Did you make one DC in each site a GC? R -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Matthew Shrewsbury Sent: Friday, June 11, 2004 4:45 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Win2k Clients authenticate to wrong DC Thanks you for the suggestion. I forgot to mention that I have also tried netdiag and all tests pass. I also tried ipconfig /registerdns. I have checked from a few domain controllers and the subnets look perfect. *head scratching*, any suggestions are welcome! -----Original Message----- From: Paul DeHaan [mailto:wppad@xxxxxxxxx] Sent: Friday, June 11, 2004 4:16 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Win2k Clients authenticate to wrong DC Netdiag is sometimes helpful to figure out these things. You might check under your subnet properties for that location (sites & services mmc) to make sure that it didn't somehow get changed to the wrong site. I might also manually run "ipconfig /registerdns" from the DC in that site that isn't working as you'd like. HTH, Paul >>> MShrewsbury@xxxxxxxxxxxxxxx 06/11/04 01:49PM >>> I am having issues with win2k clients authenticating across my wan vs. to their local DC. Environment: 1) All servers and clients SP3. 2) Main office with 4 DCs and FSMO roles. 3) Two remote sites with a single DC at each remote site. 4) AD integrated DNS running on 3 DCs one at each site and clients point to local DNS/DC then across WAN to main site DNS server. 5) Each DC is located in its correct site with the correct subnet assigned to the site. 6) File and AD replication works fine. A while ago I changed our Win2k environment to includes sites and subnets so that remote win2k clients would log into there local DC. This all seemed to be working fine. We then moved buildings that one of our remote sites was located in. After that move the clients are back to authenticating across the wan to our main office from that moved site. At first I thought that the site DC was not authenticating at all but it does sometimes authenticate users but most of the times it doesn't (out of 8 PCs at that site all but 1 authenticate across the wan). Checks: 1) I checked the event logs on the troublesome site and all appears fine. 2) I checked DNS and all appears fine. I checked from clients as well. 3) I ran dcdiag and all tests pass. 4) I ran nltest /dclist:domanname and it showed all domain controllers in the correct sites. Does anyone have any ideas why the clients won't authenticate to the local DC? Is there anyway to force the clients to a preferred DC? I am drawing a major blank at the moment and any help would be most appreciated. Matthew Shrewsbury Network Administrator ******************************************************** This Week's Sponsor - RTO Software / TScale What's keeping you from getting more from your terminal servers? Did you know, in most cases, CPU Utilization IS NOT the single biggest constraint to scaling up?! Get this free white paper to understand the real constraints & how to overcome them. SAVE MONEY by scaling-up rather than buying more servers. http://www.rtosoft.com/Enter.asp?ID7 ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm ******************************************************** This Week's Sponsor - RTO Software / TScale What's keeping you from getting more from your terminal servers? Did you know, in most cases, CPU Utilization IS NOT the single biggest constraint to scaling up?! Get this free white paper to understand the real constraints & how to overcome them. SAVE MONEY by scaling-up rather than buying more servers. http://www.rtosoft.com/Enter.asp?ID7 ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm ******************************************************** This Week's Sponsor - RTO Software / TScale What's keeping you from getting more from your terminal servers? Did you know, in most cases, CPU Utilization IS NOT the single biggest constraint to scaling up?! Get this free white paper to understand the real constraints & how to overcome them. SAVE MONEY by scaling-up rather than buying more servers. http://www.rtosoft.com/Enter.asp?ID7 ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm