Solved

Windows 2008 Sites and Services

Posted on 2015-02-10
6
128 Views
Last Modified: 2015-02-10
Hi All,

I am working on a clients network and they complain of slow logins.  I opened their AD sites and Services and noticed that the previous network administrator created sites for all of their remote site but all of their DCs are located at one central location.

Is there an advantage of doing this?  When I expand one of the remote sites I see the servers but the servers cannot be expanded.  It is almost like if they were removed from AD.  But if I expand their central location then I can expand the servers and force replicate.

I have not see this type of setup.  Usually if you create a site then you will also have a dedicated server listed it at that site and located at that physical location.  This will help with long login time issues

All of the sites connect to the central building through a Gig link so I do see why the users are taking longer than 20 minutes to login

any ideas
0
Comment
Question by:thomasm1948
  • 3
  • 2
6 Comments
 
LVL 33

Expert Comment

by:it_saige
ID: 40600915
How many remote sites are we talking about?  It might prove beneficial to implement RODC's in the remote locations.

https://technet.microsoft.com/en-us/library/cc732801(v=ws.10).aspx

-saige-
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40601009
First thing I would be checking if sites and services are not set properly is the following...
After successful login open the command prompt and type set logonserver

This will tell you what DC you authenticated to when you logged into your machine. If sites and services are configured properly you should only be authenticating to a DC in your site. If you are authenticating to a DC in another site depending, and it is a slow link then it will take longer to login.

I would also check to ensure that you are also not using roaming profiles as well.

Will.
0
 
LVL 33

Expert Comment

by:it_saige
ID: 40601019
@Will - Author commented:
I opened their AD sites and Services and noticed that the previous network administrator created sites for all of their remote site but all of their DCs are located at one central location.
-saige-
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:thomasm1948
ID: 40601064
"I opened their AD sites and Services and noticed that the previous network administrator created sites for all of their remote site but all of their DCs are located at one central location."

Please see the attachment.  As you see that all the servers are the same for each of the sites.  For the sites where the servers are not physically located, the servers cannot be expanded.  

You can only expand the servers where the servers are physically located.  I never seen this type of setup and wondering if this is causing some of their issues
Sites.JPG
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 250 total points
ID: 40601084
Correct so sites and services are not configured properly. Your remote machines are then authenticating over the wire to your main office. This is the reason why you are getting slow logins.

I personally would not recommend using an RODC as there are too many dependencies that are required from a RWDC in another site. Take a look at a PAQ that i have answered based on pro/con for RODC's.

http://www.experts-exchange.com/Networking/Protocols/DNS/Q_28329964.html

Also you will need to ensure that credential caching is enabled when using RODC to allow subsequetn logins will fail.
See the below link for more details.
https://technet.microsoft.com/en-us/library/cc753470%28v=ws.10%29.aspx

Will.
0
 
LVL 33

Assisted Solution

by:it_saige
it_saige earned 250 total points
ID: 40601092
It is a relevant concern.  And could most definitely cause issues depending upon the overall number of users and authentication requests that your current DC's handle.

I would recommend either RODC's or DC's at each of the remote locations.

-saige-
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now