Hello,
Thank you so much for posting here.
By default, clients who cannot authenticate with DC's in their site, will try to authenticate with DC's in other sites. By default clients will use any available domain controller, unless the Group Policy setting is enabled: Try Next Closest Site
Then the client leverages the Windows DC Locator Process to identify domain controllers using a combination of AD site cost data and DNS LDAP weights/priorities.
References:
https://learn.microsoft.com/en-us/archive/blogs/askds/sites-sites-everywhere
For any question, please feel free to contact us.
Best regards,
Hannah Xiong
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.