kingbear2MemberApr 23, 2015 at 9:30 am #165204
I am managing a client who has one corporate office with a DC, and about 20 locations throughout the state with one computer at each location. We need to be able to properly manage these 20 machines through domain policies, so what we’ve done is as follows:
Each location has a VPN back to corporate. Each machine has been joined to the domain. Each machine’s DNS points to the DC back at corporate (over the VPN). The issue we are having is when the VPN fails or when the corporate office internet goes out, none of the remote locations can access the internet because they only have the DNS of the DC over the VPN. How do we allow the remote machines to use their local router (or OpenDNS) as their DNS, yet still remain connected to the DC at corporate so that we can keep them in sync and apply policies, and ensure they have uninterrupted DNS?
I was thinking along the lines of a corporate entity (let’s say United Airlines) that has laptops and executives traveling all over. The laptop is joined to the domain, which I suppose means that DNS needs to point to a DC, but that can’t be the case because when they are home they would not get name resolution. And if the answer is that you join the machines to the domain at corporate and then let the machine roam with whatever DNS it picks up, how do you ensure that the machine doesn’t tombstone, lose the trust relationship with the domain, and cached credentials don’t run out?
I appreciate the time you take to answer my question.
You must be logged in to reply to this topic.