Dinesh, Try the following... In the registry, navigage to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters registry subkey and set the LdapSrvPriority value to a higher number (any number greater than 0) on the DC(s) that you want to use as backups. The DCs use this value in its _ldap SRV records' priority field. By default this value is set to 0 on every DC (they are all equal, any DC can authenticate any client request). If you have two DCs - MyDC1 and MyDC2 - and you's prefer that your clients would try to authenticate with MyDC1 first then set the registry key above on MyDC2 to any number greater than 0. Let me us know if it worked. Attila
_____ From: [EMAIL PROTECTED] on behalf of Chandra Burra Sent: Mon 1/31/2005 4:48 AM To: [email protected] Subject: Re: [ActiveDir] Windows 2000 logon This is not THE solution but you can try..... Shutdown or disconnect the DC1 you do not want to authenticate from the network. Go to the PC's which you want to connect to DC2 and log in. Bring the DC1 back into the network... -- the pc's which are connected to DC2 still remembers DC2 and go to it for authentication. Regards, Chandra On Mon, 31 Jan 2005 14:39:56 +0530, Tashildar, Dinesh (Cognizant) <[EMAIL PROTECTED]> wrote: > Got it... but this is fine, in case if you have single DC in a site. Lets > say, if I have 2 DC in a site and I wanted group of PC should get > authentication from DC1 and other from DC2 then how can I tell PC's ? > > Note : I know we can achieve this by creating a separate sites for single DC > and assign subnet's to it. I am looking for some other solution, which will > not disturb sites and subnet settings. > ________________________________ > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Mohammed Tantawi > Sent: Monday, January 31, 2005 2:31 PM > To: [email protected] > Subject: RE: [ActiveDir] Windows 2000 logon > > > > As far as I know , the authentication Method done with using DNS Server , > > > > I mean , when you type your user name & password , it take it and it ask the > DNS and tell him the following ( ok, DNS, I have this user name & password > from this PC in the Network , Please I want to validate the user name & > password for this , then DNS Reply . > > > > DNS reply : ok pc, I have here in My records in the Zone , this Server is > making the authentaction , Take His AP-Address and take to him . > > PC : ok, DNS , please give me this IP-Address. > > DNS: ok, IP-address is 192.168.1.1 > > PC: ok, thanks , I will take to this Server now. > > > > PC - To- Server : dear Server, Please I have this user name & > Password , Please Authenticate it . > > > > > > So this is the Process as I know , > > > > So , if you change the IP-Address of the server which is making Kerbroes > Service , I think you will be able to make it, Please tell me if this enough > for you . > > > > > ________________________________ > > > From: Yakir, Ronen [mailto:[EMAIL PROTECTED] > Sent: 21 ?? ?????, 1425 11:47 ? > To: [email protected] > Subject: RE: [ActiveDir] Windows 2000 logon > > > > > Hi > > > > > > As far As I know, there is no way to force a pc to authenticate with a > specific server. > > > > > > > > > > > > > Ronen Yakir > > Customer Support Engineer > > > > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Mohammed Tantawi > Sent: Monday, January 31, 2005 8:11 AM > To: [email protected] > Subject: RE: [ActiveDir] Windows 2000 logon > > What do you mean ? Can you explain More details to help you > > > > Mohammed > > > > > ________________________________ > > > From: Tashildar, Dinesh (Cognizant) [mailto:[EMAIL PROTECTED] > Sent: 21 ?? ?????, 1425 08:44 ? > To: [email protected] > Subject: [ActiveDir] Windows 2000 logon > > > > Hi, > Does anyone know how to force a Windows 2000 Pro PC to logon to a specific > Windows 2000 Server rather than just using any old server that can > authenticate? > > I have tried by changing LOGONSERVER environment variable to force logon to > DC, but its not working. > > Regards, > Dinesh Tashildar > List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
