Re: Remote site loses access to member server when WAN goes down

From: David Schrag (david-no-spam_at_schrag.net)
Date: 08/14/04 

Date: Sat, 14 Aug 2004 08:42:04 -0400

How dumb of me. I must have confused the limitations regarding multiple
domains with a limit on multiple domain controllers. Time for dcpromo ....

"Jeff Middleton [SBS-MVP]" <jeff@cfisolutions.com> wrote in message
news:OxyVWkTgEHA.2896@TK2MSFTNGP11.phx.gbl...
> Your assumption is incorrect, you can make the other server a DC. If you
do
> that, then you will have authentication at the remote site, therefore
access
> to the shared resources it host. What you may still find is that users
with
> Outlook obviously can't reach the Exchange Server, so that's not going to
> solve the email/contacts information entirely. You could use Offline
Folders
> to give some support, but frankly I think that's more confusing for rare
> occasions than it's worth. The bigger problem is usually that the
computers
> seem to freeze when Outlook can't reach the Exchange Server. If you close
> Outlook, then you can work without the interuption.
>
>
>
> "David Schrag" <david-no-spam@schrag.net> wrote in message
> news:e4OJVZTgEHA.1048@tk2msftngp13.phx.gbl...
> > I have a main office running SBS03 and a remote office with a Windows
2003
> > member server. They are connected with a VPN between two hardware
> firewalls.
> > Yesterday the VPN went down because of a phone line failure and everyone
> in
> > the remote office lost access to the local member server. When they
tried
> to
> > access a share on the server, there was a long delay followed by a
> password
> > prompt. If they put in their own password, they got a message to the
> effect
> > of "I tried that one already and there's no domain controller to
validate
> > your password; try again." It also failed if they tried to put in a
> > different user's password. As soon as the VPN was restored, everything
> > started working fine again.
> >
> > Fortunately this is the first time the VPN has failed in the few months
> > since this whole thing was set up, but surely it will happen again
> someday.
> > I did not realize that cutting off access to the domain controller would
> > mess up access to the member server like this. I guess I just assumed
that
> > since users could still log into their computers using cached
credentials
> > when connection to the domain controller was lost, that they'd still
have
> > access to the member server as well.
> >
> > So what do I do to prepare for the next VPN outage? I can't make the
> remote
> > member server a backup domain controller in an SBS environment, right?
Is
> > there anything else I can do to make that server grant access to the
> remote
> > office's users?
> >
> > Here's something I tried. If I logged into a remote office computer as
the
> > local administrator, I was able to gain access to the member server's
> shares
> > by drilling through My Network Places, Entire Network, etc. -- but only
if
> I
> > supplied the domain administrator's user name and password when
prompted.
> > Regular users were denied access. I was thinking that I could create a
> local
> > user account on each PC and tell them to log in locally if the VPN
failed.
> > But obviously I don't want them all logging in as the domain admin when
> they
> > want access to their files.
> >
> > Any thoughts? I'd hate to go back to the client and say "guess what ...
> > looks like SBS was the wrong product for you!"
> >
> >
>
>

Relevant Pages

  • Remote site loses access to member server when WAN goes down
    ... I have a main office running SBS03 and a remote office with a Windows 2003 ... They are connected with a VPN between two hardware firewalls. ... the remote office lost access to the local member server. ... I did not realize that cutting off access to the domain controller would ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN domain membership. Perhaps a dumb question.
    ... We're running Cisco PIX site-to-site VPN ... my remote user can't authenticate to my VPN ... After a long plane ride, the Laptop powers up on the remote office LAN ... Laptop queries the DNS which is also the Domain Controller that it ...
    (microsoft.public.win2000.networking)
  • Re: Remote site loses access to member server when WAN goes down
    ... >> member server. ... They are connected with a VPN between two hardware ... >> the remote office lost access to the local member server. ... >> I did not realize that cutting off access to the domain controller would ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN partially works
    ... for vpn is mapped to internal IP #2 (domain controller), ... the branch office can successfully access their email. ... drive to the member server. ... My understanding is that if VPN is configured correctly, ...
    (microsoft.public.windows.server.networking)
  • Re: Remote site loses access to member server when WAN goes down
    ... "I can't make the remote member server a backup domain controller in an SBS ...
    (microsoft.public.windows.server.sbs)