Solved

PC logging into AD on another site

Posted on 2014-09-15
9
138 Views
Last Modified: 2014-09-15
We have PCs at our corporate site authenticating and running their logon scripts from one of our other sites. I have checked my site settings, but need to guidance. We are still running Windows 2003, but will be upgrading to Windows 2012 before long,
0
Comment
Question by:vnahc
  • 6
  • 3
9 Comments
 
LVL 3

Expert Comment

by:Brandon
Comment Utility
IF you have multiple authentication servers on your network the user's machine will authenticate with the first server that responds to their request.

In addition, the servers will replicate themselves and their logon information. So without more information I would say your network is working as it should.

http://technet.microsoft.com/en-us/library/cc782048(v=ws.10).aspx
0
 
LVL 2

Author Comment

by:vnahc
Comment Utility
The server responding is over a 1.5mb mpls circuit rather than one of the DC on the local site.
0
 
LVL 3

Expert Comment

by:Brandon
Comment Utility
Ok, so you have domain.local located at site.A and site.B.

On the local domain server at site.B you created a logon script for the users at site.B.

Site.A users are starting to also run the site.B logon scripts.

Is the logon script assigned to just an OU group for site.B?

Is this correct...just trying to map out your network in my mind first.
0
 
LVL 2

Author Comment

by:vnahc
Comment Utility
Everyone runs the same script. The scripts looks at the groups the user belongs and sets mapped drives accordingly. I just changed this portion to us their IP address rather than their logon server to pull files that need to be pushed to the PC. That works fine. I also display the username and which logon server they are using. This is where I find they are not using the closest server.

Since I changed the script to use the IP address to decide which server to download files from, the logon process is much faster, but I am still wondering why my users are using a remote server rather than a local server. I believe I may have something not quite rite in Sites and Services. Just needing a little guidance as to where to look.
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 
LVL 3

Accepted Solution

by:
Brandon earned 500 total points
Comment Utility
Perhaps the GC is not cached so the user's machine authenticated with the remote server and now uses that server until it doesn't respond fast enough. Check out the link below and scroll down a little more than half way. (or search for Configuring a global catalog server within the page to drop you down to the right space)

http://www.techrepublic.com/article/solutionbase-a-look-at-windows-server-2003s-active-directory-sites-and-services/
0
 
LVL 3

Expert Comment

by:Brandon
Comment Utility
0
 
LVL 3

Expert Comment

by:Brandon
Comment Utility
One more with some additional links to make sure your subnets are correctly setup in the Sites mmc.

http://social.technet.microsoft.com/Forums/windowsserver/en-US/5c6bf542-caf2-4a4f-9490-c90d6ed196a0/clients-authenticating-to-wrong-domain-controllers
0
 
LVL 2

Author Closing Comment

by:vnahc
Comment Utility
Thanks for the link. It was a new subnet added but not added to sites and services.  I figured it would be something simple, just needed a little direction. Thanks
0
 
LVL 3

Expert Comment

by:Brandon
Comment Utility
Awesome, good job.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Have you ever had a hard drive that you can't boot into, but need to change the registry? Here is the solution! This article guides you through accessing and editing a registry of a non-primary drive. To read registry information on a non-prim…
The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now