Hi,
I'm using DFS namespaces to publish links, but not DFS replication. We use a full mesh AD replication topology (multiple sites in 1 AD site link).
Users on VPN sometimes do not get all the folders on their network share (M:\) which essentially is a DFS namespace for lots of shares across the domain. We have multiple DFS servers in several sites, with file server shares only being on a handful of sites. Despite the VPN client IP being associated with site A's IP subnets in AD, when I look at a VPN client's M:\ properties under the DFS tab, I can see the referral to a different AD site. Users are also saying when using VPN they have to go into the office to get the network shares back, trying from home doesn't work once the M:\ becomes disconnected.
Running "nltest \dsgetsite" returns the correct site. I can't change the DFS referral order as all AD site links are equal. The only thing that I think could help is changing the DFS namespace cache duration (configured at around 12 hours) and enabling client fail back to preferred site.
If anyone else has other ideas, please let me know.
Thanks