How can i determine is my SITE A users are only authenticating to my Site A Domain Controllers.
I have several sites across the us and I understand the concept of utilizing site and servers to have those user in that particular subnet to logon to their nearest domain controller versus reaching back to a HQ domain controller clear across the US. What I am looking for is an artifact showing for example Site A users are only authenticating to the domain on Site A DC not Site EFG.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you all so much, travel took me away but this advise was truly helpful. Sometimes we simply forget these processes.
Once you latch any subnet to specific AD site (local to client subnet) having DC, clients try to login with DC in that site by default
if local DC is not available, now there are two options, it looks for other site which is part of site link where the local site is also member of
If that site Dc is also not available, then AD will try to locate any random available DC
If you have HQ and branches, you should use hub and spoke topology where each site link contains one branch site and HQ site, if client fails to find local DC in local branch, it will try to authenticate HQ site DC
But obvious secondary DNS on client should point to DC in HQ site