BScott52
asked on
Windows domain login server
I have four offices, each with their own DC, a mix of 2003 and 2008 servers. They are connected via a hardware VPN. My question is, how can you control what DC they login on in each office? I'm trying to retire an old 2003 server DC in one location, and I have transferred all five FSMO roles to the 2008 server that's been promoted. When I checked one of the users logon server, they showed a server in a remote office as being the logon server, rather than either the old 2003 server or the newly promoted 2008 server in their office. I just want to make sure the newly promoted '08 server is handling logins properly before I demote the old '03 machine. Thx for any help anyone can offer.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Not sure what you mean by not having the sites set up.
You have to go into Active Directory Site and Subnets and create an actual SITE for each location. Otherwise, there is nothing that prevents a machine in Los Angeles from connecting to a domain controller in Australia.
You identify a Los Angeles site and you attribute the subnet for the Los Angeles location to that site. Then when the machine comes online and gets its IP address and queries the domain for a domain controller to authenticate against, it can connect to the domain controller in Los Angeles.
http://technet.microsoft.com/en-us/library/bb727051.aspx
You identify a Los Angeles site and you attribute the subnet for the Los Angeles location to that site. Then when the machine comes online and gets its IP address and queries the domain for a domain controller to authenticate against, it can connect to the domain controller in Los Angeles.
http://technet.microsoft.com/en-us/library/bb727051.aspx
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Wow, after all these years I can't believe I didn't know that. I'll take care of it. Thanks to both for your help.
ASKER
Thanks to you both for your assistance. Sorry for the delay in closing this out.
ASKER
The local subnet of the office I'm doing the work is on a 192.168.99.x subnet, and the user in that office that I checked had logged into the DC in an office with a 2.x subnet. I don't understand why. Thx.