Make sure that you have configure subnets for your primary and remote site
Each subnets in your organization should be associated to a site. This is how DC Locator is working to reach the closest DC
hth
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
i have two sites one is local site (primary domain controller) and another one is remote site ( additional domain controller). I have done the additional domain controller and also created active directory sites and services in the new remote site. This new additional domain controller I put in to new site.
The problem is when I am using to logged into client machine from my local site the traffic is first communicating to this new additional domain controller then after only then its going to my primary domain controller. when I type echo %logonserver% is showing the primary domain controller. But it is trying to authenticated from remote site. we want first it should communicate to primary domain controller in local site if the local site is down then it will be going to communicate to the remote site additional domain controller.
Why it's getting authenticated from different branch when my local RODC is already in Up?
However when I checked the site in client machine it is showing correct site.
But logon server is showing same.
Make sure that you have configure subnets for your primary and remote site
Each subnets in your organization should be associated to a site. This is how DC Locator is working to reach the closest DC
hth
Hello,
The best practice is to create differrent subnet for each office, then create a active directory site for each office which has domain controller , finnaly you should assign each subnet to site closest site to force users closest to contact the closest active directory.
The DCs in the sites closest to a particular site based on site link costs will help clients find a DC as close as possible. This is known as automatic site coverage.
If there is no Site link , user will contact a random DC.
You can refer to the followings link for more details:
Enabling Clients to Locate the Next Closest Domain Controller
https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/enabling-clients-to-locate-the-next-closest-domain-controller
Regards,
Hello,
I just came across this post and wondered if you might be able to advise.
I have a AAA (non-Microsoft server) that uses LDAP/LDAPS to lookup a user for authentication and authorisation. It resides on the same logical network (10.x.x.x) as the domain controller. We have sites and services configured and the subnet belongs to the defined site and the domain controller also resides in there. In our configuration we are referencing the domain name e.g. example.com as the authentication destination and were relying on sites and services to lookup the closest domain controller i.e. the one on the same subnet to handle the authentication request, however we are seeing DNS return other domain controllers outside of the data centre.
I just wanted to confirm if (1) you had to be a Microsoft workstation/server to take advantage of sites and services or if any host on a subnet defined in a site can benefit from it and (2) is there anything else that needs to be configured to ensure the local domain controller is prioritised for the site. We have added additional domain controllers but have ensured that the local one has a lower priority and higher weight than the others.
Thanks,