How to Authenticate to local server.

[Dan]

Setup: I have two DC (Server1 and Server2)in City B and one DC (Server3) in
City A. The two cities are connected with a point-to-point T1 connection.
Server1 and Server3 are GC servers. All workstations are in City A. when
users logon sometimes they authenticate to the Servers in City B. Is this
normal procedure? I would like all users to auth to Server3 in City A and if
Server3 is down then auth to the other servers.

tia

 

[Tomasz Onyszko]

Setup: I have two DC (Server1 and Server2)in City B and one DC (Server3) in
City A. The two cities are connected with a point-to-point T1 connection.
Server1 and Server3 are GC servers. All workstations are in City A. when
users logon sometimes they authenticate to the Servers in City B. Is this
normal procedure? I would like all users to auth to Server3 in City A and if
Server3 is down then auth to the other servers.

Did You created sites and subnets for Your two locations? City A should
be placed in the site with assigned to it proper subnets in which
workstations from City A belongs .

 

[Dan]

Can you explain on how to do this? The ip addresses at both locations are on
a different subnet.

 

[Tomasz Onyszko]

Can you explain on how to do this? The ip addresses at both locations are on
a different subnet.

In Active Directory structure we have two physical structures:
- Subnets - a network group with a specific IP address range and network
mask.
- Sites - one or more subnets; they're used to configure directory
access and replication.

In Your case we can create two sites:
- City A
- City B

In Your network City A has a network from the class C, for example
192.168.1.x/24 nad City B has also network from the Class C
192.168.2.x/24. So in AD You have to vreate two subnets with proper
addresses and assign them to the sites:
- site City A - 192.168.1.x/24
- site City B - 192.168.2.x/24


Then in the Active Directory Site and Services snap-in You have to place
each server in the proper site - Server1 in the City A site and Server 2
in the City 2 site.

Here:
http://www.microsoft.com/technet/pr...logies/activedirectory/evaluate/05w2kada.mspx

You will find under "Understanding Sites and Subnets" section short
description of the sites and subnets and their role in the AD.

<quote>
When clients log on to a domain, the authentication process first
searches for domain controllers that are in the same site as the client.
This means local domain controllers are used first, if possible, which
localizes network traffic and can speed up the authentication process.
</quote>

Look also here:
http://www.awprofessional.com/articles/article.asp?p=26866

 

[Dan]

I created 2 sites one City A and the other City B. I then under the subnets
folder created the two subnets. and assigned the appropriate sites to the
subnets. when i click on the newely created subnet nothing shows on the
right hand side of screen. Should i reboot all servers or this is ok.

 

[Paul Bergson]

See
http://www.microsoft.com/windows200...design_sitetopology_active_directory_repl.asp

You will need to define all you ip sub-nets in AD Sites and Services
Then define which sites have which subnets, this helps your client to find
the proper dc yet if it isn't available it will go to other sub-nets. If
you don't have an AD primer ($40) I would suggest you get one.

 

[Tomasz Onyszko]

I created 2 sites one City A and the other City B. I then under the subnets
folder created the two subnets. and assigned the appropriate sites to the
subnets. when i click on the newely created subnet nothing shows on the
right hand side of screen. Should i reboot all servers or this is ok.

First of all - after creating domain You hae created default site named
"Default-First-Site-Name" in which all of your DCs are placed. You can
change this name for example to City A, then Create second site for
example CityB

Then You have to create two different subnets and assign them to the
proper Sites.

Then You have to move Server 2 to the cityB subnet


You will don't see anything in the right panel of the subnet - but in
the subnet's properties You will see to which site it is assigned.

I've created simple configuration like Yours and posted the screenshot
of the ADS&S console on my web server:

http://www.w2k.pl/trash/sites.jpg

Then You have to do Your inter-site replication lesson

 

[Dan]

Cool mine looks the same besides ip addresses. Now for the replication
lesson were do i find this.

thanks

 

[Cary Shultz [A.D. MVP]]

Dan,

I might jump in for a second. Tomasz, hope that you do not mind.

You might want to do a search in this NG for some posts that I have made in
response to questions like yours. I have given what I would like to think a
pretty good basic overview of Intersite Replication. I also include a
little bit about Intrasite Replication.

Now, I am just one person and definitely not the best in this NG. So, the
more responses that you receive the better ( well, let's hope that to be the
case ).

HTH,

Cary

Cool mine looks the same besides ip addresses. Now for the replication
lesson were do i find this.

thanks

 

[Tomasz Onyszko]

Dan,

I might jump in for a second. Tomasz, hope that you do not mind.

This is not a private thread so .. You are always welcome to drop Your
suggestions

 

[Cary Shultz [A.D. MVP]]

Okay, Tomasz!

I just like to try to be polite....Glad to know that I can always jump in!

Cary