Solved

PCs connecting to global catalogue in wrong site

Posted on 2013-02-05
8
617 Views
Last Modified: 2013-07-17
Hi experts,

I have a DC and Exchange in site A, and just a DC in site B. The VPN has gone down between sites due to an internet issue.
After this happened a Terminal Server in Site A and a PC in site A could not connect to Exchange. I tried everything I could think of. I then added a reg entry to force them to use the local Global Catalogue. This resolved the problem but I can't figure out why they were trying to communicate with the other GC. Everything in AD Sites and Services looks ok.
I assume there is still an issue that needs to be fixed.

Would appreciate any ideas?

Thanks.
0
Comment
Question by:nealerocks
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 1

Expert Comment

by:Sitaram Pamarthi
ID: 38858055
Hi, The site choice is based on DCLocator process initiated by client. If your client is having a IP address that is mapped to SiteB in Active Directory Sites and Services, then no wonder why it is going there. So, please review your current sites and the assigned subnets and make sure there are no cross references.

The below two posts should given some insight to the DC locator process.
http://techibee.com/active-directory/understand-dclocator-processpart-1/39
http://techibee.com/active-directory/understand-dclocator-processpart-2/43
0
 
LVL 12

Author Comment

by:nealerocks
ID: 38858071
Sites and subnets are fine. The Terminal Server has a static IP address and the PC is using DHCP. Neither of them have addresses in the range of site B.
The other 15 PCs in site A have been working fine.

Thanks.
0
 
LVL 9

Assisted Solution

by:Zenvenky
Zenvenky earned 150 total points
ID: 38858142
I want you to check the health of the DCs. Run dcdiag /v and repadmin /replsum and repadmin /showrepl and change DC's DNS settings based on the following link if required. If you see any errors in those test logs, mention them here for better awareness.

Best Practice of DNS
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 12

Author Comment

by:nealerocks
ID: 38858177
Given that the site B internet is not back on yet I won't bother with the tests. The event log is full of replication errors at the moment.
DNS is set up according to best practice. I don't think DNS is misconfigured. Really just trying to establish why a couple of computers would be trying to contact a different site GC.
0
 
LVL 24

Expert Comment

by:Nagendra Pratap Singh
ID: 38858211
You may have to force a re-discovery of the DCs.

Please check the following link and let us know if it works.

http://support.microsoft.com/kb/939252
0
 
LVL 9

Expert Comment

by:Zenvenky
ID: 38858235
What DCDiag says, does it mention any where "Advertising failed". If yes you shall check Time Server issues. There is a possibility that other DC is acting as authoritative Time Server for domain than PDC. Make sure that PDC is NTP for the domain and it shall point to external time source for Time sync.

http://support.microsoft.com/kb/816042
0
 
LVL 35

Accepted Solution

by:
Nirmal Sharma earned 350 total points
ID: 38858609
PCs will not connect to wrong site unless these conditions are true:

 -PCs usnig a subnet which has not been defined in AD
 -Domain controllers in their site is not able to serve authentication requests for some reasons and other site DCs are configured to authenticate them.
 -You have registry entry set for these PCs; SiteName which forces them to authenticate with other site DCs.

Go to on that client and look at NetLogon\Parameters registry entries or post them here.

-----
Sys.
0
 
LVL 12

Author Closing Comment

by:nealerocks
ID: 39335145
After setting manual entries in the registry issue has never reoccurred
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question