• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 105
  • Last Modified:

how does the \\ADdomain.com share works ?

People,

Can anyone here please suggest me what do I need to do to make sure that the \\domain.com share pointing to the AD DC/GC in my Data Center AD subnet rather than pointing to the Site Office AD subnet ?

Because what I found today is:

My Laptop is in HQ office AD subnet (10.1.3.0/24)
My Data Center AD subnet where all of the Servers running is 10.1.2.0/24
One of my Site Office AD subnet is 192.168.32.0/24

when I browse to the \\domain.com share and also ping the domain.com, it returns the IP address of the Site Office domain controller 192.168.32.100 ?

I was expecting that the IP address or the DC used by the domain.com is coming from 10.1.30.100 (HQ office DC) or at least coming from the Data Centre Domain Controller IP 10.1.2.100

Why is that happening ? the result from the command below on my workstation
echo %LOGONSERVER% is returning  10.1.30.100 (HQ office DC).
0
Senior IT System Engineer
Asked:
Senior IT System Engineer
  • 5
  • 3
  • 2
  • +1
6 Solutions
 
arnoldCommented:
The way a domain based share works is based on DC referrals.
There are distinction whether the domain share is a link versus a target.
A link is more of an alias saying go to \\someserver\someshare.
A target is not seen by the client, all the user/client sees is that they are accessing \\domain.com\share whether it is served by server1, server2, server3 or server4. target based setup makes a transition from an old server to a new server transparent to the user if done right. I.e. Make the server being retired undesirable in terms of referral and allowing time for users who are accessing it to .... Shift away.

The referral distribution can be controlled by defining that you want the referral based on proximate and is part of AD site.

There are weighted referrals as well. It depends on your setup.

In your case it is possible that \\domain.com\sharename has two targets
1) is a server in the data enter
2) is the officeserver
Based on your ad site design/DFS referal the HQ server has the office fileserver seen as closer than the data center.

I believe I cover most aspects in your question.

If you need something further clarified, please post.
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
I'm bit confused arnold.

Because the server that I see on the \\domain.com share is far way than the Data Center geographically.
why is that I got the farthest server for my share here ?
0
 
arnoldCommented:
You have to look at the DFS management interface  namespace, referal policy.

It might be that the cost to get from where you are to the closer location is higher than to the farther one.  The issue could be a misconfiguration within the AD that has the data center in a separate "site" while the HQ and office are set within the same site.

It could be that referal policy is to prefer the office while the datacenter is accessed in case of a failure.

To investigate, ad structure, namespace referal ......
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
MaheshArchitectCommented:
Actually the question here is for what purpose you are using \\domain.com ?

If your got logon server from HO location for HO client machines, it is correct
Client should get logon server in his own site only

It might be possible that simply enter / ping \\domain.com can resolve to other site DC because of DNS behaviour, the important thing is your clients should get logon server in his local site unless it is unavailable
AND
Whenever you open any AD snap ins on DC, normally you will get connected to local DC

If you have DFS, DFS is AD site aware application and entering \\domain.com\DFSNameSpace will connect you to DFS server in same site unless it is unavailable

If you don't have DFS name space, then try to avoid \\domain.com to access shares and instead you can access it through actual server NetBIOS name
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
The purpose is to put a script in sysvol to be used as logon script.

Is that the correct place ?
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
@Mahesh: no there is no DFS setup in my AD domain.
0
 
MaheshArchitectCommented:
Ok
U can put script in sysvol (netlogon Share) with pleasure

But do not use \\domain.com as script path in GPO, instead use %logonserver%\netlogon\script.vbs etc

Because \\domain.com output may not get expected DC due to DNS random behaviour

%logonserver% will take client to logon DC hopefully and it works most of the time provided that your AD Subnet to Site attachment is correct, what I mean client subnets should be latched to appropriate \ nearest AD site
Some times I have observed that even %logonserver% would not work as expected for no reason.

In that case best option could be use \\server\netlogon\script.vbs as path where server is NetBIOS name of DC
If you have multiple locations and DCs you need to specify separate GPO for each location so that clients in those locations will get connected to local DC
0
 
David Johnson, CD, MVPOwnerCommented:
pinging domain.com and the dfs share source are 2 different items and don't correlate with each other.
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Ok so I'm this case this has got nothing to do with the AD Sites and Services connection type and definition in my current AD site subnet ?
0
 
arnoldCommented:
Sites and services and the ad layout is how DFS can be set to refer a client to the closest DFS TARGET server.
I.e. You have site1 (HQ)
Site 2 (office)
Site 3 (Data center)
DFS rule/DC to refer based on in the same site
When the systems are
 Subnet is not what causes the DC to refer a target serving the DFS share.
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
THanks !
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

  • 5
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now