By DC, do you mean Data Collector or Domain Controller... In any case, = if you have 2 Domain Controllers (one at each site), then make sure the = Sites are setup correctly, make sure both controllers are Global Catalog = servers, make sure DNS is setup properly on both boxes. For the Data = Collector, make sure you have two zones setups. What is the purpose of having two Citrix servers distributed? I would = make sense to consolidate both servers to a single location and then = you'll have the ability to load balance apps. Joe -----Original Message----- From: Eddie Yarberry [mailto:edwarday@xxxxxxxxx] Sent: Friday, April 25, 2003 12:39 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] auth & conn issues on remote box I have two locations connected with a t1>t1 ipsec vpn. In the first = location I have a W2K sp2/Metaframe XP sp1 box that has been in place = for a year. The 1st W2K domain controller is also in this location. I = have recently installed a new W2K sp3/MetaFrame XP sp2 box in the 2nd = location. This box is the 2nd DC in the domain, and in Citrix I have = joined the farm I had in place. I had built up the server while in = location 1, and installed Citrix there, and when completed moved it to = the new location. The connectivity between the two sites and the servers = is fine. My first problem has to do with authentication... I have an = industry-specific app that domain admins and domain users access on the = old box, and I published a separate copy (named differently) of this app = on the new box with the same users having access. But, so far it seems = people can gain access only if the credentials for the application set = are those of an admin. D-Users can get access to the old app fine, but = not t he new one. In reviewing my setup I realized that I had the new server = on a new subnet in the same zone as the original, and I created a new = zone for the new box with no difference. Any ideas? Also, I will be = having people outside the firewall access this app...just like I have on = the original setup. I have 1494 and 80 open on the firewalls and both = pointed at their citrix boxes, and the only difference I can tell = between the two is that the new box has the xml service port shared with = IIS, while the original just says port 80. I do notice that when I hit = the new box's wan ip I get an Nfuse login screen where I do not on the = old one. Any help with this is much appreciated. Thanks in advance, = Eddie=20 --------------------------------- Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo. ******************************************************** This Week's Sponsor - ThinPrint Simply the best print solution for Microsoft Terminal Services=20 and Citrix Metaframe. http://www.thinprint.com/ ********************************************************** For Archives, to Unsubscribe, Subscribe or=20 set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ******************************************************** This Week's Sponsor - ThinPrint Simply the best print solution for Microsoft Terminal Services and Citrix Metaframe. http://www.thinprint.com/ ********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm