Solved

windows clients not using their local domain controller

Posted on 2013-02-02
5
520 Views
Last Modified: 2013-02-19
I am having a problem with our new domain. We have a hub and spoke design with two hub sites. Half of all sites will replicate to one hub and the other half will goto the other.

DC1 and DC2 have a defined site link
DC1 and SITE1 have a defined site link

Site Link Transitivity has been disabled so I also created a site link bridge linking the two site links so that in the case that the domain controller at SITE1 is unavailable, and the domain controller at DC1 is unavailable, that it will still goto DC2. For some reason, most of the clients at SITE1 are going to DC2 when all of the Domain controllers are up and running.

To ensure that it isn't the site link bridge that I created, I removed the site link bridge between the two site links. The clients still use DC2 as their logon server.

DNS is setup right on the clients and the local site DC at SITE1 with their primary DNS serve being the SITE1 domain controller, and their secondary being DC1. Any idea why they continue to goto DC2?
0
Comment
Question by:bbcac
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 5

Expert Comment

by:Coffinated
ID: 38847882
Did you define a subnet for each site? If not you need to create 2 subnets and assign them to respected site.
Run gpupdate /force to refresh group policies
Run gpresult /r to check the login server
0
 
LVL 4

Expert Comment

by:Thomas WERNHER
ID: 38848113
Hi,

following the previous answer :
Does each DC be in the same subnet it's client ? (some company put their DC in a separate subnet) ?

btw, i would rather restart the computer after to monitor the change of DC, because, by doing only a gpupdate / gpresult you're generally still linked to the same DC (and if it's not the good one...)

cheers
0
 
LVL 5

Expert Comment

by:vin_shooter
ID: 38851036
Hi bbcac,

step1: Execute the command set L in command prompt then you'll get the logon server name

step2: Then query the site name,

nltest /dsgetsite /s:Logon server name to be given here

Then open dssite.msc in run and expand sites in the console navigate to the logon server site name and right click on the site name ->Properties, check in General tab the subnet range associated with the site.

Check whether the client IP ADDRESS falls in the subnet range associated with the site in which the logon server exist.

Also, some times if we assign the same subnet range in to two sites will result in this issue.

Conclusion:

Either the IPADDRESS of client machine is not associated to any of the site or it might have assigned to more than one site. Hence the issue.

Kindly perform the above check and revert, so that we can dig further..,

Expecting your reply..,
0
 
LVL 5

Accepted Solution

by:
vin_shooter earned 500 total points
ID: 38855633
After performing the steps given in the above step still the workstation authenticates to DC in other sites then follow the given step,

open DNSMGMT.MSC, expand your domainname.com in DNS then navigate to _msdcs then expand DC then _sites click on corresponding site check for the SRV records then right click on the record & check for priority value..,

by changing the Priority value we can designate particular domain controller to act as Logon server for that site..,

Hope this will fix the issue permanently..,
0
 

Author Comment

by:bbcac
ID: 38907051
This was a mistake on my part... I had the site configed wrong... everything is fine now
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question