Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

optimizing authentication in a slow link network???

Status
Not open for further replies.
Rockstar101

Rockstar101

MIS
Jan 11, 2008
67
US
hello all,

This seems to be a tough one so I though i'd check in with the experts!

I have a situation, we have a domain with plenty of bandwidth but the problem is we have 1000's of branch offices and communication is via slow link bandwidth (vsat). How can authentication be tweaked to work best over this slow link.

If it were only a few sites then I would just put a DC at the site but its not feasible due the large number of sites we have.

Any suggestions? Thank you!
 
Sort by date Sort by votes
How are the branches connecting VPN? If so what kind of VPN setup do you have?
 
Upvote 0 Downvote
we are using satellite, no vpn or vnc, just tcp/ip. hopefully this answers your question. Thanks.
 
Upvote 0 Downvote
This may be of interest;

Planning Regional Domain Controller Placement




Paul
MCSE 2003
MCSA 2003
MCITP Enterprise Administrator

If there are no stupid questions, then what kind of questions do stupid people ask? Do they get smart just in time to ask questions?
Scott Adams
 
Upvote 0 Downvote
Hi Pagy, thanks for the link but placing DC at the location is not feasible since we have 1000s of site, it's just not in the budget.

I was thinking more along the lines of having the clients at the satellite locations authenticate users against their cached credentials and perhaps extending the TTL. This way when a corp user logs into a branch site we eliminate authentication traffic...?

Does that sound correct? or are there other ways to do this?

Thanks!
 
Upvote 0 Downvote
The link spoke about using hub sites, not placing a DC at every site. If some money is available you could look into using certain sites as hub sites..

What's the speed of the satellite link??

Paul
MCSE 2003
MCSA 2003
MCITP Enterprise Administrator

If there are no stupid questions, then what kind of questions do stupid people ask? Do they get smart just in time to ask questions?
Scott Adams
 
Upvote 0 Downvote
Well for start satellite is has latency being it has to up to the satellite and back, that is slow in its self. You would be better having a wired connection like T-1 or cable then creating a VPN connection.
 
Upvote 0 Downvote
ah sorry Pagy, understood. The speed of our Sat is approx 64k, 128 burstable. I understand Sat is slow just because it's Sat due to latency.

Perhaps establishing Hubs within the Sat route may be the way to go.

What about the allowing clients to authenticate users based on their cached credentials? That would also keep the client from having to come all the way back up the DC.

Thanks again!
 
Upvote 0 Downvote
dberg35 - I would love to have a T1 or dsl but its not in our budget but that would be ideal. thanks.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

mangentle
  • Locked
  • Question
What could be the potential causes if a Microsoft Windows Server is experiencing slow network!
Replies
1
Views
912
gbaughma
gbaughma
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
412
DTGMI
DTGMI
ravalos
  • Locked
  • Question
Problem with PDFs in IIS
Replies
1
Views
892
gbaughma
gbaughma
nukeinfer
  • Locked
  • Question
Internet restrictions for isolated PCs in the Network
Replies
1
Views
450
mangentle
mangentle
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
480
Aquiles Vidal
Aquiles Vidal

Part and Inventory Search

Sponsor

Back
Top