force dhcp clients to authenticate to specific domain controller

We have several remote offices setup without domain controllers. They are connected via high-speed wan connections to several sites that have Domain controllers.  We use Microsoft DHCP.  Often the clients authenticate in a site with a domain controller much too far away.
How do I force my dhcp clients to authenticate to a specific DC?
I can't use sites and services correct?  ...The ips are doled out by the DCs DHCP.

Thank you for your time in advance!
LVL 9
K BAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Luciano PatrãoICT Senior Infraestructure  Engineer  Commented:
Hi

Answering the question, no you can't.

You can bypass this using different subnets, but this is not very useful for most of Networks.

Jail
0
SreRajCommented:
Hi,

I feel this is done thru the network devices configuration, like switches or routers in the network. There is a configuration parameter IP Helper Address in network devices. This refers to the DHCP Servers from which the VLAN or Subnet can get a DHCP Response. You could configure it as per your requirements and could make it point to specific DHCP Servers.

Also, in the network device configuration, you can specify from which Subnet or VLAN the switch should distribute IP Addresses. So for each location you can specify appropriate subnets and add them to the network devices. Then map those subnets to correct sites using AD Sites & Services console.
0
SreRajCommented:
0
Defend Against the Q2 Top Security Threats

Were you aware that overall malware worldwide was down a surprising 42% from Q1'18? Every quarter, the WatchGuard Threat Lab releases an Internet Security Report that analyzes the top threat trends impacting companies worldwide. Learn more by viewing our on-demand webinar today!

DonNetwork AdministratorCommented:
Often the clients authenticate in a site with a domain controller much too far away.


What is the issue you are experiencing with this ??
0
K BAuthor Commented:
Clients in a particular site authenticate to a domain controller clear across the country as opposed to one that's much closer to them.
0
DonNetwork AdministratorCommented:
I got that part from your original question, what I was asking was what symptoms is that causing for you ??
0
K BAuthor Commented:
You know what? that is a very good question. My client seems to want it to authenticate closer.  perhaps the question is why.
0
DonNetwork AdministratorCommented:
Ok try SETX MyLogonServer %LOGONSERVER% in a logon script

http://support2.microsoft.com/default.aspx?scid=kb;en-us;183495
0
DonNetwork AdministratorCommented:
Yeh, unless you are using DFS and redirected folders I dont see many issues with the distance of the authenticating server
0
K BAuthor Commented:
So does http://support.microsoft.com/kb/183495 actually force a client to authenticate to a specific domain controller?  It seems to set the logonserver variable post-logon, correct?  I am trying to wrap my head around what it accomplishes.
0
DonNetwork AdministratorCommented:
havent tested (no need :)  ) but

http://www.ntweekly.com/?p=5257

setx is still there even in windows 10
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.