Satellite Office + Specifying Authentication Server

Discussion in 'Active Directory' started by Jef A, Feb 1, 2007.

  1. Jef A

    Jef A Guest

    I have a satellite office i am setting up and i need to make sure users at
    that office authenticate against the server i am setting up there
    (California) and not the server we have at the main office (Atlanta, GA). I
    have used the commands set logonserver to see the server that the
    workstations are authenticating against however is there a way in AD that i
    can specify the order of servers for a particular group?
     
    Jef A, Feb 1, 2007
    #1
    1. Advertisements

  2. Jef A

    Herb Martin Guest

    You should not (in general) try to SPECIFY this but rather setup your Sites,
    Subnets, Site Links, and DC in Sites correctly in AD Sites and Services.

    If you do this then the clients in each Site will strongly prefer their
    local
    DCs, and only attempt to use a remote DC when no local DC is online.

    If you don't know about Sites etc, just let us know.
     
    Herb Martin, Feb 1, 2007
    #2
    1. Advertisements

  3. Jef A

    Jef A Guest

    I am going to gather some more information about using AD Sites and
    Services.

    Thanks this helps tremendously..............
     
    Jef A, Feb 1, 2007
    #3
  4. Jef A

    Herb Martin Guest

    Before making changes ever DC should be able to pass a complete (/C)
    DCDiag with no FAIL or WARN messages.

    Each significant location (esp. those with DCs) should be a separate Site.

    Create sites
    Add Subnets associated with each site to define that site.
    Add Site Links between each site and at least one other site so
    that you have a 'full net' of Site/SiteLinks (generally create a
    SiteLink along the paths of each physical WAN link.)
    Remove the Sites from the Default-IP-SiteLink

    REPLICATE fully at this point. (Check with DCDiag on every DC.)

    Move the DCs into the correct Sites.

    Check with DCDiag on every DC

    Make at least one GC per site -- in a single domain forest every
    DC should be a DC.

    DNS should be available locally at each site, usually AD Integrated
    DNS on the DCs.

    You should do this in any case since you are currently replicating
    inefficiently if you have not completed these definitions.
     
    Herb Martin, Feb 1, 2007
    #4
  5. Jef A

    Jef A Guest

    Ok thanks again for your help


     
    Jef A, Feb 1, 2007
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.