how does the \\ share works ?


Can anyone here please suggest me what do I need to do to make sure that the \\ share pointing to the AD DC/GC in my Data Center AD subnet rather than pointing to the Site Office AD subnet ?

Because what I found today is:

My Laptop is in HQ office AD subnet (
My Data Center AD subnet where all of the Servers running is
One of my Site Office AD subnet is

when I browse to the \\ share and also ping the, it returns the IP address of the Site Office domain controller ?

I was expecting that the IP address or the DC used by the is coming from (HQ office DC) or at least coming from the Data Centre Domain Controller IP

Why is that happening ? the result from the command below on my workstation
echo %LOGONSERVER% is returning (HQ office DC).
LVL 10
Senior IT System EngineerIT ProfessionalAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

The way a domain based share works is based on DC referrals.
There are distinction whether the domain share is a link versus a target.
A link is more of an alias saying go to \\someserver\someshare.
A target is not seen by the client, all the user/client sees is that they are accessing \\\share whether it is served by server1, server2, server3 or server4. target based setup makes a transition from an old server to a new server transparent to the user if done right. I.e. Make the server being retired undesirable in terms of referral and allowing time for users who are accessing it to .... Shift away.

The referral distribution can be controlled by defining that you want the referral based on proximate and is part of AD site.

There are weighted referrals as well. It depends on your setup.

In your case it is possible that \\\sharename has two targets
1) is a server in the data enter
2) is the officeserver
Based on your ad site design/DFS referal the HQ server has the office fileserver seen as closer than the data center.

I believe I cover most aspects in your question.

If you need something further clarified, please post.
Senior IT System EngineerIT ProfessionalAuthor Commented:
I'm bit confused arnold.

Because the server that I see on the \\ share is far way than the Data Center geographically.
why is that I got the farthest server for my share here ?
You have to look at the DFS management interface  namespace, referal policy.

It might be that the cost to get from where you are to the closer location is higher than to the farther one.  The issue could be a misconfiguration within the AD that has the data center in a separate "site" while the HQ and office are set within the same site.

It could be that referal policy is to prefer the office while the datacenter is accessed in case of a failure.

To investigate, ad structure, namespace referal ......
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Actually the question here is for what purpose you are using \\ ?

If your got logon server from HO location for HO client machines, it is correct
Client should get logon server in his own site only

It might be possible that simply enter / ping \\ can resolve to other site DC because of DNS behaviour, the important thing is your clients should get logon server in his local site unless it is unavailable
Whenever you open any AD snap ins on DC, normally you will get connected to local DC

If you have DFS, DFS is AD site aware application and entering \\\DFSNameSpace will connect you to DFS server in same site unless it is unavailable

If you don't have DFS name space, then try to avoid \\ to access shares and instead you can access it through actual server NetBIOS name

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Senior IT System EngineerIT ProfessionalAuthor Commented:
The purpose is to put a script in sysvol to be used as logon script.

Is that the correct place ?
Senior IT System EngineerIT ProfessionalAuthor Commented:
@Mahesh: no there is no DFS setup in my AD domain.
U can put script in sysvol (netlogon Share) with pleasure

But do not use \\ as script path in GPO, instead use %logonserver%\netlogon\script.vbs etc

Because \\ output may not get expected DC due to DNS random behaviour

%logonserver% will take client to logon DC hopefully and it works most of the time provided that your AD Subnet to Site attachment is correct, what I mean client subnets should be latched to appropriate \ nearest AD site
Some times I have observed that even %logonserver% would not work as expected for no reason.

In that case best option could be use \\server\netlogon\script.vbs as path where server is NetBIOS name of DC
If you have multiple locations and DCs you need to specify separate GPO for each location so that clients in those locations will get connected to local DC
David Johnson, CD, MVPOwnerCommented:
pinging and the dfs share source are 2 different items and don't correlate with each other.
Senior IT System EngineerIT ProfessionalAuthor Commented:
Ok so I'm this case this has got nothing to do with the AD Sites and Services connection type and definition in my current AD site subnet ?
Sites and services and the ad layout is how DFS can be set to refer a client to the closest DFS TARGET server.
I.e. You have site1 (HQ)
Site 2 (office)
Site 3 (Data center)
DFS rule/DC to refer based on in the same site
When the systems are
 Subnet is not what causes the DC to refer a target serving the DFS share.
Senior IT System EngineerIT ProfessionalAuthor Commented:
THanks !
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.