Dean Wells
MSEtechnology
( Tel: +1 (954) 501-4307
* Email: dwells@msetechnology.com
http://msetechnology.com
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Grillenmeier, Guido
Sent: Monday, April 19, 2004 7:36 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] AD Sites and SYSVOLactually, the SYSVOL folder is "just another" share redirected via DFS (which also allows the folder to be replicated via FRS...).I've never really thought about it, but Jorge's comment makes sense, as in a Win2k DFS hierarchy the client will receive a list of link-targets from a DFS server (every DC is a DFS server for SYSVOL) listing the links of the same site as the client at the top of the list - any other DFS link-targets in AD will be randomly ordered (was changed in Win2k3). The DFS client would then check the list from the top until it finds an available target - usually the one in the same site as the client.In the example given, there are no DFS link-targets (SYSVOL in this case) available in a site of the client, so that it would be natural to choose any target, i.e. any DC to access SYSVOL (even if a specific DC had been found to authenticate the user/machine). I guess everyone expects the client to use the same DC as the one found in DNS for authentication - would be worth a test to see if this is really the case. If you've already tested this, it would be good to hear some more about it.If you have a Win2k3 DFS server (or DC, once the domain is upgraded), the list returned from the DFS server still lists the links of the same site as the client at the top of the list, but then lists the other DFS links in an order that respects the site-link costs from the client to the other link targets when adding the targets to the list... So that would mostly solve the problem for you, at least in a star-toplology - but this shouldn't be your main driver to upgrade to 2003... ;-)/Guido
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Montag, 19. April 2004 12:01
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] AD Sites and SYSVOLThe DC locator process is the job of DNS. Your zone records will contain the site-wide and domain-wide list of Domain Controllers. When a client tries to contact a DC, it looks first of all at the site-wide list in DNS and tries to contact a DC in it's own site. If this fails it will select one at random from the domain-wide list.What is required here is some DNS tinkering, you need to manually delete the remote DC records from the domain-wide list on the branch office DNS server.egMain Site DNS server:Site-wide list contains SRV records for DC's in the main siteDomain-wide list contains SRV records for every DC in the domainBranch DNS server 1:Site-wide list contains SRV records for DC's in branch site 1Domain-wide list contains SRV records for every DC in site 1 and the main siteBranch DNS server 2:Site-wide list contains SRV records for DC's in branch site 2Domain-wide list contains SRV records for every DC in site 2 and the main siteWith this scenario, clients in the remote sites can only contact DC's in their own site or in the main site, not in another branch site which I think is what you are after.-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jorge de Almeida Pinto
Sent: 19 April 2004 07:50
To: [EMAIL PROTECTED]
Subject: [ActiveDir] AD Sites and SYSVOLHi Everyone,
In a large AD network (W2K SP3 + hotfixes) only the HUB DCs register the domain-specific SRV RRs and all DCs register the site-specific SRV RRs. When all DCs in a site fail the HUB DCs are contacted. Works as expected, at least for AD info. For SYSVOL info this does not work. When all DCs in a site fail the client enumerates all DCs that host the SYSVOL and it picks the first DC in the list (which is randomly created).
Is there any way to configure DCs so that the following situation exist:
* All DCs provide SYSVOL info for the clients in their respective site
* Only the HUB DCs provide SYSVOL info to clients in a specific site when all the DCs in that site are unavailableAny comment on this appreciated
Thanx!
Regards,
JorgeMet vriendelijke groet / Kind regards,
Jorge de Almeida Pinto
Infrastructure Consultant
__________________________________________<<...OLE_Obj...>>
LogicaCMG Nederland B.V. (BU SD/AT)
Division Industry, Distribution and Transport (ID&T)
Kennedyplein 248, 5611 ZT, Eindhoven
. Postbus 7089
5605 JB Eindhoven
( Tel : +31-(0)40-2957777
2 Fax : +31-(0)40-2957709
( Mobile : +31-(0)6-29067977
* E-mail : [EMAIL PROTECTED]
" <http://www.logicacmg.com/> - Solutions that matter -
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
