WAN Links and Domain Login

I have a Domain Controller running Windows Server 2003 in a clients
Central Location and VPN connectivity to all other locations. Each
location has a server that holds a Primary copy of DNS.

When the VPN Goes down between "Branch location A" and the Central
Location, no one at "Branch Location A" can access the internet or Log
onto the domain.

My question is, if I promote the server at "Branch Location A" to a
Domain Controller with DNS, will this alleviate this condition? The
server at "Branch Location A" is Currently a Windows Server 2003 Member
server.

I am not sure how this will affect your internet access, as this depends on
a lot more factors

Regarding logging onto domain, yes, when you promote the branch-server to be
a DC, users in that branch will be able to logon to the domain when the
connection to the Central Location has gone down

HTH
_Edwin.


"digitalkid" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
> I have a Domain Controller running Windows Server 2003 in a clients
> Central Location and VPN connectivity to all other locations. Each
> location has a server that holds a Primary copy of DNS.
>
> When the VPN Goes down between "Branch location A" and the Central
> Location, no one at "Branch Location A" can access the internet or Log
> onto the domain.
>
> My question is, if I promote the server at "Branch Location A" to a
> Domain Controller with DNS, will this alleviate this condition? The
> server at "Branch Location A" is Currently a Windows Server 2003 Member
> server.
>

Edwin vMierlo wrote:
> I am not sure how this will affect your internet access, as this depends on
> a lot more factors
>
> Regarding logging onto domain, yes, when you promote the branch-server to be
> a DC, users in that branch will be able to logon to the domain when the
> connection to the Central Location has gone down
>
> HTH
> _Edwin.
>
>
> "digitalkid" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed) oups.com...
> > I have a Domain Controller running Windows Server 2003 in a clients
> > Central Location and VPN connectivity to all other locations. Each
> > location has a server that holds a Primary copy of DNS.
> >
> > When the VPN Goes down between "Branch location A" and the Central
> > Location, no one at "Branch Location A" can access the internet or Log
> > onto the domain.
> >
> > My question is, if I promote the server at "Branch Location A" to a
> > Domain Controller with DNS, will this alleviate this condition? The
> > server at "Branch Location A" is Currently a Windows Server 2003 Member
> > server.
> >

Thanks Edwin,

I will have to experiment with the DNS. I am guessing that if it is a
primary zone and Active Directory integrated with forwarders and root
hints that there should be no problem.

Thanks you again for your reply,

Jason.

"digitalkid" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
> I will have to experiment with the DNS. I am guessing that if it is a
> primary zone and Active Directory integrated with forwarders and root
> hints that there should be no problem.

You don't have to experiment with Zones or anything. Just promote the
machines at the sites to a DC and DNS will replicate from the DNS on the DC
at the Main site. The best thing to do with DNS at the remote sites is to
stay away and not touch it.

However you do need the right infrastructure. Each site needs to be its own
subnet and the Sites Object and the Subnet Object in AD needs to be
configured. AD Sites are identified by their Subnet and the Sites Object is
what controls and maintains the AD replication over the slow WAN Links.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com