We have a number of copiers (primarily Konica Minolta BizHubs) that are configured to do directory lookups via LDAP for sending scans. In this configuration, we provide a generic DNS name that points to a specific domain controller as the LDAP server. There are no pointers anywhere to any other domain controller. Despite this, we see authentication requests for these copiers in the Event Viewer on at least one other DC. It seems clearly be related to LDAP because it is using the account assigned for this purpose and the source IP is that of the copier. Every other thing that we have doing LDAP only queries the listed domain controller(s), and I am at a loss as to how the copier is being directed to the other DC. Is there some mechanism through which the intended DC is pointing the request to another DC, or is there perhaps more than meets the eye in what the copier is doing?
We are trying to demote a particular DC, but I want to understand why this DC is seeing these requests before doing so-I don't want to break scanning from the copiers. As an addendum to this question, is it a bad idea to maybe just shut the DC down for a few days to make sure things work, and then just bring it back up after a few days and do the demotion? I have tried to research best practices on that, but found mixed recommendations. ~~~~~~~~~~ Bill Mayo Pitt County MIS
