Share via

Domain Controller Configuration

Parsian02 20 Reputation points
2025-09-18T12:11:53+00:00

Hello Team,

We currently have 4 domain controllers, with 3 located in the Data Center (DC) and 1 in the Disaster Recovery (DR) site. At present, client computers are authenticating against all domain controllers randomly.

Our requirement is to ensure that authentication requests are handled only by the 3 DC-based domain controllers, while the DR domain controller should remain in place solely for replication purposes.

I am looking for a reliable solution that can forward authentication traffic exclusively to the DC domain controllers and not to the DR domain controller.

Best regards,

Windows for business | Windows Server | Directory services | Active Directory
0 comments No comments

1 answer

Sort by: Most helpful
  1. Harry Phan 17,745 Reputation points Independent Advisor
    2025-09-18T12:44:59.5433333+00:00

    Hi Parsian,

    To achieve this, I recommend adjusting the Active Directory site topology and subnet configurations. Ensure that your client machines are associated with a site that includes only the DC-based domain controllers. This way, clients will preferentially authenticate with domain controllers in their assigned site.

    Additionally, you can modify the DC Locator process by setting registry-based site affinity or using Group Policy to influence domain controller selection. Another approach is to configure the DR domain controller with a lower priority by adjusting its DNS SRV record weight, making it less likely to be selected for authentication.

    It’s also a good idea to monitor authentication traffic using tools like Event Viewer or Network Monitor to confirm that the changes are working as expected.

    If this answer helped resolve your issue, feel free to hit “Accept Answer” so we know you’re all set 😊

    T&B, Harry.

    1 person found this answer helpful.
    0 comments No comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.