[THIN] Re: Win2k Clients authenticate to wrong DC

• From: "Roger Riggins" <roger.riggins@xxxxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Fri, 11 Jun 2004 21:22:41 -0500

Did you make one DC in each site a GC?

R

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Matthew Shrewsbury
Sent: Friday, June 11, 2004 4:45 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Win2k Clients authenticate to wrong DC

Thanks you for the suggestion. I forgot to mention that I have also
tried netdiag and all tests pass. 

I also tried ipconfig /registerdns.

I have checked from a few domain controllers and the subnets look
perfect.

*head scratching*, any suggestions are welcome!

-----Original Message-----
From: Paul DeHaan [mailto:wppad@xxxxxxxxx] 
Sent: Friday, June 11, 2004 4:16 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Win2k Clients authenticate to wrong DC

Netdiag is sometimes helpful to figure out these things.  You might
check under your subnet properties for that location (sites & services
mmc) to make sure that it didn't somehow get changed to the wrong site.
I might also manually run "ipconfig /registerdns" from the DC in that
site that isn't working as you'd like.  

HTH,
Paul

>>> MShrewsbury@xxxxxxxxxxxxxxx 06/11/04 01:49PM >>>
I am having issues with win2k clients authenticating across my wan vs.
to their local DC.

 

Environment:

 

1) All servers and clients SP3.

 

2) Main office with 4 DCs and FSMO roles.

 

3) Two remote sites with a single DC at each remote site. 

 

4) AD integrated DNS running on 3 DCs one at each site and clients point
to local DNS/DC then across WAN to main site DNS server.

 

5) Each DC is located in its correct site with the correct subnet
assigned to the site.

 

6) File and AD replication works fine.

 

A while ago I changed our Win2k environment to includes sites and
subnets so that remote win2k clients would log into there local DC. This
all seemed to be working fine. We then moved buildings that one of our
remote sites was located in. After that move the clients are back to
authenticating across the wan to our main office from that moved site. 

 

At first I thought that the site DC was not authenticating at all but it
does sometimes authenticate users but most of the times it doesn't (out
of 8 PCs at that site all but 1 authenticate across the wan). 

 

Checks:

 

1) I checked the event logs on the troublesome site and all appears
fine.

 

2) I checked DNS and all appears fine. I checked from clients as well.

 

3) I ran dcdiag and all tests pass.

 

4) I ran nltest /dclist:domanname and it showed all domain controllers
in the correct sites.

 

Does anyone have any ideas why the clients won't authenticate to the
local DC? Is there anyway to force the clients to a preferred DC? I am
drawing a major blank at the moment and any help would be most
appreciated. 

 

Matthew Shrewsbury

Network Administrator

 


********************************************************
This Week's Sponsor - RTO Software / TScale What's keeping
you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single
biggest constraint to scaling up?! Get this free white paper
to understand the real constraints & how to overcome them.
SAVE MONEY by scaling-up rather than buying more servers.
http://www.rtosoft.com/Enter.asp?ID7
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - RTO Software / TScale What's keeping
you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single
biggest constraint to scaling up?! Get this free white paper
to understand the real constraints & how to overcome them.
SAVE MONEY by scaling-up rather than buying more servers.
http://www.rtosoft.com/Enter.asp?ID7
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - RTO Software / TScale What's keeping
you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single
biggest constraint to scaling up?! Get this free white paper
to understand the real constraints & how to overcome them.
SAVE MONEY by scaling-up rather than buying more servers.
http://www.rtosoft.com/Enter.asp?ID7
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm

Other related posts:

• » [THIN] Win2k Clients authenticate to wrong DC
• » [THIN] Re: Win2k Clients authenticate to wrong DC
• » [THIN] Re: Win2k Clients authenticate to wrong DC
• » [THIN] Re: Win2k Clients authenticate to wrong DC
• » [THIN] Re: Win2k Clients authenticate to wrong DC

1. Home
2. thin
3. Archive
4. 06-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---