Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Windows 2008 Sites and Services

Posted on 2015-02-10
6
134 Views
Last Modified: 2015-02-10
Hi All,

I am working on a clients network and they complain of slow logins.  I opened their AD sites and Services and noticed that the previous network administrator created sites for all of their remote site but all of their DCs are located at one central location.

Is there an advantage of doing this?  When I expand one of the remote sites I see the servers but the servers cannot be expanded.  It is almost like if they were removed from AD.  But if I expand their central location then I can expand the servers and force replicate.

I have not see this type of setup.  Usually if you create a site then you will also have a dedicated server listed it at that site and located at that physical location.  This will help with long login time issues

All of the sites connect to the central building through a Gig link so I do see why the users are taking longer than 20 minutes to login

any ideas
0
Comment
Question by:thomasm1948
  • 3
  • 2
6 Comments
 
LVL 33

Expert Comment

by:it_saige
ID: 40600915
How many remote sites are we talking about?  It might prove beneficial to implement RODC's in the remote locations.

https://technet.microsoft.com/en-us/library/cc732801(v=ws.10).aspx

-saige-
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40601009
First thing I would be checking if sites and services are not set properly is the following...
After successful login open the command prompt and type set logonserver

This will tell you what DC you authenticated to when you logged into your machine. If sites and services are configured properly you should only be authenticating to a DC in your site. If you are authenticating to a DC in another site depending, and it is a slow link then it will take longer to login.

I would also check to ensure that you are also not using roaming profiles as well.

Will.
0
 
LVL 33

Expert Comment

by:it_saige
ID: 40601019
@Will - Author commented:
I opened their AD sites and Services and noticed that the previous network administrator created sites for all of their remote site but all of their DCs are located at one central location.
-saige-
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 

Author Comment

by:thomasm1948
ID: 40601064
"I opened their AD sites and Services and noticed that the previous network administrator created sites for all of their remote site but all of their DCs are located at one central location."

Please see the attachment.  As you see that all the servers are the same for each of the sites.  For the sites where the servers are not physically located, the servers cannot be expanded.  

You can only expand the servers where the servers are physically located.  I never seen this type of setup and wondering if this is causing some of their issues
Sites.JPG
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 250 total points
ID: 40601084
Correct so sites and services are not configured properly. Your remote machines are then authenticating over the wire to your main office. This is the reason why you are getting slow logins.

I personally would not recommend using an RODC as there are too many dependencies that are required from a RWDC in another site. Take a look at a PAQ that i have answered based on pro/con for RODC's.

http://www.experts-exchange.com/Networking/Protocols/DNS/Q_28329964.html

Also you will need to ensure that credential caching is enabled when using RODC to allow subsequetn logins will fail.
See the below link for more details.
https://technet.microsoft.com/en-us/library/cc753470%28v=ws.10%29.aspx

Will.
0
 
LVL 33

Assisted Solution

by:it_saige
it_saige earned 250 total points
ID: 40601092
It is a relevant concern.  And could most definitely cause issues depending upon the overall number of users and authentication requests that your current DC's handle.

I would recommend either RODC's or DC's at each of the remote locations.

-saige-
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Unable to ping a server in the same subnet 10 90
File Screening 1 14
Trying to demote an old DC 3 33
CPU Spiking on Virtual MS Server 2008R2 Running as Terminal Server 1 25
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question