|If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.|
||Thread Tools||Display Modes|
Security Group Membership Breaks AD Authentication
I seem to be having a strange problem with my Active Directory user
We have a Windows 2008 AD domain, with our only domain controller
located at a remote data center. All of our locations have MPLS
connectivity to the data center, with varying speeds.
Users at my largest office seem to lose the ability to properly
authenticate to AD if they are added to too many security groups. At
first we thought it was a specific group causing the problem, but any
new group will reproduce the issue. There doesn't seem to be any magic
number of groups that causes the problem either. Some users are already
members of 3-4 security groups, add a 5th one and authentication breaks.
When the problem occurs, users no longer seem to authenticate to the
domain. They log onto their computer and do not run the login script.
Login also takes a lot longer -- it seems to sit and wait for a while
before completing. Once the user is logged into their PC, they can't
access any networked resources. If I try and map a network drive, I'll
get prompted for credentials. Enter the credentials & I can access the
Anyone every experienced anything like this or have any idea what might
be going on? I suspect it might be related to latency between my office
and the domain controller -- the DC is physically located in another
part of the country and accessed through a 5mb bonded T1 connection.