PCs connecting to global catalogue in wrong site

Hi experts,

I have a DC and Exchange in site A, and just a DC in site B. The VPN has gone down between sites due to an internet issue.
After this happened a Terminal Server in Site A and a PC in site A could not connect to Exchange. I tried everything I could think of. I then added a reg entry to force them to use the local Global Catalogue. This resolved the problem but I can't figure out why they were trying to communicate with the other GC. Everything in AD Sites and Services looks ok.
I assume there is still an issue that needs to be fixed.

Would appreciate any ideas?

Thanks.
LVL 12
nealerocksAsked:
Who is Participating?
 
Nirmal SharmaSolution ArchitectCommented:
PCs will not connect to wrong site unless these conditions are true:

 -PCs usnig a subnet which has not been defined in AD
 -Domain controllers in their site is not able to serve authentication requests for some reasons and other site DCs are configured to authenticate them.
 -You have registry entry set for these PCs; SiteName which forces them to authenticate with other site DCs.

Go to on that client and look at NetLogon\Parameters registry entries or post them here.

-----
Sys.
0
 
Sitaram PamarthiCommented:
Hi, The site choice is based on DCLocator process initiated by client. If your client is having a IP address that is mapped to SiteB in Active Directory Sites and Services, then no wonder why it is going there. So, please review your current sites and the assigned subnets and make sure there are no cross references.

The below two posts should given some insight to the DC locator process.
http://techibee.com/active-directory/understand-dclocator-processpart-1/39
http://techibee.com/active-directory/understand-dclocator-processpart-2/43
0
 
nealerocksAuthor Commented:
Sites and subnets are fine. The Terminal Server has a static IP address and the PC is using DHCP. Neither of them have addresses in the range of site B.
The other 15 PCs in site A have been working fine.

Thanks.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
ZenVenkyArchitectCommented:
I want you to check the health of the DCs. Run dcdiag /v and repadmin /replsum and repadmin /showrepl and change DC's DNS settings based on the following link if required. If you see any errors in those test logs, mention them here for better awareness.

Best Practice of DNS
0
 
nealerocksAuthor Commented:
Given that the site B internet is not back on yet I won't bother with the tests. The event log is full of replication errors at the moment.
DNS is set up according to best practice. I don't think DNS is misconfigured. Really just trying to establish why a couple of computers would be trying to contact a different site GC.
0
 
Nagendra Pratap SinghDesktop Applications SpecialistCommented:
You may have to force a re-discovery of the DCs.

Please check the following link and let us know if it works.

http://support.microsoft.com/kb/939252
0
 
ZenVenkyArchitectCommented:
What DCDiag says, does it mention any where "Advertising failed". If yes you shall check Time Server issues. There is a possibility that other DC is acting as authoritative Time Server for domain than PDC. Make sure that PDC is NTP for the domain and it shall point to external time source for Time sync.

http://support.microsoft.com/kb/816042
0
 
nealerocksAuthor Commented:
After setting manual entries in the registry issue has never reoccurred
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.