Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Domain login miracles

Status
Not open for further replies.

revururaj

IS-IT--Management
Jan 25, 2005
41
US
Hello everybody.

We are a small business,and we have a windows 2003 server and its DC is located in philadelphia. We are just simple one site,one domain,one forest setup.

Here comes my question, when couple of my staff try to login to domain from home,philadelphia suburbs ( Comcast Internet services) they cannot login.

But 2 users from NYC suburbs,when they try to login into domain, they CAN LOGIN .they are using (RoadRunner Internet Services).

Can someone explain whats going on?

Am i missing something, is that some kinda of miracle happening with the users from NYC suburbs.
 
what kind of error messages are these users getting... We can't help you if we dont have anything to go on..
 
Hi haga

Thanks for the reply,and when i say they cant login, i mean they cannot get their network drives mappped, also the login process takes forever.

So any help?
 
First question is are the users in NYC actually logging in from home, or do they think they are? Second question, which computer are they using? A work laptop that has already been on the network, or a home PC that has never touched the network? Third question that must be asked is do you have a VPN setup so that home users can log in securely? If a VPN is being used, can you look at the logs and determine what the errors are?
 
Hello tgf

Users from NYC using the laptops which were in the domain. (I also where you are going with this , you might say it might have cached the login information. But how come the users can work on the network drives).

No I dont have any VPN setup.

 
Are they using the cached login, with Offline settings (they have made the network drives available offline)? Without the VPN, I'm just wondering how they would have been able to get to the network. I'm pretty sure that you set this up with a firewall and such, correct?
 
TFG:

Yes you are right, that totally surprises. As iam typing this email, i just checked my file server,and this remote user from NYC is connected and working on some files. How Strange.

So anyways.. coming back to basic question.

Why do we need a VPN to login to domain from home? Iam looking for reason. I have come across through forums, VPN is the only way to loginto domain from remote location.

Domain name thats been used by windows 2000 and after is FQDN. and i still dont understand, why cant we login remotely?

Thanks,
Raj
 
The biggest reason is security. It is a lot more difficult to get into a domain and do damage from the hackers stand point. I don't even want to think what could happen if a hacker/competition were able to get into your network. VPN is not the only way to login to a domain remotely, however, it is the most secure. I would recommend you look into getting a VPN setup as soon as you can.

Back to the problem, do you know how the NYC user is connected? This will probably start the ball rolling on what you need to do to get everything setup correctly.
 
I am thinking ports and firewalls here... The Comcast ISP may be blocking the ports required to login, or the users home router may not be configured correctly. Do the NYC folks use a router? Is anybody using a Router? :) This is a disaster for you waiting to happen, and a hackers treasure chest waiting to be found! Use VPN...


LF

"As far as the laws of mathematics refer to reality, they are not certain; as far as they are certain, they do not refer to reality."--Albert Einstein
 
Now, do the users all have some web address that they type into a browser and then loginto your 2003 Small Business server?

The problem with this is that if someone gets lucky with a password then bam--they're on your network. Are you sure everyone even has a password?
i'm guessing this is some kind IIS /SBS setup--DC on the same box as your webserver etc etc...



 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top