RRAS on DC

  • Thread starter Thread starter Glen B
  • Start date Start date
G

Glen B

I installed RRAS on DC and everything worked fine. For
various reasons I demoted the RRAS server so it is no
longer a DC. My clients can no longer authenticate to
the domain when their VPN connection points to that
server. I installed RRAS on another DC and of course if
they point to that server they get in. Fine, but I have
a bunch of other clients still looking to the old
server. How do I tell the old DC to look to the current
DC to authenticate the users. I don't have to run RRAS
on a DC do I?

Thanks.
 
No, the RRAS server doesn't need to be a DC. But it does need to be
registered with AD as a remote access server, so that it can relay the
authentication to AD. Otherwise the clients try to authenticate to its local
SAM database.

You can check this using netsh. netsh show registeredserver will display
what RRAS servers are registered. You can add servers using netsh add
registeredserver .
 
Bill, I greatly appreciate your help. You jogged my
memory with your information. I had disabled that
interface in DNS when the machine was a DC because it was
confusing some things in AD. I re-registerd the RRAS
server using netsh as you suggested and it works now.

Thanks again. Nice to get replies from people that know
what they are taling about.

Glen
 
Back
Top