I have a site @ 600 users, with dual 100mb links between the primary and secondary site (a datacenter). We have a sensitive network application being deployed and find people getting kicked out of it because the server cannot authenticate them fast enough (1ms is the limit, don't ask why). So on some of the servers I keep finding their 'logonserver' being listed as the 3rd DC in the datacenter. In AD Sites/Services there is full replication between all 3, and while the link is a full fiber 100mb connection, I wanted to keep that locally.
I wouldn't normally think anything of it, but the application developers are pointing this out as the potential problem so I have to make it so all computers and servers in the primary network do not talk to the DC in the datacenter. In DNS no one is pointing to the remote site, so I guess the remote server is just responding faster than the local dc's. WINS/DHCP/DNS all have replication to this DC as well. Isnt there a simple way to do that? I know ive read up on wan links etc and I can force a particular domain controller in the registry but that's not going to be a fun permanent solution I don't think. Thanks ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
