Active Directory: Force user or computer to specific domain controller

You can't specifically tell the user account that you must authenticate to this Domain Controller but you can configure within AD like Sites so, users within this site authenticate to the local domain controller in their site which usually means the user will authenticate to the DC most of the time

This article explains the lookup process for a client looking for a DC and how a connection is determined to a DC.  You can use this article to help guide you thru understanding the process of how it works which should give you several ideas on how you would want to best approach for your environment.

http://support.microsoft.com/kb/247811

As Jmoody and dariusg stated, you can use AD Sites and Services. For lab environments, I will test user authentication to a specific DC by moving the other DCs outside a site. Not a recommended practice in a production environment.

You can define sites and subnets to accomplish this.

Client locate the Domain controller using DC Locator process.

Refer below link which explains how client locate nearest DC for authentication purpose.

http://blogs.dirteam.com/blogs/jorge/archive/2007/07/02/dc-locator-process-in-w2k-w2k3-r2-and-w2k8-part-1.aspx

So

Define the Subnet in your AD
Assocaite this subnet with Sites and move the Domain contorller to perticulate site
Define client IP address from same subnet

Below is the link which will help you to configure sites, subnets and site links.

http://www.activewin.com/win2000/step_by_step/active_directory/adsites.shtml


Hope this helps.

Regards,

_Prashant_

If you can't define IP boudries and sites, you can always disable DNS/WINS and manage via LMHOST file on the client with a #PRE #DOM switch.  Very ugly and if you have more than 5-10 machines, lots of work, but gets your there nonetheless.

Cheers,

Hulabaloo