Re: They are currently no logon server to service the request

From: Torgeir Bakken \(MVP\) (Torgeir.Bakken-spam_at_hydro.com)
Date: 04/29/04


Date: Thu, 29 Apr 2004 19:05:34 +0200

hotgal wrote:

> Hi
>
> I have a Windows 2000 Server and Windows 2000 Professional
> clients in my LAN environment. In my remote location I
> have Windows 2000 Servers along with Windows 2000 Pro
> clients. I have a LAN to LAN VPN setup between the two
> offices. I tried to create shares on my local computer to
> access the resources in the remote location. However I
> keep getting the error "They are currently no logon server
> to service the request"
Hi

Most likely caused by packet size limitations in the VPN connection.
Active Directory (with default settings) doesn't function very well
when max packet size is less than 2048 bytes (I would think your VPN
connection have a packet size limitation of approx. 1700 or less).

To verify this, try the following ping command (forcing it to use
a packet size of 2048 bytes:

ping -l 2048 -w 5000 <DC name or IP>

You should get "Destination host unreachable" if my suspicion
is correct.

This ping command should work (if not, you have other problems):

ping -l 0 -w 5000 <DC name or IP>

A workaround is to follow the instructions in this article:

How to force Kerberos to use TCP instead of UDP
http://support.microsoft.com/?scid=kb;en-us;244474

On your computers, set MaxPacketSize to 1 and see if helps...

-- 
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/community/scriptcenter/default.mspx