[THIN] Win2k Clients authenticate to wrong DC
- From: "Matthew Shrewsbury" <MShrewsbury@xxxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Fri, 11 Jun 2004 13:49:24 -0400
I am having issues with win2k clients authenticating across my wan vs.
to their local DC.
Environment:
1) All servers and clients SP3.
2) Main office with 4 DCs and FSMO roles.
3) Two remote sites with a single DC at each remote site.
4) AD integrated DNS running on 3 DCs one at each site and clients point
to local DNS/DC then across WAN to main site DNS server.
5) Each DC is located in its correct site with the correct subnet
assigned to the site.
6) File and AD replication works fine.
A while ago I changed our Win2k environment to includes sites and
subnets so that remote win2k clients would log into there local DC. This
all seemed to be working fine. We then moved buildings that one of our
remote sites was located in. After that move the clients are back to
authenticating across the wan to our main office from that moved site.
At first I thought that the site DC was not authenticating at all but it
does sometimes authenticate users but most of the times it doesn't (out
of 8 PCs at that site all but 1 authenticate across the wan).
Checks:
1) I checked the event logs on the troublesome site and all appears
fine.
2) I checked DNS and all appears fine. I checked from clients as well.
3) I ran dcdiag and all tests pass.
4) I ran nltest /dclist:domanname and it showed all domain controllers
in the correct sites.
Does anyone have any ideas why the clients won't authenticate to the
local DC? Is there anyway to force the clients to a preferred DC? I am
drawing a major blank at the moment and any help would be most
appreciated.
Matthew Shrewsbury
Network Administrator
Other related posts:
