Solved

Server Authendication

Posted on 2014-09-16
4
126 Views
Last Modified: 2014-10-02
I have 4 member servers & 2 Domain controllers in a site.

Now the member servers are being authenticated by both the DC's, But I want all the 4 servers to be authenticated by One Single DC.

I tried restarting all the 4 members servers but every time I restart it gets authenticated by a different DC.

Is that possible to configure the authentication to one Single domain controller, if so how do I configure it.

Please assist me in getting this configured.
0
Comment
Question by:Seshadrim
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 17

Assisted Solution

by:Emmanuel Adebayo
Emmanuel Adebayo earned 250 total points
ID: 40326574
Hi,

You can
1. Adjusting the Weight for DNS SRV Records in the Registry
2. Adjusting the Priority for DNS SRV Records in the Registry

http://technet.microsoft.com/en-us/library/cc787370%28WS.10%29.aspx

Regards
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 40326618
You can't force this. You can influence it, but if a DC gets busy enough, another may still respond first. Since DC databases are multimaster, why would you *want* to do thus?? What underlying problem are you trying to solve??
0
 
LVL 13

Expert Comment

by:Natty Greg
ID: 40326691
If its not broken don't bother fix it, as mention above why do you want to change this?
What if you change it then the one doing the authentication fail, what would you do?
0
 
LVL 9

Accepted Solution

by:
Zacharia Kurian earned 250 total points
ID: 40327403
I have 4 member servers & 2 Domain controllers in a site.

So you have a PDC and an additional domain (which is very typical in a small environment).

The priority of authentication depends on  the workload on the PDC emulator master i.e.  your domain knows the best way for the authentication.

In a very large environment , reducing the workload on the PDC emulator master is required and it is done through "Adjusting the Weight for DNS SRV Records in the Registry" and "Adjusting the Priority for DNS SRV Records in the Registry".

In your case since you have only just 2 DCs, it is recommended to keep them as it is; unless you have any issues right now.

The below link is worth reading;

http://blogs.msmvps.com/acefekay/2010/01/03/the-dc-locator-process-the-logon-process-controlling-which-dc-responds-in-an-ad-site-and-srv-records/
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question