Re: User authenication from remote site ?

---

• From: mbco <mbco.3lp4rc@xxxxxxxxxxxxx>
• Date: Thu, 8 Jan 2009 17:52:31 +0530

---

Dear Patrick

I use always use replmon to check this

Martijn B

Patrick;4168965 Wrote:

Dear all,

Thank you for your advice. It is pretty helpful.

We have set up site and assign subnet to it. We would like to know is
there
any easy way to check whether it works or not ?

Thanks again
Patrick

"Paul Bergson" <pbbergs@xxxxxxxxxxxxx> wrote in message
news:3F68935B-EFA6-42D9-A406-6030045137AD@xxxxxxxxxxxxxxxx

To authenticate at the remote site you should have the following
configured:
A seperate site defined in Sites and services along with the ip

addresses

of the RS
A global catalog defined at the remote site
A dns server at the RS, this will protect them in the event of a lost

link

All clients at RS point to local RS for dns and then HQ for dns

This won't help for any data that needs to traverse the connection

As far as data access from RS to HQ all of this probably has no
connection. If you are attempting to bring data accross the link

examine

the bandwidth and purchase a bigger pipe if need be.

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup

This

posting is provided "AS IS" with no warranties, and confers no

rights.

"Patrick" <Patrick@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:%23g2nJEKcJHA.1336@xxxxxxxxxxxxxxxxxxxxxxx

We just migrate to Active Directory from another NOS.

There is a domain controller at the Head Quarter (Let us call it HQ)

and

there is another at remote site (Let use call it RS). Both DCs

belong

to the same domain. The implementation is set up by a consultant.

Users at remote site finds that the response time for accessing data

from

HQ is not good.

The consultant says that it is due to
1) Replication of data of AD between HQ and RS
2) Users at RS has to authenticate via HQ (Not RS)

In this way, he says that he has done the following
1) Schedule for replicate is limited to 4 times a day
2) Not much can be done though he has set up Global Catalog on RS

I would like to seek your advice on whether his saying is correct ?
Besides, which component makes HQ as the domain controller that is
responsible for authentication.

--
mbco
------------------------------------------------------------------------
mbco's Profile: http://forums.techarena.in/members/mbco.htm
View this thread: http://forums.techarena.in/active-directory/1099484.htm

http://forums.techarena.in

.

---

• References:
  • User authenication from remote site ?
    • From: Patrick
  • Re: User authenication from remote site ?
    • From: Paul Bergson
  • Re: User authenication from remote site ?
    • From: Patrick

• Prev by Date: Re: Find DN Path
• Next by Date: Replmon in Windows 2008
• Previous by thread: Re: User authenication from remote site ?
• Next by thread: Re: User authenication from remote site ?
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: AD site design ... authentication I should break each office location down ... into sites...then each user would authenticate to the ... domain controller in his site This as I ... understand it is INTERSITE replication. ... (microsoft.public.windows.server.active_directory) RE: hosts not using alternate DCs ... These enable a client to locate a domain controller that is running the ... Windows Server 2003–based domain controllers that are running the KDC service ... > could not authenticate with the shopcart server causing our website to go ... i have since gone in and configured replication to auto discover ... (microsoft.public.windows.server.active_directory) User authenication from remote site ? ... There is a domain controller at the Head Quarter and there is another at remote site. ... Users at remote site finds that the response time for accessing data from HQ is not good. ... Replication of data of AD between HQ and RS ... Users at RS has to authenticate via HQ ... (microsoft.public.windows.server.active_directory) Re: Replication of password resets/unlocks ... First off, I know it isn't your fault, but the name urgent replication implies something that it isn't guaranteed to be. ... So if you hit a bridgehead that is backed up with inbound replication requests, even though the request was urgently queued, it can take awhile for that information to get into the bridgehead and then replicated back out. ... Urgent replication is implemented immediately by using RPC/IP to notify replication partners that changes have occurred on a source domain controller. ... In Active Directory domains, a single domain controller in each domain holds the role of PDC emulator, which simulates the behavior of a Windows NT version 3.x-based or Windows NT 4.0-based PDC. ... (microsoft.public.windows.server.active_directory) Re: Thoroughly confused SBS 2003 Server ... fact I first had SBS running on the box that now has the Server Enterprise ... A year ago or moe I put up the second server and made it a domain controller ... The replication generated an error: ... (microsoft.public.windows.server.sbs)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)