I have ran into issues with Unlocking workstations or setting a computer to power on at 7:00 AM at sites B & C , staff go to log in at 8:00 or 8:30 it fails, and again on the second attempt it works. The same with a workstation locking for lunch, after an hour and have the first attempt Fail, the second work fine. On the first attempt it can take minutes to timeout. The workstation can be pinged, it can be remote managed. From any site…does not seem to make a difference. This seems to happen on both (Some) windows 7 & XP. So I believe it to be network/server/configuration related. This does not happen all of the time, just sometimes...

I have been down the road of Locking the NIC’s down on the switch and on the workstation, making sure all power related settings are set to full / disabled. Workstations do not sleep, hibernate, or even spin down the hard drives. I have even put a Hosts file on the workstations to see if this would help as it may a resolve issue of some sort…this did not help. As the issue is somewhat intermittent, I have not got a packet trace. I will be attempting to do so soon. We are not using LDAP Contextless logins, we Create Alias Objects in a container that point to the user object…

Workstations / clients:
Login Screen:
Context: ALIAS.XXX (Root O)
Server: XXX.XXX.XXX.XXX (Ip Address of local Auth Server for Each site)
Scope List:
DA List:
XXX.XXX.XXX.XXX (Ip address of Site A DA)

One of my question is in regards of SLP. As all sites are 100Mbps Fiber VPN’s should I have DA’s on each of the site’s subnets? Or is that overkill? What would be the benefits, what would be the downside?
Currently all sites are on 100Mb Fiber L2’s With Point to Point VPN’s over Sonicwall devices allowing traffic into Site – A, The traffic is Split tunnel and internet goes out a DMZ / separate route in the same building as Site A.

All servers are OES 11 SP1
Site A – Subnet A, Primary server (Master Replica, SLP DA), Zenworks Server, DSFW Server , DNS
Site B –Subnet B, Local Authentication Server (Full Replica), also have secondary DNS on this server
Site C – Subnet C, Local Authentication Server (Full Replica)

Also note*** I have multicasting disabled across the SonicWALL Routers
Any direction would be helpful…