How to force a site to point to the closest DC at another site.

We a have site in the us that seems to be using the DC of a site on the other side of the world when it should be using one that's in the US.

Isn't it possible to set the secure channel to point to the closest dc with nltest. The site only has a 2003 dhcp there.
rdefinoAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Brian PiercePhotographerCommented:
If you have set up your subnets correctly in AD sites and services then clients will look for a DC in their own site in preference.

http://technet.microsoft.com/en-us/library/cc730868.aspx
0
JaihuntCommented:
You can use the below commands,

nltest /dsgetdc:<FQDN Domain Name> /force ( it will force the server to reconnect DC instead of using cached DC)

nltest /server:<server name> /sc_query:<FQDN Domain Name>

Also check Subnets and site links are configure properly.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

rdefinoAuthor Commented:
from what system do I run this command from?

nltest /dsgetdc:<FQDN Domain Name> /force
0
Brian PiercePhotographerCommented:
Add the subnet where the DC is located to the subnet where the client is located - Job done!
0
rdefinoAuthor Commented:
I do have the subnet defined in sites and services.
0
SandeshdubeySenior Server EngineerCommented:
There are multiple reasons for clients logged in using dcs in a differerent site.This could be due to dns misconfig,Ad sites and services not configured correctly,subnet overlapping,security filtering(if the traffic to local dc is filtered)

Do you have RODC in the env if yes then see this:http://www.frickelsoft.net/blog/?p=270.Also ensure correct dns setting on DCs and client as this:http://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/

Using Catch-All Subnets in Active Directory
http://technet.microsoft.com/en-in/magazine/2009.06.subnets(en-us).aspx

Ensure that the subnets are mapped to respective sites else client will authenticate with any DC which it finds as closest.Check the DC event log for any warning or error message.Run dcdiag /q and repadmin /replsum to check the health of DC.
 
AD Clients Not Authenticating to its Local Site
 http://blogs.dirteam.com/blogs/paulbergson/archive/2010/04/19/ad-clients-not-authenticating-to-its-local-site.aspx
   
Determine Overlapping Active Directory Sites
 http://myitforum.com/cs2/blogs/tom_watson/archive/2010/01/27/determine-overlapping-active-directory-sites.aspx
 
 
Hope this helps
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.