Re: DC Query
- From: "kj" <kj@xxxxxxxxxxx>
- Date: Sat, 12 Nov 2005 11:32:57 -0700
OK, well I believe this is what I was thinking. Suggest OP research and test
and consider other opinions as I haven't tested it myself (yet, but I have
an ideal candidate in mind!).
Quote from the article
http://support.microsoft.com/default.aspx?scid=kb;en-us;315071
===
"If the setting is applied to one domain controller, reduce the DNS LDAP
priority on the domain controller so that clients are less likely use the
server for authentication. On the domain controller with the increase
priority, use the following registry setting to set LdapSrvPriority:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
On the Edit menu, click Add Value, and then add the following registry
value:
Entry name: LdapSrvPriority
Data type: REG_DWORD
Value: Set the value to the value of the priority that you want."
===
More information can be found in
http://support.microsoft.com/default.aspx?scid=kb;en-us;306602
SRV priority is like MX records and the default priority is 100, so use
something like 200 on the non preferred DC.
--
/kj
"kj" <kj@xxxxxxxxxxx> wrote in message
news:OQPHaI75FHA.2888@xxxxxxxxxxxxxxxxxxxxxxx
> If one were to have capability mismatched servers, like say a Virtual
> Machine or a very low end Server platform providing just a second source
> for AD. Otherwise, like you said Paul, what's the point?
>
> As I recall, there was a way (registery setting?) to have the DC register
> SRV records with a different (lower) priority. It would keep the second DC
> online and replication current, yet not be primary target of logons and
> lookups.
>
> I'll dig around and see if I can find it.....
>
> --
> /kj
> "Paul Bergson" <pbergson@xxxxxxxxxx> wrote in message
> news:%23QM5$x65FHA.1032@xxxxxxxxxxxxxxxxxxxxxxx
>> AD is a multi-master DB why would you not want to so you would have a
>> balanaced work load. If you have set it up so only one responds then you
>> would have to intervene instead of the system doing it automatically for
>> you. If you were to shut this dc off and only turn it on in the event of
>> an
>> emergency you wouldn't have a proper ad replication (Out of sync and
>> tombstoned).
>>
>> I highly, highly recommend against this.
>>
>> --
>>
>>
>> Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
>>
>> This posting is provided "AS IS" with no warranties, and confers no
>> rights.
>>
>>
>> "Arkane" <Arkane@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:480E03AD-B929-4793-8E3C-42C2C33F60C9@xxxxxxxxxxxxxxxx
>>> Hi there,
>>>
>>> We have a single DC (AD Win 2003 Native), we added a secondary DC to
>> provide
>>> a backup for the AD. However we've found that some clients are logged in
>> by
>>> the first DC and some by the second. We thought all clients would be
>> logged
>>> in by the first DC unless the first DC was offline.
>>>
>>> How can we make the clients logon to the first DC and only logon to the
>>> second DC if the first one is offline?
>>>
>>> Thanks.
>>
>>
>
>
.
- Follow-Ups:
- Re: DC Query
- From: Arkane
- Re: DC Query
- References:
- Re: DC Query
- From: Paul Bergson
- Re: DC Query
- From: kj
- Re: DC Query
- Prev by Date: Re: security vs. distribution groups?
- Next by Date: Re: security vs. distribution groups?
- Previous by thread: Re: DC Query
- Next by thread: Re: DC Query
- Index(es):
Relevant Pages
|
