none
Users cannot login to Terminal Server in Branch Office when the WAN link is down

    Question

  • I have a small remote office with a server running Dynamics Ax and Terminal Services all on the one box. Head office and the remote office all run off the same single domain internal.<mycompany>.com. As soon as the link goes down the user receives an error logging in "The specified domain either does not exist or could not be contacted.
    Our Head office runs Windows 2003 R2, the remote office is Windows Server 2008. 
    Note the WAN is extremely low bandwidth link
    Would RODC fix this?

    Thanks in advance 

    Warren
    Wednesday, November 18, 2009 7:28 AM

Answers

  • Hi Warren,

    According to your description, I assume that there is no DC in
    remote office so applications could not locate domain controllers when the network connection is down.


    Yes, as you mentioned, RODC can help in this scenario. However, when the WAN is offline, an RODC can authenticate only the users and resources for which it has cached passwords. If you have a strong requirement that any user must be able to authenticate in the branch office location, you may want to place a writable domain controller at that branch office location. As an alternative, you can place an RODC at the branch office location and configure the RODC so that all users’ credentials are allowed to replicate to it. You can then have an automated process in place that caches the credentials of the users, computers, and other resources that are located in the branch office. This way, you can take advantage of other RODC features.

     

     

    To decide which type of domain controller can meet your requirement, please refer to the following TechNet link:

     

    Deciding Which Type of Domain Controller Meets the Needs of a Branch Office Location

    http://technet.microsoft.com/en-us/library/dd736142(WS.10).aspx


    Laura Zhang - MSFT
    Thursday, November 19, 2009 10:40 AM
    Moderator

All replies

  • Hello Warren,

     

    Please provide more details to us, which includes:

     

    ·          The topology of your Brach Office design and network.

    ·          When did the issue begin to occur?

    ·          When you said the “as soon as the link goes down the user receive an error …”, do you mean the user cannot log onto the Windows Server 2008-based server locally or remotely?

    Thanks.

     

    ·         Lionel Chen

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfd@microsoft.com

    Thursday, November 19, 2009 9:05 AM
  • Hi Warren,

    According to your description, I assume that there is no DC in
    remote office so applications could not locate domain controllers when the network connection is down.


    Yes, as you mentioned, RODC can help in this scenario. However, when the WAN is offline, an RODC can authenticate only the users and resources for which it has cached passwords. If you have a strong requirement that any user must be able to authenticate in the branch office location, you may want to place a writable domain controller at that branch office location. As an alternative, you can place an RODC at the branch office location and configure the RODC so that all users’ credentials are allowed to replicate to it. You can then have an automated process in place that caches the credentials of the users, computers, and other resources that are located in the branch office. This way, you can take advantage of other RODC features.

     

     

    To decide which type of domain controller can meet your requirement, please refer to the following TechNet link:

     

    Deciding Which Type of Domain Controller Meets the Needs of a Branch Office Location

    http://technet.microsoft.com/en-us/library/dd736142(WS.10).aspx


    Laura Zhang - MSFT
    Thursday, November 19, 2009 10:40 AM
    Moderator
  • Hello Warren,

    Is the Laura's response answer your question?

    If you have any further question on this topic, please follow up here to let us know.

    Thanks.

    Lionel Chen

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfd@microsoft.com

    Tuesday, November 24, 2009 2:07 AM