As I know of the clients do not
choose anything. It is the DNS server that makes the choices for the client and
after that the client receives a list of servers in a certain order to
consult.
That is also a way to do it.
Setting the weight of the W2K3 DCs to 5 and letting the W2K DCs stick
to 100 means the W2K DCs will used for 20 times more than the W2K3 DCs.
However you still cannot control which client uses the w2k3 DC. To see which
client uses which DC you could "enhance" your loginscript and let the client
write its %COMPUTERNAME% and %LOGONSERVER% to some central log file. If I
remember correctly windows 95/98 don't know about the %LOGONSERVER% variable. Or
you could turn on account logon events on the DC.
For more info about DC selection
see:
http://www.windowsitpro.com/Articles/ArticleID/37935/37935.html (by
Gil KirkPatrick)
Cheers,
Jorge
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Smith, Brad
Sent: Monday, September 26, 2005 16:41
To: [email protected]
Subject: RE: [ActiveDir] 2003 DC Deployment Question.
Jorge,
Thanks for the links. I have already got my schema upgrades done, but your
comments light up another possible option. What if I weighted the new DC with a
really low SRV weight such as 5. Would this mean that a very small number
of clients would authenticate against it, or would each client weigh up 100 Vs 5
and choose the 100?
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto, Jorge de
Sent: 26 September 2005 15:29
To: [email protected]
Subject: RE: [ActiveDir] 2003 DC Deployment Question.
Hi,
You cannot tell which user
authenticates to which DC. Clients determine their authenticating DC querying DC
for a SRV RR. With SRV RRs you designate a weight factor and a priority factor.
By default the weight is set to 100 and the priority is set to
0.
SRV RRs with the same priority
are treated as equal and are load balanced by DNS (round robin if enabled -
which by default is in w2k/w2k3).
SRV RRs with a lower priority
value are used first before using SRV RRS with higher values
SRV RRs with higher weight
values are used more frequent than SRV RRs with lower values. If you have SRV RR
with weight = 50 and another with weight = 100. The SRV RR with weight = 100
will be used twice as more as the SRV RR with weight = 50
The only way I can think of
right now to designate a certain DC to users is to create a separate AD site,
place that W2K3 DC in it and assign existing AD subnets to that site where the
new w2k3 DC is. This way the clients/servers on those subnets will use the w2k3
as a DC for authentication
Don't forget that you must
update the schema first before you introduce w2k3 DCs. Downlevel clients are not
AD site aware. You can make them site aware by installing the
DSClient.
For more info on what you are
asking see:
MS-KBQ314649_W2K3 ADPREP Command
Causes Mangled Attributes in W2K Forests That Contain E2K
Servers
MS-KBQ325379_How to Upgrade
Windows 2000 Domain Controllers to Windows Server 2003
MS-KBQ555040_Common Mistakes
When Upgrade Windows 2000 Domain To Windows 2003
MS-KBQ887426_Incorrect Schema extension for OS X prevents ForestPrep from
completing in Windows 2000
MS-KBQ555038_How to
enable Windows 98-ME-NT clients to logon to Windows 2003 based
Domains
Cheers,
Jorge
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Smith, Brad
Sent: Monday, September 26, 2005 16:00
To: [email protected]
Subject: [ActiveDir] 2003 DC Deployment Question.
Hello
All,
I have a number of large sites all running
W2K DC's. I want to migrate them to W2K3 and want to do it bit by
bit. I want to deploy the first W2K3 DC to a site, and have only a handful
of users authenticate to that DC as a pilot. I want to repeat this about
10 times over my largest sites (where different applications and downlevel
client exist) to assess the changes in behaviour before taking the plunge with
the remaining clients. Most subnets in this exercise cater for over
500 clients, and I want to find the easiest way to re-direct 5 clients to the
W2K3 DC's. All clients are W2K SP4 and use DHCP.
TIA for your help.
Brad
This email and any attached files are confidential and copyright protected. If you are not the addressee, any dissemination of this communication is strictly prohibited. Unless otherwise expressly agreed in writing, nothing stated in this communication shall be legally binding.
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
This message has been scanned for viruses by MailControl
