Ken, WINS and broadcast are the normal ways that who to authenticate is found for nt4 and win9x boxes. The WINS server can be offsite, at least one hop away and it still will work ok, or you can make the on-site DC a wins server (it depends on how many sites, how big they are etc and this affects the WINS convergence on large networks). Remember is *doesn't* matter if the link to an offsite wins server goes down, you cannot talk to anything anyway! It will the default to broadcast. (win2k is a little different here, as it will try DNS first ...) A client will register and query the WINS for a list of (a few, not all) DCs. NT4 will set up a secure channel to one. But note it may not be the local one. Win9x and nt4 have no concept of sites (I presume you would create a separate site for you remote site, define its subnet so, as you migrate to win2k they *will* authenticate to the DC in their own site. It becomes tricker with nt4 servers eg running exchange, authenticating users across the world (so to speak) and have the network link crash out - ouch! The email clients just stop! In the face of network failure, clients can broadcast. Servers should be fixed so they are directed to talk to the local DC (using the back fill DS kit). Only one DC can have the PDC FSMO role. I would it expect it to be centrally located, well secured etc. Clients will want to talk to it to change people passwords etc. Hope this helps!
Michael Homsey CSIRO, TIP -----Original Message----- From: Ken Cornetet [mailto:[EMAIL PROTECTED]] Sent: Saturday, 20 April 2002 2:24 AM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] NT4 & Win98 authentication In a native mode AD, how do NT4 & win98 clients (without the AD client piece) authenticate? Let's say I have a remote location (low bandwidth) with a dozen PCs and a W2K DC which is also a GC. Will the DC/GC answer the local clients' logon authentication request broadcasts, or will the clients have to contact whichever DC is running the PDC emulator? I'm hoping it's the former... List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
