Hi all,
We have a remote (satellite) office that does not have any local DC's as its only temporary.
The office is setup to connect to one of the other main offices (which is a spoke) in the overall scheme of things. 2 Nortel VPN appliances on either end of the network provides connectivity and are configured to provide DHCP and other client options such as DNS (DC's in the main site) through DHCP. There is also a Netscreen firewall behind these VPN appliances.
We have been successful in replicating the issue from where I am situated but unfortunately cannot make any changes on the AD servers until we have another test site up in the event we need to make registry changes etc . on them.
The issue is very very slow authentication, GPO's may or may not execute. Searching on Google I have only been able to find very minimal information related to Kerberos and packet sizes (MTU) etc. Has anyone run into a similar issue of knows of a work around?
P.S> The remote network has been configured in sites and services pointing to the main office site.
Interestingly enough though the DC's may or may not authenticate clients, at times they would end up being authenticated by the central hub site!
Any leads would be welcome, Most appreciated.... Devan.
List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
