Make One DC in each of your other sites a GC this should solve your problems and reduce some of your WAN traffic overall. This should also allow people to get mail from an Exchange server.
Ed -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jorge de Almeida Pinto Sent: Thursday, March 31, 2005 7:41 AM To: [email protected] Subject: RE: [ActiveDir] AD Site Confusion OK, that's true... But why not order the domain list from the low cost connected sites to the high cost connected sites and perform round robin between the DCs from each site in the domain list? Greetz Jorge -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: donderdag 31 maart 2005 4:33 To: [email protected] Subject: RE: [ActiveDir] AD Site Confusion > The latter could be optimized when a client asks for the global list > of all DCs for the domain (= all DCs that have registered the domain > specific resource records) the list is ordered, compared to the > clients site, from the lowest I am not sure I like that idea, it mucks with how DNS is working. Round robin should be just that round robin, it shouldn't be the DNS server trying to figure out how best to roundrobin. Plus you would be required to use Windows DNS for that functionality. Prior to this, just limit what gets registered in the DNS global domain record. joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jorge de Almeida Pinto Sent: Wednesday, March 30, 2005 2:41 AM To: [email protected] Subject: RE: [ActiveDir] AD Site Confusion Thanks joe! An additional comment to: #### If none of those DCs are cool, ask for the global list of all DCs for the domain and use one of those. It isn't the most efficient and you will find odd things like clients in Florida hitting DCs in Seattle when there is another DC in another city in Florida that would be better to use. The idea seems to be if you can't use a DC in your site, screw it, use any DC that responds #### The latter could be optimized when a client asks for the global list of all DCs for the domain (= all DCs that have registered the domain specific resource records) the list is ordered, compared to the clients site, from the lowest site cost (on top of the list) to the highest site cost. This way it will try the nearest DCs and if those are not available the DCs that are further away, etc. Maybe in the "longhorn timeframe" ;-) Cheers Jorge -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Wednesday, March 30, 2005 07:26 To: [email protected] Subject: RE: [ActiveDir] AD Site Confusion Jorge keeps saying it in different ways and I think people are missing the point... The coverage of neighboring sites occurs when there is no DC in the site, it doesn't occur when a site's DCs are down. This is all keyed off of the site containers in the configuration. I have seen DCs being promoed into a Domain in a site and the DCs from other sites unregistering their records in that site before the DC is even promoed up, all because the server object in the site already replicated around. So as Jorge as said.... Look up local site DCs by DNS queries to Site based entries for the domain. If none of those DCs are cool, ask for the global list of all DCs for the domain and use one of those. It isn't the most efficient and you will find odd things like clients in Florida hitting DCs in Seattle when there is another DC in another city in Florida that would be better to use. The idea seems to be if you can't use a DC in your site, screw it, use any DC that responds. This is one of the reasons why Exchange doesn't really use the standard mechanism for DC/GC service location. They walk the metrics of the site connections trying to find the closest. joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jorge de Almeida Pinto Sent: Tuesday, March 29, 2005 6:08 AM To: [email protected] Subject: RE: [ActiveDir] AD Site Confusion Hi Neil, Presuming the clients somehow have access to DNS (preferred or alternate) they will first try to reach the DCs in their own site (site A). As all DCs are down in site A the clients then will ask for all DCs in the domain that have registered the domain specific DNS records. For more info on this see: * http://www.windowsitpro.com/Articles/Print.cfm?ArticleID=37935 Authentication Topology by Gil Kirkpatrick * http://www.windowsitpro.com/Windows/Article/ArticleID/40718/40718.html Designing for DC Failover by Sean Deuby Autositecoverage only works for DC-less sites. So yes, it behaves differently for situation 1 (autositecoverage will occur) and 2 (no autositecoverage will occur) Cheers Jorge -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ruston, Neil Sent: dinsdag 29 maart 2005 11:56 To: '[email protected]' Subject: RE: [ActiveDir] AD Site Confusion Thanks Jorge. Are you implying that the answer to the original question is therefore 'no'? This has huge ramifications in the branch office. Or did I simply explain how the answer is 'yes', but for the wrong reasons?? Are you also saying that DCs (and sitecoverage) handle the following 2 scenarios in different ways: 1. No DCs installed in some site 2. DCs installed in some site but non available Can you expand on your previous post please? Thanks, neil -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jorge de Almeida Pinto Sent: 29 March 2005 10:21 To: [email protected] Subject: RE: [ActiveDir] AD Site Confusion I think that's incorrect if you're talking about autositecoverage. Autositecoverage by DCs from some domain for some site will only occur if some site has no DCs from that same domain. Although DCs are down and not available, the DCs in other sites in the same domain see in their own replica that that site has DCs and autositecoverage will occur. Sitecoverage will occur by other DCs if you configured it manually through the registry or a GPO Cheers, Jorge -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ruston, Neil Sent: Tuesday, March 29, 2005 09:25 To: '[email protected]' Subject: RE: [ActiveDir] AD Site Confusion Depending upon your site links, DCs in either site B or C will advertise themselves as available to site A. The DCs in the site with lowest cost to site A will perform this role. What do you mean by 'take down'? Are you taking a WAN link down or powering off the DCs or demoting them or what? neil -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Brown Sent: 28 March 2005 21:55 To: [email protected] Subject: [ActiveDir] AD Site Confusion I have 3 sites, site A has 2 DC's and site B & C each have 1 DC. When I take down site A (both DC's), the clients in Site A cannot log in. Shouldn't they be able to log in using site B or C? Thanks, -- Matt Brown Information Technology System Specialist Eastern Washington University List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ======================================================================== ==== == This message is for the sole use of the intended recipient. If you received this message in error please delete it and notify us. If this message was misdirected, CSFB does not waive any confidentiality or privilege. CSFB retains and monitors electronic communications sent through its network. Instructions transmitted over this system are not binding on CSFB until they are confirmed by us. Message transmission is not guaranteed to be secure. ======================================================================== ==== == List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ======================================================================== ==== == This message is for the sole use of the intended recipient. If you received this message in error please delete it and notify us. If this message was misdirected, CSFB does not waive any confidentiality or privilege. CSFB retains and monitors electronic communications sent through its network. Instructions transmitted over this system are not binding on CSFB until they are confirmed by us. Message transmission is not guaranteed to be secure. ======================================================================== ==== == List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
