Need for another Domain Controller

windows active-directory domain-controller windows-server-2003

Solution 1:

@gWaldo has a good idea in terms of increasing reliability and updating your outdated DC, but it's a "guess" as to if it'll fix the issue. @Chris-S is correct in comment that bandwidth (at first glance) doesn't sound like it's the issue either.

First you should ensure that WAN connection is reliable, has no packet loss, and has ample available bandwidth throughout the day.

Also a DC not being available will not prevent a Windows client login (assuming default GPO's) because cache credentials on a domain let you in. It would help if you posted the actual errors the users are getting.

For mapped drives, if they are done by login script then you have little to no ability to see any logs about that info, but I would move that functionally to Group Policy Preferences which will let you map drives, make them persistent, and also log to the client event logs on any issues. Your mapping issues could be either they can't get the script, or they can't access the drive... but hard to tell without logging.

Again, keeping DC's current and having one at remote site is "better" but is just throwing darts at the wall of this specific issue. I've had 70-100 remote sites on much lower WAN speeds with no remote DC's act just fine as long as connection was reliable and had available bandwidth.

Solution 2:

There is a lot of room in your question for other problems to be causing problems, but on the surface (if you are fairly certain that everything else is working as expected) you sound like you may be a good case for a Read-Only Domain Controller (RODC).

This would necessitate upgrading to Server 2008 for your DCs (which is a good idea, anyway; 2003 is nearing end-of-life), and a little care in setting up the RODC, but it could solve your problems well.

Yes, you could just set up another 2003 DC in the remote office, but it sounds like there isn't an IT presence there, so a RODC may be 'safer'. RODCs are good where you may not have an IT staff, especially if you don't have a safe and secure area for the server (no server room / lockable racks, shady neighborhood, etc)

Also keep in mind that the mapping of drives over the network is going to eat up bandwidth, and by itself could be a major cause of your problems. It may be worthwhile to investigate a local implementation of a storage solution (such as DFS or CIFS servers).

If you haven't already, separating your organization based on location (whether by Sites or just OUs) could also help you with managing traffic and user experience.

Related

Ubuntu failover from Ethernet-to-ADSL-modem to USB 3G dongle
Ways to auto scale MySQL servers?
Apache: redirect specific URL to a local server on different port
Windows 2003; Find folders with non-inherited/changed permissions
Do I need to renew the keys which I deposited at my domain provider?
Use scp to copy a file to different servers
Diagnosing permission problems with Cobian Backup to network share
bash tab completion only works for root
max_binlog_size & log-bin size
What is the difference between *:80 and _default_:80 in Apache2?
How to prevent slow responding Tomcat from making Apache slow to respond?
What's eating my drive space when normal files + hidden + system doesn't equal total drive space used