Solved

PC logging into AD on another site

Posted on 2014-09-15
9
143 Views
Last Modified: 2014-09-15
We have PCs at our corporate site authenticating and running their logon scripts from one of our other sites. I have checked my site settings, but need to guidance. We are still running Windows 2003, but will be upgrading to Windows 2012 before long,
0
Comment
Question by:vnahc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
9 Comments
 
LVL 3

Expert Comment

by:Brandon
ID: 40323884
IF you have multiple authentication servers on your network the user's machine will authenticate with the first server that responds to their request.

In addition, the servers will replicate themselves and their logon information. So without more information I would say your network is working as it should.

http://technet.microsoft.com/en-us/library/cc782048(v=ws.10).aspx
0
 
LVL 2

Author Comment

by:vnahc
ID: 40323910
The server responding is over a 1.5mb mpls circuit rather than one of the DC on the local site.
0
 
LVL 3

Expert Comment

by:Brandon
ID: 40323923
Ok, so you have domain.local located at site.A and site.B.

On the local domain server at site.B you created a logon script for the users at site.B.

Site.A users are starting to also run the site.B logon scripts.

Is the logon script assigned to just an OU group for site.B?

Is this correct...just trying to map out your network in my mind first.
0
Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

 
LVL 2

Author Comment

by:vnahc
ID: 40323941
Everyone runs the same script. The scripts looks at the groups the user belongs and sets mapped drives accordingly. I just changed this portion to us their IP address rather than their logon server to pull files that need to be pushed to the PC. That works fine. I also display the username and which logon server they are using. This is where I find they are not using the closest server.

Since I changed the script to use the IP address to decide which server to download files from, the logon process is much faster, but I am still wondering why my users are using a remote server rather than a local server. I believe I may have something not quite rite in Sites and Services. Just needing a little guidance as to where to look.
0
 
LVL 3

Accepted Solution

by:
Brandon earned 500 total points
ID: 40323980
Perhaps the GC is not cached so the user's machine authenticated with the remote server and now uses that server until it doesn't respond fast enough. Check out the link below and scroll down a little more than half way. (or search for Configuring a global catalog server within the page to drop you down to the right space)

http://www.techrepublic.com/article/solutionbase-a-look-at-windows-server-2003s-active-directory-sites-and-services/
0
 
LVL 3

Expert Comment

by:Brandon
ID: 40323995
0
 
LVL 3

Expert Comment

by:Brandon
ID: 40324003
One more with some additional links to make sure your subnets are correctly setup in the Sites mmc.

http://social.technet.microsoft.com/Forums/windowsserver/en-US/5c6bf542-caf2-4a4f-9490-c90d6ed196a0/clients-authenticating-to-wrong-domain-controllers
0
 
LVL 2

Author Closing Comment

by:vnahc
ID: 40324042
Thanks for the link. It was a new subnet added but not added to sites and services.  I figured it would be something simple, just needed a little direction. Thanks
0
 
LVL 3

Expert Comment

by:Brandon
ID: 40324049
Awesome, good job.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

My previous article  (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/A_4466-A-beginners-guide-to-installing-SCCM2007-on-Windows-2008-R2-Server.html)detailed one possible method to get SCCM 2007 installed an…
INTRODUCTION The purpose of this document is to demonstrate the Installation and configuration of the Data Protection Manager product. Note that this demonstration was prepared on the basis of Windows OS is 2008 R2 and DPM 2010. DATA PROTECTI…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question