1 PDC, 2 BDC’s to authentic users locally. Use both config.pol and ntconfig.pol, saved in …repl/import/scripts. Can’t I have one on each server? It seems that config.pol users get policy from pdc only which causes additional traffic across wan, however they do get authenticated locally. Can this be done, if so how. I could share netlogon with a different name, but then how does win95/98, NT see the netlogon? It would make sense to have a smaller policy to maintain on each server and reduce traffic. Need help ASAP 1,000 + users are affected. Thank you!!!!!!