Solved

How to prevent DC at remote site from being used in rotation company wide.

Posted on 2008-10-03
2
272 Views
Last Modified: 2012-06-27
We have two 2008 domain controllers at our main data center. We have a 2003 domain controller at one of our branch locations. The DHCP server at the branch location is set up to assign their local DC as the primary domain controller. However, we are noticing that this domain controller is being referenced by Outlook throughout the company. When users open Outlook they are forced to wait as the branch office DC is contacted.

I believe this may be due to the controller being in rotation for AD lookups. However, we can not have this take place as it is very inefficient to do AD lookups to remote locations. So my questions is, how do I set the DC's so that they are only utilized at their proper locations. i.e. the branch DC is only used at the branch location.
0
Comment
Question by:EuclidInsurance
2 Comments
 
LVL 16

Assisted Solution

by:robrandon
robrandon earned 200 total points
ID: 22634310
You should create a new Site and Subnet in the Sites and Services snap-in.  Make sure your remote DC is in the remote site and subnet.

0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 300 total points
ID: 22634321

Hey,

That's exactly what AD Sites and Services is there for.

In order, you would:

1. Configure Site Names for each of your sites
2. Configure Subnets for each of your sites (it's a folder in AD Sites and Services) and bind those to sites
3. Move Domain Controllers into the sites as applicable

Clients will preferentially log onto a DC within their site.

You should also ensure that each site has a Global Catalog (I recommend making all DCs into Global Catalogs) or you will find logons still end up on remote domain controllers.

HTH

Chris
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
NTP Servers 4 44
Netwrix Account Lockout email notifications do not send 2 17
MFA in Azure for a hybrid org 2 36
Group Members to a csv file using PowerShell. 7 41
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question