Re: Domain Controller and Login
From: Cary Shultz [A.D. MVP] (cwshultz_at_mvps.org)
Date: 09/10/04
- Next message: Cary Shultz [A.D. MVP]: "Re: Building new domain"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: change server about domain controller primay"
- In reply to: ptwilliams: "Re: Domain Controller and Login"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 10 Sep 2004 10:15:09 -0400
Paul,
Good link. But this is a difficult subject to grasp for a lot of people.
I will expound upon this a bit more - if you do not mind.
Out of the box all Windows 2000 Domain Controllers have a weight of [0] and
a priority of [100]. All clients are supposed to authenticate against the
Domain Controller with the lowest weight ( and there are no negative
numbers, so [0] is pretty much as low as it is going to get!!! ). Should
there be multiple Domain Controllers that have the same weight ( in this
example, [0] ) then the value in the priority 'section' comes into play.
The higher the number, the better ( or, better said, the more likely that
this DC will respond ).
In the case of two Domain Controllers having the same weight ( again, [0] in
this example ) and the same priority ( [100] by default ) a situation is
created whereby both Domain Controllers will authenticate about 50% of the
client requests for authentication. However, if we change the priority so
that DC01 has a priority of [80] and so that DC02 has a priority of [20]
then you know that DC01 is going to respond to about 4x as many requests for
authentication than DC02.
So, if this is what he wants ( a situation in which DC01 responds to 4x as
many authentication requests than DC02 ) this would be the answer.
However, if sounds like he might want to pick and choose his DC ( meaning,
one DC does it all ). In this case he would need to change the weight of
the other DCs to something higher than his DC. So, [1] is just as good as
[100] in this case. So, does this mean that 'his DC' is going to be the
only DC that will respond to authentication requests? No! If 'his DC' is
busy ( meaning that it does not respond within 100 ms ) then the DC(s) with
the next lowest weight will come into play. So, maybe [1] is not just as
good as [100]! That depends on what he wants.
I generally stay away from playing with this and keep it at the defaults.
But, if you have a dog DC that seems to be overworked with these
authentication requests and the logons are taking a bit too long ( and there
are absolutely no DNS or other issues contributing to the long logon ) then
you might want to make that new Dual Xeon 3.06GHz with 2GB of RAM and super
fast Hard Drives and the 10/100/1000 NIC handle more of the load!
HTH,
Cary
"ptwilliams" <ptw2001@hotmail.com> wrote in message
news:eDVLVJelEHA.3988@tk2msftngp13.phx.gbl...
> Yes, sort of. Through weighting the SRV records.
> -- http://support.microsoft.com/?id=306602
>
>
>
> --
>
> Paul Williams
> _________________________________________
> http://www.msresource.net
>
>
> Join us in our new forums!
> http://forums.msresource.net
> _________________________________________
>
>
> "NT" <anonymous@discussions.microsoft.com> wrote in message
> news:84f501c495d0$251bc690$a501280a@phx.gbl...
> We have two DC and several file servers.
> I am wondering is there a way to specify which DC I want
> to connect.
>
> Thanks.
>
>
- Next message: Cary Shultz [A.D. MVP]: "Re: Building new domain"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: change server about domain controller primay"
- In reply to: ptwilliams: "Re: Domain Controller and Login"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
|
