?
Solved

AD Sites & Svcs and Micro Subnets

Posted on 2012-09-13
3
Medium Priority
?
641 Views
Last Modified: 2012-09-14
AD 2003 environment, with AD Sites & Services set up fairly well.

We have hundreds of retail sites that use /27 subnets - all the way from 10.80.0.1 to 10.80.34.254.  They are now visible to my DCs because we switched to MPLS, and I'm getting bombarded by this message:

Event ID 5807 - Connections from client machines who don't map to any of the existing sites in the enterprise.

My question is this:  Do I need to list every subnet in S&S to fix this, or could I simply point the /16 subnet 10.80.0.0 to the home site?

Thanks for your help!
0
Comment
Question by:brodeck
3 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 2000 total points
ID: 38397111
Do they have DCs in their stores or do they all come back to HQ for DC.  You could use a /16 if you want them all to come back to the home site.  That is known as a catch all subnet, more on that here

http://technet.microsoft.com/en-us/magazine/2009.06.subnets.aspx

Thanks


Mike
0
 

Expert Comment

by:nidhinck
ID: 38397213
If you assign /16 to any site..all machines IP address comes under this /16 (10.80.0.1 to 10.80.255.254)  will authenticate with DC's available in site which you have mentioned in AD sites & services.
0
 

Author Comment

by:brodeck
ID: 38400272
Thanks for the excellent info - backed up by a TechNet article.  Perfect!
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question