AD sites & authentication question

I've got an interesting issue with what site my machines are authenticating against.

We are a single forest/domain company. We recently purchased another company. We purchased a new domain controller, which we set up locally. We did not create a subdomain for the new company, as we decided to simply leave them as part of our existing domain.

Once the DC was setup, i shipped it to the remote office and traveled out there. I created a new site in ADSS, defined the local subnet and moved the domain controller into the new site.

*note* - The new subnet i created is the only subnet defined under subnets.
            - There was au automatic site created right after the name of the new site, with some letters like CNF:c05d7 etc.

Back here, in the primary site, when i add computers to the domain, they are showing up in AD on the remote domain controller, and then syncing back here to the main office once replication takes place. I checked the NETLOGON parameters in the registry and the machines seem to think they are part of the remote site, and not the local site. they have a Dynamic Site Name of the remote site in question.

I was in the middle of doing a /prepareschema in the midst of an Exchange 2010 transition when i discovered that the computer wasn't using the correct site, as it was giving me errors about not being in the same site as the schema master. I had to add a registry entry under NETLOGON/PARAMETERS of "SiteName" and give it the value of my primary site, and restart the netlogon services, for the machine to recognize it was in the correct site.

Do i need to define a local subnet and add that to my primary site to force computers here to use our local domain controllers first? I want to make sure computers here are using the correct site. I'm worried my machines are authenticating to the wrong domain controllers here in the main office.
LVL 5
HornAlumAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

netjgrnautCommented:
Do i need to define a local subnet and add that to my primary site to force computers here to use our local domain controllers first?

Yes.  You should define all sites and subnets to get the results you're looking for.  Important for the KCC to work.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
HornAlumAuthor Commented:
yup, i figured that was it.

Added the subnet, replicated the settings. removed and readded the computer and now it's showing up on the correct domain controller first, under AD U&C

Thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.