Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Active Directory Logons - Multiple Site and Multiple Locations

Status
Not open for further replies.

evildik

MIS
Sep 2, 2003
39
US
Topology is multiple sites (hub and spoke configuration)
Spokes being the remote offices.

We have a increasing problem where a user in location A will logon to the their server on the remote site, however when you type "set logon" in command prompt they are logging in to a Domain Controller in a different site. This causes the logons to be extremely slow cause they are logging in to the remote sites instead of their local domain controllers. How can I force workstations to logon to their local domain controllers first before logging in to a remote site...



 
Camera that is the exact problem im having.. have you found a fix for this?

This problem is most annoying...
 
Not yet. Check my thread (link above). it has ALOT of details. let me know if you have the same issue in your AD integrated DNS directory.

Do you already have your sites/services setup and subnets assigned?

As soon as I figure out the solution, I'll let you know. I am just short of hiring an AD specialist consultant to figure out what is going wrong. If I am right, its too deep into the AD DNS infrastructure and a book wont cut it.
 
Site and services with the correct ip subnets has been done. So its definitely something else...

Really weird how random it is on which domain controller it authenticates to.. Did you try removing the SRV records that does not pertain to the correct site

 
I havent touched them yet. the network is in production, and I dont want to risk breaking the site replication by deleting something I shouldnt. I am 75% sure that needs to be done, and that those entries are left over from the original server setups (before they were deployed to the branches) thanks to flaky Mickeysoft behaviour.

With my luck, I am on the right track, but deleting those SRV entries will break it. I just need someone who actually knows what they are doing at this to give me the thumbs up.
 
hey Evil, can you post your contents of the DNS folder
"forward zone\<domain>\_sites\<site you are having problems with>\_tcp" ? I want to check something.

Basically take a look at your structure. the entries in there probably correspond with the servers that you are authenticating against.
Are ALL your remote servers being listed there, or just the ones you seem to be hitting?
did you stage your setup in your local office, then move them to the branch offices?

I THINK I have a fix. I tried something and it seems to work. Not sure what all of the repercussions are yet though so I dont want to give bad advice. I would just be interested in seeing what your structure looks like so I can see another malfunctioning setup.


if you dont know how to extract and "scrub" the data of private info, let me know and I can tell you the trick I used.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top