• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 387
  • Last Modified:

force dhcp clients to authenticate to specific domain controller

We have several remote offices setup without domain controllers. They are connected via high-speed wan connections to several sites that have Domain controllers.  We use Microsoft DHCP.  Often the clients authenticate in a site with a domain controller much too far away.
How do I force my dhcp clients to authenticate to a specific DC?
I can't use sites and services correct?  ...The ips are doled out by the DCs DHCP.

Thank you for your time in advance!
0
K B
Asked:
K B
  • 5
  • 3
  • 2
  • +1
1 Solution
 
Luciano PatrãoICT Senior Infraestructure  Engineer  Commented:
Hi

Answering the question, no you can't.

You can bypass this using different subnets, but this is not very useful for most of Networks.

Jail
0
 
SreRajCommented:
Hi,

I feel this is done thru the network devices configuration, like switches or routers in the network. There is a configuration parameter IP Helper Address in network devices. This refers to the DHCP Servers from which the VLAN or Subnet can get a DHCP Response. You could configure it as per your requirements and could make it point to specific DHCP Servers.

Also, in the network device configuration, you can specify from which Subnet or VLAN the switch should distribute IP Addresses. So for each location you can specify appropriate subnets and add them to the network devices. Then map those subnets to correct sites using AD Sites & Services console.
0
 
SreRajCommented:
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
DonNetwork AdministratorCommented:
Often the clients authenticate in a site with a domain controller much too far away.


What is the issue you are experiencing with this ??
0
 
K BAuthor Commented:
Clients in a particular site authenticate to a domain controller clear across the country as opposed to one that's much closer to them.
0
 
DonNetwork AdministratorCommented:
I got that part from your original question, what I was asking was what symptoms is that causing for you ??
0
 
K BAuthor Commented:
You know what? that is a very good question. My client seems to want it to authenticate closer.  perhaps the question is why.
0
 
DonNetwork AdministratorCommented:
Ok try SETX MyLogonServer %LOGONSERVER% in a logon script

http://support2.microsoft.com/default.aspx?scid=kb;en-us;183495
0
 
DonNetwork AdministratorCommented:
Yeh, unless you are using DFS and redirected folders I dont see many issues with the distance of the authenticating server
0
 
K BAuthor Commented:
So does http://support.microsoft.com/kb/183495 actually force a client to authenticate to a specific domain controller?  It seems to set the logonserver variable post-logon, correct?  I am trying to wrap my head around what it accomplishes.
0
 
DonNetwork AdministratorCommented:
havent tested (no need :)  ) but

http://www.ntweekly.com/?p=5257

setx is still there even in windows 10
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

  • 5
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now