asked on

Users logging on to wrong DC

We had a long power outage here that took out a critical switch when power was restored. Once we got connectivity back to the servers and backbones, users are logging in and the startup scripts are being served from the wrong DC. Here's our setup...

Firewall to external (also default gway for diff subnets and networks)
DC1 - Server 2003 logon server, AD, startup scripts
DC2 - Server 2003 second DC
Mailserver - Server 2003, Exchange 2003

How do I get userrs authenticating to the domain using DC1, like it is supposed to be?

Brian Pierce

Clients will attempt to authenticate with a DC in their own site, if there are multiple DCs they will use the one with the lowest priority setting in the SRV record.

You could STOP/START the netlogon service to re-register the SRV records or if you really must edit the SRV records and change the priority for LDAP

patmoli

ASKER

Which DC should I restart the service on?

Brian Pierce

All of them.
BTW there is really no such thing as the "wrong" DC, either DC can be used for authentication. Once DC is identified then the clients will tend to use it until they have a reason not to - so a restart of the clients may also be required.

patmoli

ASKER

I understand that.. it's not causing us any grief, I just want DC2 to do nothing but hum along happily until we actually need it... (IE: DC1 bursts into flames or gets hit with a ball peen hammer) I want all users using the same DC. We have around 300 client pc's. Will they all need a restart?

ASKER CERTIFIED SOLUTION

Brian Pierce

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

patmoli

ASKER

True... Perhaps I'll leave it for now. Any other comments of any other methods before I award points?