• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 427
  • Last Modified:

Logon and active directory lookup got slow after adding a new DC and a new site

I've just added a new DC on a remote site conncted through WAN. I also added a new site and put this DC inside . I also set the intersite replication policy. Everything seemed to work fine but in my head office my colleagues experienced the domain logon gets slower and generally AD lookup gets slower.
Summirizing:
we have 2 DC in head office
1 DC in a remote site connected through WAN

For example if I try to set some authorizations on a Member Server in Head Office LAN, it gets 30 seconds to find the user name. Before adding the new DC it was instantaneous.
0
fmalinve
Asked:
fmalinve
  • 3
  • 2
  • 2
1 Solution
 
dan_blagutCommented:
Hi
Did you have defined the subnet for each site?

Dan
0
 
fmalinveAuthor Commented:
Yes, all the sites have the subnets defined
0
 
dan_blagutCommented:
Also you must have GLobal catalog in all your sites
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
fmalinveAuthor Commented:
Yes, we have Global Catalog set up for all DCs
0
 
LauraEHunterMVPCommented:
In addition to defining subnets for each site, did you confirm that the DC for the remote site has been placed into the site corresponding to it?  Unlike client computers, domain controllers need to be manually placed into the appropriate AD site.  Check AD Sites & Services to confirm that the remote DC is in the site that it should be in.  If not, your clients in the main site could be connecting to the remote DC because they don't "know" that it's remote.

If that yields no joy, install the Windows Support Tools on both DCs and run dcdiag /v and repadmin /replsum to see if there are any replication or time synchronizatione errors.
0
 
fmalinveAuthor Commented:
Actually I noticed that a lot of PCs in my headquarters got the remote DC as the logonserver.
Maybe beacuse I set Subnets only the day after I set up remote controller?
Now how can I do? have I to swtich off remote DC and tell my headquarter users to login in order to take the local domain controller as logonserver?
0
 
LauraEHunterMVPCommented:
As I indicated above, have you confirmed that the remote DC is configured in the appropriate site?  You should also confirm that your clients are configured in the appropriate sites.  

You can confirm this from your DCs by using the following command:

nltest /server:<Hostname> /dsgetsite

<Hostname> can be the name of your DCs or the name of one or more of your client workstations.

If your DCs and/or clients are not in the sites that you expect, you will need to update your site/subnet configuration in AD Sites & Services accordingly.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now