![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 37%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 61%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHP%3C/text%3E%3C/svg%3E)
Hi Parsian,
To achieve this, I recommend adjusting the Active Directory site topology and subnet configurations. Ensure that your client machines are associated with a site that includes only the DC-based domain controllers. This way, clients will preferentially authenticate with domain controllers in their assigned site.
Additionally, you can modify the DC Locator process by setting registry-based site affinity or using Group Policy to influence domain controller selection. Another approach is to configure the DR domain controller with a lower priority by adjusting its DNS SRV record weight, making it less likely to be selected for authentication.
It’s also a good idea to monitor authentication traffic using tools like Event Viewer or Network Monitor to confirm that the changes are working as expected.
If this answer helped resolve your issue, feel free to hit “Accept Answer” so we know you’re all set 😊
T&B, Harry.