Thanks for the expansion. We are one Site, so I've have no direct experience in setting this up. Our management has decided that rather than more than one site, they will provide bandwidth where it's needed. So far that has been working well.
I think the slowest connection we have to a remote office is roughly equivalent to 10BaseT. In our case all data is at data center, so putting a DC in a remote site would allow them to logon in the event of a WAN outage, but since data is remote, logging on would get them nothing. Bob -----Original Message----- From: Joe Pochedley [mailto:[EMAIL PROTECTED]] Sent: Friday, February 07, 2003 8:06 AM To: NT 2000 Discussions Subject: RE: Choosing domain controllers To expand a little on what Robert said.... Use Active Directory Sites and Services to set up different sites within your domain... From there you can assign which DC's are responsible for which subnets. Therefore when a user goes to authenticate, he will always attempt to authenticate to a local DC first. If you so desire you can also decrease the replication time between sites to decrease the amount of replication traffic over your VPN links. Using ADSS, you can also set it so that only one DC at each site replicates to the other DC's across the WAN links which can further reduce replication chatter. This works great in Native mode, but if you're still in Mixed mode those DC's who aren't replicating directly with the FSMO with generate 1586 errors in the Directory Service event log. Hope that helps. Joe Pochedley If you have time to do it twice, you had time to do it right in the first place. -----Original Message----- From: Turner, Robert D. Jr [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 06, 2003 6:46 PM To: NT 2000 Discussions Subject: RE: Choosing domain controllers That is what Sites are for. Bob -----Original Message----- From: Michael Staines [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 06, 2003 5:56 PM To: NT 2000 Discussions Subject: Choosing domain controllers My company has multiple offices throughout the country. due to the way the departments have formed it was not feasible to run multiple Domains throughout the multiple offices. We created a single 2000 domain which is in all our offices. We created VPNs between the offices, and replicate between DCs that are in each physical location. We have been having some problem with one office. The replication between the offices is set to the default 15 minutes, however, we are finding that sometimes a user will actually login through a domain controller that is not the DC in his office (someone in NY will verify on a DC in Chicago). Its not the biggest deal in the world, but if a user lock out his account, we either have to wait 15 minutes (or less) for the lockout to replicate to our DC, or try and find the DC that the user locked themselves out of. I was wondering if anyone knows of a way to mandate a Domain controller. Some way of saying to the computer, "check for this DC first then look somewhere else" Any ideas would be helpful Thanks Mike ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% CONFIDENTIALITY NOTICE: This E-Mail is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you have received this communication in error, please do not distribute and delete the original message. Please notify the sender by E-Mail at the address shown. Thank you for your compliance. ... ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% CONFIDENTIALITY NOTICE: This E-Mail is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you have received this communication in error, please do not distribute and delete the original message. Please notify the sender by E-Mail at the address shown. Thank you for your compliance. ... ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
