Detect if Domain Controller is in the Cloud
Hi,
Is there any method at the workstation to determine if the domain controller is in the Cloud as opposed to an on site domain controller. This would pertain to Windows Azure.
You can assume the worksation is fully functional, local Admin account is active, and username can login too.
Thanks.
Is there any method at the workstation to determine if the domain controller is in the Cloud as opposed to an on site domain controller. This would pertain to Windows Azure.
You can assume the worksation is fully functional, local Admin account is active, and username can login too.
Thanks.
I think the question is why would one care where is the domain controller sits.
The only thing I can think of is the latency to the domain controller.
If your machine's latency to the domain controller is more than 10 ms, then you MIGHT have a performance issue.
And if the server in cloud, it will always more than 10 ms.
AD Site reference: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/creating-a-site-design
The only thing I can think of is the latency to the domain controller.
If your machine's latency to the domain controller is more than 10 ms, then you MIGHT have a performance issue.
And if the server in cloud, it will always more than 10 ms.
AD Site reference: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/creating-a-site-design
ASKER
Hi Jian,
I'm not having any issues that need to be addressed per say.
If one were installing workstations and it wasn't able to reach the domain, it would be helpful to know if the domain controller was onsite as part of the LAN as opposed to being a domain controller that was in the WAN/cloud based.
I've seen situations where workstations were being installed by 3rd party vendors and no one knew if the domain controller was on site or cloud based.
Thanks.
I'm not having any issues that need to be addressed per say.
If one were installing workstations and it wasn't able to reach the domain, it would be helpful to know if the domain controller was onsite as part of the LAN as opposed to being a domain controller that was in the WAN/cloud based.
I've seen situations where workstations were being installed by 3rd party vendors and no one knew if the domain controller was on site or cloud based.
Thanks.
If you define your sites then the cloud based site would be in its own subnet. workstations would then favor the DC in the site.
Of course, you can always NAME you DCs something logical that defines where they are.
And you can always see which DC is authenticating you with SET L on a command line. (logonserver environment variable).
Of course, you can always NAME you DCs something logical that defines where they are.
And you can always see which DC is authenticating you with SET L on a command line. (logonserver environment variable).
pretty much correct. as long as you can ping your domain controller and it TTL is less than 10ms, you will be right.
And if a workstation that not domain joined, it cannot see the domain you intended.
DNS is the first thing to get it right to query it. If your DNs is wrong, then you will not get it working.
Whether the domain controller is in the cloud or not, that's probably the least to worry.
Network connectivity to the domain controller (Line of sight) is the key.
And if a workstation that not domain joined, it cannot see the domain you intended.
DNS is the first thing to get it right to query it. If your DNs is wrong, then you will not get it working.
Whether the domain controller is in the cloud or not, that's probably the least to worry.
Network connectivity to the domain controller (Line of sight) is the key.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
@lee's answer is closest to accurate. Unfortunately, I vehemently disagree with @Jian's responses.
Latency is important, but unless you have global fiber connectivity, 10 ms worldwide is just BS.
AD DS is fine with anything inclusive and below 80 ms for local connectivity.
If you want more detail, open another question.
Latency is important, but unless you have global fiber connectivity, 10 ms worldwide is just BS.
AD DS is fine with anything inclusive and below 80 ms for local connectivity.
If you want more detail, open another question.
ASKER
Thanks Michael. No biggie, all good input to consider.
@Michael - I understand you disagree with my comment. As you said, 10ms worldwide is unachievable (or BS) , hence this is a key factor to identify whether the server or domain controller is local or remote .
The question asked is "if the domain controller is in the Cloud as opposed to an on site domain controller. "
In a normal circumstance, if you ping the domain controller, and achieve below 10ms, you have high confidence that the server is local. Other wise, it is remote.
The question asked is "if the domain controller is in the Cloud as opposed to an on site domain controller. "
In a normal circumstance, if you ping the domain controller, and achieve below 10ms, you have high confidence that the server is local. Other wise, it is remote.
ASKER
Any opinions on that?
Thanks.