AD stuff is never easy to explain to someone who is not familiar with it. What those articles state is, that clients get their closest DC based on a information in DNS server and in AD. The client must first select a DC to which he sends a LDAP query to get its site. The site the client is located in , is defined by clients IP configuration and AD configuration under AD Sites and Services (subnet objects are associated with each site). After DC returns site name to the client, the client caches this information in its registry and tries to connect to the DC that is in its site. This info is returned by DNS query. If there are no DC's in a site, then the clients chooses another DC that is advertising itself in that site. If the client is moved to another site, it first contacts DC in its previous site. Because he finds out, that he is not in the optimal site, he repeats the process of selecting new site and its closest DC in a site.
If the site your clients are doesn't have a DC, the a DC from other site will take place. This is called site coverage. See http://support.microsoft.com/?kbid=200498 for more information. Regards Matjaz Ladava, MCSE, MCSA, MCT, MVP Microsoft MVP - Active Directory [EMAIL PROTECTED], [EMAIL PROTECTED] http://ladava.com ----- Original Message ----- From: "Dirk du Plooy - CPX Mngd Services" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, November 18, 2003 3:46 PM Subject: [ActiveDir] Workstations Authentication Hi all, We have a number of subnet's defined in active directory and recently we found some workstations not using there closest DC or GC in order to authenticate. I did find KB247811 for Windows 2000 and KB314861 for Windows XP on locating the optimal domain controller but have a challenge explaining this to non technical "technical" users. My question is do any of you have any more information on this process for me and do any of you know of any documentation explaining in layman's terms why this is happening. Do anybody have a rea life fix for this problem? Regards Dirk du Plooy Analyst Centre Of Excellence (COE) Midrand For: Comparex Africa (Pty) Ltd Company Registration Number 1997/014212/07 Tel: +27 (0) 11 266 5445 Cell: +27 (0) 82 336 5263 e-mail: [EMAIL PROTECTED] e-mail: [EMAIL PROTECTED] List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
