Client and DC

  • Thread starter Thread starter jokes54321
  • Start date Start date
J

jokes54321

We finally got to roll DC's out to each of our remote sites and started
joining them all to our domain.

Even though we defined sites and subnets and associated them to each other,
we are still finding the client workstations at various sites are coming
across the WAN's to validate against DC's at other locations.

Any ideas on why this is happening? It was my understanding they would use
the DC in their own subnet first and only go across the WAN if their primary
DNS server was down.

TIA,

Denny
 
I meant to say I thought they would only attempt to validate against a
remote DC is their primary DC (the one in their own subnet) was down.

Any ideas?

Denny
 
jokes54321 said:
We finally got to roll DC's out to each of our remote sites and started
joining them all to our domain.

Even though we defined sites and subnets and associated them to each other,
we are still finding the client workstations at various sites are coming
across the WAN's to validate against DC's at other locations.

Any ideas on why this is happening? It was my understanding they would use
the DC in their own subnet first and only go across the WAN if their primary
DNS server was down.

TIA,

Denny
Click to expand...

Make sure your remote DCs are DNS servers, and in the DNS snap-in,
enable netmask ordering, and disable round robin. Also it is a good idea
to list each site's DNS server as the primary for clients at that site.
Then DNS will always return the DC with the IP address closest to that
of the client querying for the logon server.

...kurt
 
Make sure your remote DCs are DNS servers, and in the DNS snap-in,
enable netmask ordering, and disable round robin. Also it is a good idea
to list each site's DNS server as the primary for clients at that site.
Then DNS will always return the DC with the IP address closest to that
of the client querying for the logon server.

..kurt- Hide quoted text -

- Show quoted text -
Click to expand...


Hi,

Well first and formost, clients in each site SHOULD use the DC in
their site for primary DNS (ALL DC's I recommend should have DNS
installed)
And of coarse if this machine goes down the clients will go to the
secondary DNS server you have configured for them which would be
another DNS server in the network.

If you sites and subnets are set up correctly, when the promotion of a
DC is performed, it will be automatically put in the site set for the
subnet you have given it.
It registers this information in DNS and this is where the clients get
the information.
Remember to also make sure we have a Global Catalog server in each
site as well.
After making any DNS change always run the following on DC's
ipconfig /flushdns & ipconfig /registerdns & net stop netlogon & net
start netlogon

Good luck

Harj Singh
Power Your Active Directory Investment
www.specopsoft.com
 
Hello,

Thank you for your response. Yep, these DC's are setup as secondaries to our
primary DNS server and are listed as the clients primary for each site.

Unfortunately I cannot disable round-robin since we're using it as poor mans
load-balancing to distribute across eight terminal servers. If I at least
enable netmask ordering will that work, or will that only enable if
round-robin is disabled?

TIA,

Denny
 
Back
Top