Well first off, what roles does exactly DC1 have? If is a RID master, all DC's MUST have some form of contact for pool checks and allocation (also a RID master, upon boot, up will verify to another DC that it is 'ok' to still be a RID master by querying close DC).
Second, if it is PDC emulator, it will also request GPO propagation as PDC emulators are the only domain controller which allow to edit GPO's be default. PDC emulators also are the default primary time source in their respective domains, so all DC's will attempt to sync with it with the default period of 45 minutes to eight hours depending on the offset of accuracy - the more time drifts on each server, the more frequent it updates. Finally you may want to check FRS, you will need to setup partners for each of the DC's (assuming that you have files frequently updating. This just names a few potential reasons for communication. As for GC's, if all servers in the domain are GC, then the infrastructure master is 'allowed' to be on the GC - as well as being a moot point since the dc's no longer need to use the infra master for references. Quote from MS ".. if all the domain controllers are global catalog servers, the domain controller that hosts the infrastructure master role is insignificant because global catalogs do replicate the updated information regardless of the domain to which they belong." -Jon ________________________________________________________________________ Jon Michael Gimpel Sr. NT Systems Specialist PSC - UBS Warburg E-mail: [EMAIL PROTECTED] Global Engineering for Windows Core Technology Microsoft CSM for the Americas -----Original Message----- From: Roger Seielstad [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 07, 2003 3:41 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] site replication, bridgehead server problem While I don't have any hard evidence to back this up, my gut level response is that DC4 is contacting DC1 because of the FSMO roles - most likely the Infrastructure and RID masters (almost definitely the latter). I'd wager you're going to have to make the bridgehead in site 1 the FSMO holding box. ------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -----Original Message----- > From: Thommes, Michael M. [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, January 07, 2003 3:27 PM > To: [EMAIL PROTECTED] > Subject: [ActiveDir] site replication, bridgehead server problem > > > Hi All! > We have a single master domain spread over two sites. "Site1" has > 3 DCs (DC1, DC2, DC3). DC1 holds the FSMO roles. DC2 is a GC. > "Site2" has only > 1 DC (DC4). It is also a GC. Because of the slow link > between Site1 and > Site2 and with firewalls on each end (what fun!), we are > trying to assign > Bridgehead servers on each site. With Site2 only having 1 > DC, it (DC4) > should automatically be the bridgehead server for that site. We have > identified DC2 as the bridgehead server for Site1. > > Firewall logs indicate that DC4 still wants to communicate with > DC1, along with DC2. In addition, replmon (on DC2), when asked to > show bridgehead servers for the enterprise, shows the following: > > Inbound Outbound > DC4 X X > DC1 X > DC2 X > > Intrasite transport is IP. "Bridge all site links" has been unchecked > on the Transport properties dialog box. All respective DCs have > been rebooted. > > We really would like DC4 to communicate with DC2 only. Can anyone > tell me what we're missing? I have come across Technet articles that > talk about > restricting RPC calls to a specific range of ports as a workaround for > dynamic RPC regarding AD and FRS replication. Anyone have > any experience > with doing this? > > Also, with all the email going on about global catalog servers, I > thought the rule was that you DIDN'T want to run a GC on an DC that > holds the Infrastructure Master role. > > Any thoughts are appreciated! Thanks. > > Mike Thommes > Argonne National Laboratory > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ Visit our website at http://www.ubswarburg.com This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. This message is provided for informational purposes and should not be construed as a solicitation or offer to buy or sell any securities or related financial instruments. List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
