Group Policy Does Not work over site to site VPN

  • Thread starter Thread starter d
  • Start date Start date
D

d

Users can logon to the machines, run their logon script,
can access all network
resources, but group policy is not applied. Group policy
is properly applied everywhere, except through our site-to-
site VPNs.

In the event logs on the client, I am getting the
following error:

Windows cannot obtain the domain controller name for your
computer network. Return value (59).

This is what shows up in userenv.log:

USERENV(f4.a8) 10:40:46:585 ProcessGPOs: DSGetDCName
failed with 59.

I have run the standard nslookup for the SRV records, and
it pulls on the domain controllers with no problems
(_ldap._tcp.dc._msdcs.ActiveDirectoryDomainName)

I have already forced Kerberos to use TCP instead of UDP (
http://support.microsoft.com/?kbid=244474 )



I tried this:

http://support.microsoft.com/default.aspx?scid=kb;en-
us;310456

I ran portqry on ldap port 389, and UDP fails, but TCP
returns the records.

It seems to be a problem with ldap over UDP. Any ideas?
Please help!

Thank You.
 
Back
Top