Solved

Server Authendication

Posted on 2014-09-16
4
116 Views
Last Modified: 2014-10-02
I have 4 member servers & 2 Domain controllers in a site.

Now the member servers are being authenticated by both the DC's, But I want all the 4 servers to be authenticated by One Single DC.

I tried restarting all the 4 members servers but every time I restart it gets authenticated by a different DC.

Is that possible to configure the authentication to one Single domain controller, if so how do I configure it.

Please assist me in getting this configured.
0
Comment
Question by:Seshadrim
4 Comments
 
LVL 16

Assisted Solution

by:Emmanuel Adebayo
Emmanuel Adebayo earned 250 total points
ID: 40326574
Hi,

You can
1. Adjusting the Weight for DNS SRV Records in the Registry
2. Adjusting the Priority for DNS SRV Records in the Registry

http://technet.microsoft.com/en-us/library/cc787370%28WS.10%29.aspx

Regards
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 40326618
You can't force this. You can influence it, but if a DC gets busy enough, another may still respond first. Since DC databases are multimaster, why would you *want* to do thus?? What underlying problem are you trying to solve??
0
 
LVL 9

Expert Comment

by:nattygreg
ID: 40326691
If its not broken don't bother fix it, as mention above why do you want to change this?
What if you change it then the one doing the authentication fail, what would you do?
0
 
LVL 9

Accepted Solution

by:
Zacharia Kurian earned 250 total points
ID: 40327403
I have 4 member servers & 2 Domain controllers in a site.

So you have a PDC and an additional domain (which is very typical in a small environment).

The priority of authentication depends on  the workload on the PDC emulator master i.e.  your domain knows the best way for the authentication.

In a very large environment , reducing the workload on the PDC emulator master is required and it is done through "Adjusting the Weight for DNS SRV Records in the Registry" and "Adjusting the Priority for DNS SRV Records in the Registry".

In your case since you have only just 2 DCs, it is recommended to keep them as it is; unless you have any issues right now.

The below link is worth reading;

http://blogs.msmvps.com/acefekay/2010/01/03/the-dc-locator-process-the-logon-process-controlling-which-dc-responds-in-an-ad-site-and-srv-records/
0

Join & Write a Comment

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now