Help - Search - Members - Calendar
Full Version: Active Directory through WAN Problem
Neowin Forums > Windows Support > Windows NT4/2000/2003/2008 Server
Torment
Oct 31 2004, 05:47
I have two sites joined together by a 2MBit Fibre Link. Both Sites have a DC (2000 Servers) and an Exchange Server (Exchange 2000) each. Both sites operating within the same domain name to login. (IE: mydomain.com).

The problem I have it that if the Fibre link goes down one site (the one without the PDC, Operational Master etc) will not let my users connect/login to the domain and I get the usual message that no authority could be found when trying to connect to the Active Directorty Users and Computer, Site and Services etc. Once the link is re-established I get my Atcive Directory working fine.

Any ideas on how I can fix this so if the link goes down my users can login in normally ?
MazX_Napalm
Oct 31 2004, 20:35
Replication doing its thing right? Check that they have replicated.
Have you got DNS's and DHCP's on both servers?
Aaron P
Oct 31 2004, 22:15
Have you made the second DC a Global Catalog? See Help and Support on how to make it a GC.
Torment
Oct 31 2004, 23:51
Quote - (MazX_Napalm @ Nov 1 2004, 06:35)
Replication doing its thing right? Check that they have replicated.
Have you got DNS's and DHCP's on both servers?
[snapback]584839915[/snapback]


Replication is fine, both have DHCP and DNS Running, both on different networks

IE: 192.168.1.X and 192.168.2.X (Examples)


Quote - (agenta @ Nov 1 2004, 08:15)
Have you made the second DC a Global Catalog? See Help and Support on how to make it a GC.
[snapback]584840401[/snapback]


Both are GC Servers.
Aaron P
Nov 1 2004, 00:52
Run DCDIAG and NETDIAG on both servers. Anything in the event logs that is applicable?
BudMan
Nov 1 2004, 20:36
What OS(s) are your clients running - NT? Are you running mixed mode or native? I do believe that NT machines will need to talk to the DC running the PDC emulator to log in - but they should be able to login from cache, unless you have turned that off?
Hack95TA
Nov 1 2004, 23:36
If you are running in Native Mode then your Domain Controllers are equal, there is no Primary Domain Controller.

It almost sounds like you and your users are trying to authenticate with the domain controller on the other part of the WAN instead of the DC on your own segment.
Torment
Nov 7 2004, 12:30
Quote - (agenta @ Nov 1 2004, 10:52)
Run DCDIAG and NETDIAG on both servers.  Anything in the event logs that is applicable?
[snapback]584841229[/snapback]


Starting test: Services
NtFrs Service is stopped on [xxxx]
IsmServ Service is stopped on [xxxx]
TrkSvr Service is stopped on [xxxx]

These are the only errors that pop up. These are usually on Manual but in the IsmServ the default is disabled (which mine is)

All others passed.



Quote - (BudMan @ Nov 2 2004, 06:36)
What OS(s) are your clients running - NT?  Are you running mixed mode or native?  I do believe that NT machines will need to talk to the DC running the PDC emulator to log in - but they should be able to login from cache, unless you have turned that off?
[snapback]584845720[/snapback]


All Clietns are either Windows 2000 or WinXP


Quote - (Hack95TA @ Nov 2 2004, 09:36)
If you are running in Native Mode then your Domain Controllers are equal, there is no Primary Domain Controller.

It almost sounds like you and your users are trying to authenticate with the domain controller on the other part of the WAN instead of the DC on your own segment.
[snapback]584846530[/snapback]



Servers are running in mixed mode, we had some Windows 98 Machines that we just replaced. It looks like the clients ARE going through the WAN to get authenticated....
ahodes1
Nov 7 2004, 15:35
Post your event log files from your DC that's at the site without the PDC
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2009 Invision Power Services, Inc.