preventing remote clients from logging on to local servers



we have a vpn tunnel seperating our home network and a
remote facility. on the remote network we have a local
domain controller for local clients, and all our other
dc's are located at the home office. the problem is, when
remote clients authenticate to the network, and get their
IP addresses from the local server, they also try to
authenticate to the home networks dc's too. how can i
prevent unnecessary logon traffic across our vpn, and
keep the remote clients from trying to connect across the
internet? Is there any way to specify a preferred logon
server for my remote clients? i heard that i may need to
prevent replication from my remote server in Sites and
Services, but I am not sure.


Kendall College

Steven L Umbach

Creating a site would certainly help. Sites are physical divisions of your network
based on subnets and when a site is created, a domain member will try to authenticate
with a dc in it's site first. Sites are fairly east to set up and the default
settings may work fine. Your replication between domain controllers will also be on a
schedule that you can configure to balance your needs between being current and
available bandwidth. You will also want to make your dc at the remote site a global
catalog server. The deployment guide has an excellent chapter on configuring
ites. --- Steve -- read chapter

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question