Remote Domain Controller problems

  • Thread starter Thread starter John Faris
  • Start date Start date
J

John Faris

Hi all.

I have a Windows 2003 server that it is set as a domain controller but is
not always physically connected to our LAN where the two other domain
controllers are (don't ask!). PCs connect to and authenticate with this
server and that all works fine. However, if I want to make any changes to
active directory (e.g. new users) I have to get the Server connected to the
rest of the LAN so that it can talk to the Operations/Infrastructure Master.
I have acheived this by creating a dial up service that connects to the
remote access service of one of the servers on the main LAN.

When this is connected after a short while active directory will replicate,
but I am having difficulty getting it to apply any changes to the domain
controller security policy. If I try to access this from the remote server
when it is connected to the LAN via the dialup, it opens up a policy named
"Default Domain Controller Security Policy" instead of the one that I get on
the other two domain controllers. What can I do to make it pick up the
correct policy and apply it when the LAN gets connected? Are there any
services I should restart? I hope this makes sense. If any clarification is
needed please ask as I really need to sort this out.

TIA.

John.
 
I don't understand the question, and the DC with FMSO roles you always be
online. How ever Default Domain Controller Security Policy is the same of
all Domain Controllers. If to take the Controller down and policies not
replicated (SYSVOL) settings may not applies

--
Regards,

Christoffer Andersson
No email replies please - reply in the newsgroup

http://www.itsystem.se/employers.asp?ID=1
 
Chriss3 said:
I don't understand the question, and the DC with FMSO roles you always be
online. How ever Default Domain Controller Security Policy is the same of
all Domain Controllers. If to take the Controller down and policies not
replicated (SYSVOL) settings may not applies
Click to expand...

And I don't understand your answer <g>. If I go to Control Panel,
Administrative tools and choose Domain Controller Security Policy on either
of the two domain controllers that are always connected to the LAN I see a
different policy to what I see if I do the same on the Domain Controller
that is not always connected to the LAN.

The ones on the LAn open a window that says "Domain Controller Security
Policy" and Only have a "Windows Settings" branch. The remote server opens
a window that says "Default Domain Controller Security Policy" and only has
a"Security Settings" branch. It seems not to be reading the correct policy
from the domain and I need to correct this.

I hope this helps.
 
Back
Top