Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Why Are My Users Not Logged-on to a Local DC?

Posted on 2014-10-02
8
Medium Priority
?
76 Views
Last Modified: 2014-10-09
Hi Experts,

Most of my users are logged on to a DC at a remote site instead of their local DCs (some DC's are hundreds of miles away)?  What caused this and why please, and how to correct this problem?  Thanks.
0
Comment
Question by:swgit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 16

Accepted Solution

by:
Joshua Grantom earned 1000 total points
ID: 40357684
I would check your DHCP Scopes to see what your DNS and default gateways are set to?
0
 
LVL 6

Expert Comment

by:Spyder2010
ID: 40357728
Do you have your sites set up correctly in Active Directory:
http://technet.microsoft.com/en-us/library/cc782048(v=ws.10).aspx

An AD site should contain all subnets in that particular site(normally a geographical location), and the Domain Controller(s) for that particular site. That way, all clients in a site know which DCs to connect to. You can also configure site links and assign them network cost... this way you can control which DCs your clients connect to if the DC(s) in their own sites are offline for whatever reason.
0
 
LVL 6

Expert Comment

by:Spyder2010
ID: 40357734
FYI: Correctly configuring your AD sites also helps you control your replication traffic, as the DCs also use the links that you define and determine who they replicate with based on the network cost that you assign to the site links.
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 1

Author Comment

by:swgit
ID: 40364374
@Joshua and Spyder2010 -- I'm still looking into this.. will let you know soon.  Thanks.
0
 
LVL 6

Expert Comment

by:Spyder2010
ID: 40365743
The default, out-of-the-box configuration for AD is just one site, I think it's called 'Default-First-Site-Name' or something like that. All DCs are put in this site, and this site acts as an 'if all else fails' bucket... meaning that if a subnet is not defined in any other site(out of the box there are no other sites), it will default to be included in the Default-First-Site-Name. So if no one has configured your AD sites, you end up with all DCs and all subnets in one site, where any client can connect to any DC in the domain, with no consideration as to physical locations, network cost, etc...

If this is the case, and you have a geographically disperse network, you should spend some time planning which DCs you want to replicate with each other, and which sets of clients should be connected to which DC(s). Once you have your topology plan in place, it is fairly easy to create the sites and links, and define the subnets in each site... but do spend some time planning out the topology before you jump in.
0
 
LVL 1

Author Comment

by:swgit
ID: 40368702
Different subnets and sites were defined for each of the physical locations.  However, there is only (1) single IP site link for all the sites with the cost of 100 and replication interval of 180 minutes.  Should I change anything here?  Users are randomly connected to different DC's on different days... Not sure what else to make of this...  Thanks.
0
 
LVL 6

Assisted Solution

by:Spyder2010
Spyder2010 earned 1000 total points
ID: 40369112
As long as you have Active Directory site objects defined for each physical location, and each of these site objects contain the subnets(both client and server subnets) for the network(s) located at that physical location, as well as the domain controller(s) at that physical location... that should assure that any clients that belong to a subnet that is defined in a site object will log into the domain controller(s) defined in that same site object.

The site link objects are more for controlling which domain controllers replicate with each other. You can use them to define hub and spoke replication topologies and such. If you don't care which DCs are replicating with each other, then there is no real need to mess with the site links... you just need to define the sites themselves, and populate them with the subnets and DCs that they own.

Active Directory Sites and Services is the tool you use to create and populate the sites.
0
 
LVL 1

Author Closing Comment

by:swgit
ID: 40370626
..seems to be fine one day, and not another... i guess as long as they can logon quickly, then it's fine..  thanks both!
0

Featured Post

Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question