Server Authentication

Posted on 2006-03-20
Last Modified: 2010-03-18
I have a Windows AD network spread across three buildings about 300 feet apart. It is one flat AD domain. There is a Windows 2003 server in each building and they are all domain controllers. For some reason when several workstations log in they are running the login script from the netlogon directory on one of the servers in the other building. I would have assumed that since they each have a server in their respective building that their "home" server would be where the login script is ran. Do I have something set up wrong? Is their any way to specify which server is the workstations "home" server?

I am monitoring the network with 3Com Network Director and the only errors I get (on rare occassion) is the the DNS response time is high on these domain controllers. Any ideas?  
Question by:jimbecher
    LVL 23

    Accepted Solution

    If the network is a flat layer 2 network (all one subnet) then the workstations will simply broadcast for a domain controller to authenticate them and the first one to respond back and negotiate the login will be the DC it goes with.

    If you want to force the DCs in the respective buildings to be the ones that authenticate for that building then you will need to create different subnets for those buildings and use Active Directory Sites and Services to segment out the subnets with their respective building DCs.  Don't forget you'll need routing capabilities between the buildings/subnets at that point.
    LVL 23

    Expert Comment

    Thanks for the quick points...happy to help out.
    LVL 11

    Author Comment

    Well worth the answer. Thanks!

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Join & Write a Comment

    Downtime reduced, data recovered by utilizing an Experts Exchange Business Account Challenge The United States Marine Corps employs more than 200,000 active-duty Marines with operations in four continents, all requiring complex networking system…
    Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
    Hi everyone! This is Experts Exchange customer support.  This quick video will show you how to change your primary email address.  If you have any questions, then please Write a Comment below!
    This video discusses moving either the default database or any database to a new volume.

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now