Multiple sites and slow logon

Hi All,

I started my new job as support engineer last month. The company I work for has a site in Belgium and in The Netherlands. One of the complaints I get a lot is that loging on to Windows can take long sometimes (2/3 minutes). Sometimes the logon screen freezes. At other times the Applying your settings windows is shown for a long time.

Both sites have a domain controller (DC-NL and DC-BE). Now I did some tests with a spare laptop. I logged on 10 times (after restarting the machine completely each time). Then I looked at the LogonServer environment variable. 4 times I was authenticated by DC-BE and the other 6 times I got authenticated by DC-NL. Oh yeah, I'm in Belgium by the way :-)

I think this is the cause of the slow logon. Now I've googled a bit and from what I can tell (I'm not an MCSA/MCSE) the best way to handle this is to create multiple sites in Active Directory. Currently there's only one site there (Default-First-Site-Name :p hey, that's how they set it up, not me!). If I get it right I need to create 2 sites and then move both DC's to their proper site. This way, depending on the IP I get I get authenticated to the nearest DC...

Is this correct? I've never done this before and I'm not sure of the impact doing this change. So, if I'm correct, can someone also give me some tips and tell me the dangers of making those 2 sites?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Brian PiercePhotographerCommented:
Essentially yes
You need to have different subnets at each site and then allocate each subnet to a site in AD Sites and Services. A site can have multiple subnets, but a subnet cannot span sites.

You also need to make sure that the DC on each site is also a global catalog server to prevent cross-site referals for universal group membership details at logon.

Also you need to have a DNS server at each site (ADintegrated on the DC is fine), and make sure that clients on each site are configured to used their local DNS server as their preferred DNS server.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
techteamaneAuthor Commented:

Thanks for that information! I read about it online and also read about the subnets. I'm not realy into that stuff but I know the following:

* In NL the address range is 192.168.138.x with subnet
* In BE the address range is 192.168.144.x with subnet

So, when I want to create subnets in AD Sites and Services I'm asked to enter a network address and a mask... What should I enter there? Let's say for BE? If I have this information I think I have everything I need to go on

Once again, thanks for the fast reply!
Brian PiercePhotographerCommented:
Looks like its alredt set up so you just have to enter the information
so for BE the subnet Mask
techteamaneAuthor Commented:
Exactly the information I needed. A confirmation of my theory and extra information to make my job easier!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.