Solved

windows clients not using their local domain controller

Posted on 2013-02-02
5
515 Views
Last Modified: 2013-02-19
I am having a problem with our new domain. We have a hub and spoke design with two hub sites. Half of all sites will replicate to one hub and the other half will goto the other.

DC1 and DC2 have a defined site link
DC1 and SITE1 have a defined site link

Site Link Transitivity has been disabled so I also created a site link bridge linking the two site links so that in the case that the domain controller at SITE1 is unavailable, and the domain controller at DC1 is unavailable, that it will still goto DC2. For some reason, most of the clients at SITE1 are going to DC2 when all of the Domain controllers are up and running.

To ensure that it isn't the site link bridge that I created, I removed the site link bridge between the two site links. The clients still use DC2 as their logon server.

DNS is setup right on the clients and the local site DC at SITE1 with their primary DNS serve being the SITE1 domain controller, and their secondary being DC1. Any idea why they continue to goto DC2?
0
Comment
Question by:bbcac
5 Comments
 
LVL 5

Expert Comment

by:Coffinated
ID: 38847882
Did you define a subnet for each site? If not you need to create 2 subnets and assign them to respected site.
Run gpupdate /force to refresh group policies
Run gpresult /r to check the login server
0
 
LVL 4

Expert Comment

by:Thomas WERNHER
ID: 38848113
Hi,

following the previous answer :
Does each DC be in the same subnet it's client ? (some company put their DC in a separate subnet) ?

btw, i would rather restart the computer after to monitor the change of DC, because, by doing only a gpupdate / gpresult you're generally still linked to the same DC (and if it's not the good one...)

cheers
0
 
LVL 5

Expert Comment

by:vin_shooter
ID: 38851036
Hi bbcac,

step1: Execute the command set L in command prompt then you'll get the logon server name

step2: Then query the site name,

nltest /dsgetsite /s:Logon server name to be given here

Then open dssite.msc in run and expand sites in the console navigate to the logon server site name and right click on the site name ->Properties, check in General tab the subnet range associated with the site.

Check whether the client IP ADDRESS falls in the subnet range associated with the site in which the logon server exist.

Also, some times if we assign the same subnet range in to two sites will result in this issue.

Conclusion:

Either the IPADDRESS of client machine is not associated to any of the site or it might have assigned to more than one site. Hence the issue.

Kindly perform the above check and revert, so that we can dig further..,

Expecting your reply..,
0
 
LVL 5

Accepted Solution

by:
vin_shooter earned 500 total points
ID: 38855633
After performing the steps given in the above step still the workstation authenticates to DC in other sites then follow the given step,

open DNSMGMT.MSC, expand your domainname.com in DNS then navigate to _msdcs then expand DC then _sites click on corresponding site check for the SRV records then right click on the record & check for priority value..,

by changing the Priority value we can designate particular domain controller to act as Logon server for that site..,

Hope this will fix the issue permanently..,
0
 

Author Comment

by:bbcac
ID: 38907051
This was a mistake on my part... I had the site configed wrong... everything is fine now
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
Know what services you can and cannot, should and should not combine on your server.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now