Re: GPO's are not implemented in case of Firewall problems
From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 04/30/04
- Next message: Roger Abell: "Re: Domain group policy"
- Previous message: Thomas Marti: "GPO's are not implemented in case of Firewall problems"
- In reply to: Thomas Marti: "GPO's are not implemented in case of Firewall problems"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 30 Apr 2004 05:45:19 -0700
If you have defined sites, three of them, and placed the DCs
each in its correct site, then the clients should all each find
the DC that is within its site (its firewalled area). Since
clients will in their resolver behavior locate a preferred
DC based on site-locality, and on some other things like
preformance optimization, if the dnscache service is running
on them (that is, if they are allowed to use the DNS caching
resolver), if this is not happening, either
1. you do not have sites defined, or fully defined
2. the dns records in the sites subzones are incorrect
3. dnscache is shut off on the clients
or . . .
-- Roger Abell Microsoft MVP (Windows Server System: Security) MCSE (W2k3,W2k,Nt4) MCDBA "Thomas Marti" <thomas.marti@fkd.bl.ch> wrote in message news:%23DN6MyqLEHA.1644@TK2MSFTNGP09.phx.gbl... > Hi > We have a environment with 3 Sites in a Firewall-restricted Network. > Only DC's can communicate through the firewall. if a client tries to load > gpo, it resolves the DC by a DNS query about the domainname. It connects > then to any DC given by DNS Round Robin. If the DC is behind the firewall, > the policy could not be read. how can I fix the problem? > > A workaround is to deploy a hosts file. but there are 3500 clients in the 3 > sites..... > > > thanks > > Thomas > >
- Next message: Roger Abell: "Re: Domain group policy"
- Previous message: Thomas Marti: "GPO's are not implemented in case of Firewall problems"
- In reply to: Thomas Marti: "GPO's are not implemented in case of Firewall problems"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
