From: Ajay Prakash (ajay.prakash@networkpeople.co.in)
Date: Wed Oct 03 2007 - 13:36:38 ART
Hello,
If the remote Xp clients have IP reachibility to the AD and presuming that
none of the required ports are blocked, I'd suspect problems with MTU.
Another reason can be un-ordered delivery of Kerberos packets as it uses
UDP. If you are sure that there is no routing issue, then I would suggest
following the below mentioned two steps.
1. MS article 314825 http://support.microsoft.com/kb/314825
Ping the DC from the XP client with packet size of 1472 and set the DF
bit.
(ping <DC> -l 1472 -f)
If you get a fragmentation error, then either hardcode the MTU on clients
Or Enable PMTU Detection on clients.
2. MS article 244474 http://support.microsoft.com/kb/244474
Force Kerberos to use TCP in place of UDP
Provided everything else is in order, I am sure your clients would be able
to join domain after you follow these steps.
Ajay
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Venkey
Sent: Wednesday, October 03, 2007 11:09 AM
To: ccielab@groupstudy.com
Subject: windows AD across wan link
Hello
Have a situation where the hub site is using cisco 3825 router hosting the
windows DC. And 5 remote site with windows XP pc on their lan connected to
the hub site using a 1841 router.
Question is: is there any specific configuration to be done at the hub site
and remote routers for the remote site PCs to join the AD.
PS:remote PC are able to reach the hub sever via ping.
Thanks.
This archive was generated by hypermail 2.1.4 : Fri Nov 16 2007 - 13:11:11 ART