We have 12 offices connected via a frame relay WAN. Each office has a local 2k3 DC. When users log in, I notice that the logon server can be any of the DCs in the WAN. How can I control which servers authenticate which offices? Do I have to use sites to do this?