Solved

PCs connecting to global catalogue in wrong site

Posted on 2013-02-05
8
603 Views
Last Modified: 2013-07-17
Hi experts,

I have a DC and Exchange in site A, and just a DC in site B. The VPN has gone down between sites due to an internet issue.
After this happened a Terminal Server in Site A and a PC in site A could not connect to Exchange. I tried everything I could think of. I then added a reg entry to force them to use the local Global Catalogue. This resolved the problem but I can't figure out why they were trying to communicate with the other GC. Everything in AD Sites and Services looks ok.
I assume there is still an issue that needs to be fixed.

Would appreciate any ideas?

Thanks.
0
Comment
Question by:nealerocks
8 Comments
 
LVL 1

Expert Comment

by:Sitaram Pamarthi
ID: 38858055
Hi, The site choice is based on DCLocator process initiated by client. If your client is having a IP address that is mapped to SiteB in Active Directory Sites and Services, then no wonder why it is going there. So, please review your current sites and the assigned subnets and make sure there are no cross references.

The below two posts should given some insight to the DC locator process.
http://techibee.com/active-directory/understand-dclocator-processpart-1/39
http://techibee.com/active-directory/understand-dclocator-processpart-2/43
0
 
LVL 12

Author Comment

by:nealerocks
ID: 38858071
Sites and subnets are fine. The Terminal Server has a static IP address and the PC is using DHCP. Neither of them have addresses in the range of site B.
The other 15 PCs in site A have been working fine.

Thanks.
0
 
LVL 9

Assisted Solution

by:Zenvenky
Zenvenky earned 150 total points
ID: 38858142
I want you to check the health of the DCs. Run dcdiag /v and repadmin /replsum and repadmin /showrepl and change DC's DNS settings based on the following link if required. If you see any errors in those test logs, mention them here for better awareness.

Best Practice of DNS
0
 
LVL 12

Author Comment

by:nealerocks
ID: 38858177
Given that the site B internet is not back on yet I won't bother with the tests. The event log is full of replication errors at the moment.
DNS is set up according to best practice. I don't think DNS is misconfigured. Really just trying to establish why a couple of computers would be trying to contact a different site GC.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 23

Expert Comment

by:Nagendra Pratap Singh
ID: 38858211
You may have to force a re-discovery of the DCs.

Please check the following link and let us know if it works.

http://support.microsoft.com/kb/939252
0
 
LVL 9

Expert Comment

by:Zenvenky
ID: 38858235
What DCDiag says, does it mention any where "Advertising failed". If yes you shall check Time Server issues. There is a possibility that other DC is acting as authoritative Time Server for domain than PDC. Make sure that PDC is NTP for the domain and it shall point to external time source for Time sync.

http://support.microsoft.com/kb/816042
0
 
LVL 35

Accepted Solution

by:
Nick Sui earned 350 total points
ID: 38858609
PCs will not connect to wrong site unless these conditions are true:

 -PCs usnig a subnet which has not been defined in AD
 -Domain controllers in their site is not able to serve authentication requests for some reasons and other site DCs are configured to authenticate them.
 -You have registry entry set for these PCs; SiteName which forces them to authenticate with other site DCs.

Go to on that client and look at NetLogon\Parameters registry entries or post them here.

-----
Sys.
0
 
LVL 12

Author Closing Comment

by:nealerocks
ID: 39335145
After setting manual entries in the registry issue has never reoccurred
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Join & Write a Comment

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now