If you don't put DCs in sites and associate subnets with the sites, the locator process reduces to selecting the first responding DC. Depending on DC loads and WAN latency, you easily get authentications directed to almost anywhere on the network. It works, but not efficiently.
-g -----Original Message----- From: Roger Seielstad [mailto:roger.seielstad@;inovis.com] Sent: Thursday, October 24, 2002 4:59 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Sites with no DC >From experience, I wouldn't trust the locator to get 'close' very >often. During our initial deployment, the WAN team changed the IP pools of our VPN concentrators. After looking through some of the logs on domain controllers, we were seeing a very random distribution of authentication, with some authentication happening 4 WAN hops away, when there were multiple DCs on different local subnets. I'd strongly suggest creating a subnet object for each subnet on your network, and associating each of them with a site. ------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -----Original Message----- > From: Garello, Kenneth [mailto:KGarello@;worcester.edu] > Sent: Wednesday, October 23, 2002 5:07 PM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] Sites with no DC > > > How much overhead does leaving it up to the locator incur? > > Ken > > -----Original Message----- > From: Gil Kirkpatrick [mailto:gilk@;netpro.com] > Sent: Wednesday, October 23, 2002 4:37 PM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] Sites with no DC > > Hey Don, > > Is this your first post to the list? If so, welcome. > > To answer your question, no you don't have to create a site > for each subnet. You can associate multiple subnets with a > single site. Or you can leave the subnets unassigned, and the > DC locator will do its best to find a DC "close" to the > authenticating PC. > > -gil > -----Original Message----- > From: Don Murawski (Lenox) > [mailto:Don.Murawski@;worldtravel.com] > Sent: > Wednesday, October 23, 2002 1:02 PM > To: [EMAIL PROTECTED] > Subject: [ActiveDir] Sites with no DC > We have subnets without dc's, do you need to create a > site and subnet in Sites and Services anyway for those sites? > > Don L Murawski > > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
