sure every Site is a different
    subnet. Read-up on how to use them and follow their recommendation on how
    clients in each Site should configure their DNS settings.
     
    Phillip Windell, Jun 28, 2006
    #2
    1. Advertisements

  3. Jeff M

    Jeff M Guest

    Thanks, will set up a test with the Mexico facility. the funny thing is that
    I questioned this with a senior engineer I work with just yesterday. Will
    let you know the results.

    Thanks for the guidance.
     
    Jeff M, Jun 28, 2006
    #3
  4. In addition to Phillip's recommendation for setting up AD Sties and
    Services.

    You should make sure the DC in Mexico has DNS installed, has a zone for the
    Active Directory domain, and that the Clients in Mexico use it for DNS. They
    can use the corporate DNS as an Alternate but not an ISP or other external
    DNS. The DC in Mexico should use itself AND one or both of the corporate DCs
    for DNS.
    The DC in Mexico should also be a Global catalog server or have Universal
    Group Membership caching enabled. See: "cache universal group memberships"
    in Active Directory help on enabling this.


    --
    Best regards,
    Kevin D. Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    http://support.wftx.us/
    https://secure.lsaol.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Jun 28, 2006
    #4
  5. Jeff M

    Jeff M Guest

    Yes, the DC in Mexico does have DNS installed already and we are making the
    changes for the clients down there to point to there local first and then to
    corp second and third. Thanks for all the help!
     
    Jeff M, Jun 28, 2006
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.