Solved

How to prevent DC at remote site from being used in rotation company wide.

Posted on 2008-10-03
2
274 Views
Last Modified: 2012-06-27
We have two 2008 domain controllers at our main data center. We have a 2003 domain controller at one of our branch locations. The DHCP server at the branch location is set up to assign their local DC as the primary domain controller. However, we are noticing that this domain controller is being referenced by Outlook throughout the company. When users open Outlook they are forced to wait as the branch office DC is contacted.

I believe this may be due to the controller being in rotation for AD lookups. However, we can not have this take place as it is very inefficient to do AD lookups to remote locations. So my questions is, how do I set the DC's so that they are only utilized at their proper locations. i.e. the branch DC is only used at the branch location.
0
Comment
Question by:EuclidInsurance
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 16

Assisted Solution

by:robrandon
robrandon earned 200 total points
ID: 22634310
You should create a new Site and Subnet in the Sites and Services snap-in.  Make sure your remote DC is in the remote site and subnet.

0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 300 total points
ID: 22634321

Hey,

That's exactly what AD Sites and Services is there for.

In order, you would:

1. Configure Site Names for each of your sites
2. Configure Subnets for each of your sites (it's a folder in AD Sites and Services) and bind those to sites
3. Move Domain Controllers into the sites as applicable

Clients will preferentially log onto a DC within their site.

You should also ensure that each site has a Global Catalog (I recommend making all DCs into Global Catalogs) or you will find logons still end up on remote domain controllers.

HTH

Chris
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question