Trouble finding DC to authenticate against?

Hope you guys and ladies can shed some light on this one for me. We have 2
2003 DC's at our corporate location and a new 2003 DC in a remote facility in
Mexico. Last week the Mexico facility lost its link to the corporate
location here in the states and all of the XP clients in Mexico could not
login. They received the error that no domain controller could be found for
your domain etc. Event ID 5719 in the system log of the clients. My
question is why would the local clients not see the DC that is at there local
site and what would cause this?

"Jeff M" <(E-Mail Removed)> wrote in message
news:B057626B-476C-4E11-8C7D-(E-Mail Removed)...
> Hope you guys and ladies can shed some light on this one for me. We have
2
> 2003 DC's at our corporate location and a new 2003 DC in a remote facility
in
> Mexico. Last week the Mexico facility lost its link to the corporate
> location here in the states and all of the XP clients in Mexico could not
> login. They received the error that no domain controller could be found
for
> your domain etc. Event ID 5719 in the system log of the clients. My
> question is why would the local clients not see the DC that is at there
local
> site and what would cause this?

Because they have your DC/DNS listed in their DNS settings instead of their
own.

Use active Directory "Sites". The purpose of the Sites Object in AD is to
manage remote locations over slow links (a.k.a. undependable links). The AD
separation of Sites is by IP Segment so make sure every Site is a different
subnet. Read-up on how to use them and follow their recommendation on how
clients in each Site should configure their DNS settings.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

Thanks, will set up a test with the Mexico facility. the funny thing is that
I questioned this with a senior engineer I work with just yesterday. Will
let you know the results.

Thanks for the guidance.

"Phillip Windell" wrote:

> "Jeff M" <(E-Mail Removed)> wrote in message
> news:B057626B-476C-4E11-8C7D-(E-Mail Removed)...
> > Hope you guys and ladies can shed some light on this one for me. We have
> 2
> > 2003 DC's at our corporate location and a new 2003 DC in a remote facility
> in
> > Mexico. Last week the Mexico facility lost its link to the corporate
> > location here in the states and all of the XP clients in Mexico could not
> > login. They received the error that no domain controller could be found
> for
> > your domain etc. Event ID 5719 in the system log of the clients. My
> > question is why would the local clients not see the DC that is at there
> local
> > site and what would cause this?
>
> Because they have your DC/DNS listed in their DNS settings instead of their
> own.
>
> Use active Directory "Sites". The purpose of the Sites Object in AD is to
> manage remote locations over slow links (a.k.a. undependable links). The AD
> separation of Sites is by IP Segment so make sure every Site is a different
> subnet. Read-up on how to use them and follow their recommendation on how
> clients in each Site should configure their DNS settings.
>
> --
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
>
>
>

Jeff M wrote:
> Hope you guys and ladies can shed some light on this one for me. We
> have 2 2003 DC's at our corporate location and a new 2003 DC in a
> remote facility in Mexico. Last week the Mexico facility lost its
> link to the corporate location here in the states and all of the XP
> clients in Mexico could not login. They received the error that no
> domain controller could be found for your domain etc. Event ID 5719
> in the system log of the clients. My question is why would the local
> clients not see the DC that is at there local site and what would
> cause this?

In addition to Phillip's recommendation for setting up AD Sties and
Services.

You should make sure the DC in Mexico has DNS installed, has a zone for the
Active Directory domain, and that the Clients in Mexico use it for DNS. They
can use the corporate DNS as an Alternate but not an ISP or other external
DNS. The DC in Mexico should use itself AND one or both of the corporate DCs
for DNS.
The DC in Mexico should also be a Global catalog server or have Universal
Group Membership caching enabled. See: "cache universal group memberships"
in Active Directory help on enabling this.


--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

Yes, the DC in Mexico does have DNS installed already and we are making the
changes for the clients down there to point to there local first and then to
corp second and third. Thanks for all the help!

"Kevin D. Goodknecht Sr. [MVP]" wrote:

> Jeff M wrote:
> > Hope you guys and ladies can shed some light on this one for me. We
> > have 2 2003 DC's at our corporate location and a new 2003 DC in a
> > remote facility in Mexico. Last week the Mexico facility lost its
> > link to the corporate location here in the states and all of the XP
> > clients in Mexico could not login. They received the error that no
> > domain controller could be found for your domain etc. Event ID 5719
> > in the system log of the clients. My question is why would the local
> > clients not see the DC that is at there local site and what would
> > cause this?
>
> In addition to Phillip's recommendation for setting up AD Sties and
> Services.
>
> You should make sure the DC in Mexico has DNS installed, has a zone for the
> Active Directory domain, and that the Clients in Mexico use it for DNS. They
> can use the corporate DNS as an Alternate but not an ISP or other external
> DNS. The DC in Mexico should use itself AND one or both of the corporate DCs
> for DNS.
> The DC in Mexico should also be a Global catalog server or have Universal
> Group Membership caching enabled. See: "cache universal group memberships"
> in Active Directory help on enabling this.
>
>
> --
> Best regards,
> Kevin D. Goodknecht Sr. [MVP]
> Hope This Helps
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> http://support.wftx.us/
> https://secure.lsaol.com/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ===================================
>
>
>