Solved

How do group policies work?

Posted on 2014-07-24
3
117 Views
Last Modified: 2014-09-09
Can someone give me a link that explains how GPO is applied to machine from DC? I want to know if it cant hit primary DC does it round robin until it gets one it can hit? What determines what order the DC's are contacted? Thanks
0
Comment
Question by:Thomas N
  • 2
3 Comments
 
LVL 10

Expert Comment

by:Rafael
ID: 40217602
Have you tried Group Policy informational guide from Microsoft ? It's good reading and breaks down as you need.
0
 

Author Comment

by:Thomas N
ID: 40217633
I dont have time to read that whole guide. Can you just tell me what happens when a machine logs in to get GPO, it checks its logonserver for policy but what determines where it goes next if the server is busy? Thanks
0
 
LVL 10

Accepted Solution

by:
Rafael earned 500 total points
ID: 40219977
Well, for policies, if it doesn't get a response from it's logon server, it will try to contact any other DC in the same site (pool) and then the domain as itself, if several DC's exist in the same site it uses a unpublished not quite round robin process to pick one that tends to weigh it with about 70% of the logon going to the first one in the list (top down) and 30% spread out for the others in the site.

If no DC in the same site pool responds then it'll query DNS and randomly selects one from the any DC or the domain regardless of site, tried in that order. Finally, if there are no logon servers then the user is logged in via cached credentials if enabled.

HTH
-Rafael
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now