Authentication issues when WAN link is down

[Jon Yonke]

I manage Single Domain with mostly Windows 2000 server sp3
DC's on a network with several WAN connections from VPN to
Private T1 lines. I have Active Directory DC's physically
located at each WAN node, but have authentication problems
at remote locations when the WAN link is down. Users can
not log into the network....

I was under the impression that a locally located Active
Directory DC would authenticate a domain user, even if the
WAN link was down to the other Domain Controllers. What
might be going on here, but more importantly, how can I
fix this authentication issue?

Thanks,

Jon Yonke

 

[Jack Seredyniecki]

Are the DCs at each location Global Catalogs?

 

[Steven Liu [MSFT]]

Hi Jon,

I have 3 suggestions.

1. Please enable Global Catalog on each DC of branch office
2. Install the DNS server on each DC of branch office and point the DNS
option of the clints to related DNS server
3. Configure one site for one branch office

This should solve the problem.

Thanks for using Microsoft News Group!

Sincerely,

Steven Liu

Microsoft Online Partner Support

MCSE 2000

Get Secure! ¨C www.microsoft.com/security

This posting is provided ¡°as is¡± with no warranties and confers no rights.
--------------------
| Content-Class: urn:content-classes:message
| From: "Jon Yonke" <[email protected]>
| Sender: "Jon Yonke" <[email protected]>
| Subject: Authentication issues when WAN link is down
| Date: Wed, 13 Aug 2003 08:19:19 -0700
| Lines: 16
| Message-ID: <[email protected]>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="iso-8859-1"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| Thread-Index: AcNhrkQbX9ZLRYxBTGO8sxG4I2VZpg==
| Newsgroups: microsoft.public.win2000.networking
| Path: cpmsftngxa06.phx.gbl
| Xref: cpmsftngxa06.phx.gbl microsoft.public.win2000.networking:32323
| NNTP-Posting-Host: TK2MSFTNGXA13 10.40.1.165
| X-Tomcat-NG: microsoft.public.win2000.networking
|
| I manage Single Domain with mostly Windows 2000 server sp3
| DC's on a network with several WAN connections from VPN to
| Private T1 lines. I have Active Directory DC's physically
| located at each WAN node, but have authentication problems
| at remote locations when the WAN link is down. Users can
| not log into the network....
|
| I was under the impression that a locally located Active
| Directory DC would authenticate a domain user, even if the
| WAN link was down to the other Domain Controllers. What
| might be going on here, but more importantly, how can I
| fix this authentication issue?
|
| Thanks,
|
| Jon Yonke
|

 

[Jon Yonke]

The servers in each remote location are all DHCP, DNS and
Global Catalog servers. And we have a site setup for each
location in Active Directory. I'll triple check all the
settings though, I certainly could have missed something.

Thanks for the input.

Jon