Re: Sites - Public / Global adress.

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 01/27/05 

Date: Thu, 27 Jan 2005 13:17:48 -0600

Sites are used to manage replication and authentication within the forest
over slow links. The domain members and the domain controllers need to be on
the same network/subnet in the site for it to work properly in that domain
members tries to authenticate first to domain controller in the site and
this normally would be a "private" network address. Domain members determine
their site by their network address. I am not sure exactly what you are
trying to do but it would be highly unusual to create a site with public
network address. Another thing to check is that for computers with more than
one network adapter, always place the local lan network adapter used for AD
domain traffic at the top of the priority list in network
connections/advanced/advanced settings. --- Steve

"Mike" <Mike@discussions.microsoft.com> wrote in message
news:C4001623-D136-4B65-B4A6-79C5311A6A61@microsoft.com...
> Hi, im having a real nightmare here !
>
> I have an front end exchange server configured inside our DMZ,
> with a public ip address assigned to one of its NICs.
>
> I have entered both network/mask into sites MMC snap-in, and all seems
> fine as rest of out AD implementain works fine. but the front end server
> doesnt
> seem to think its in the correct site although its subnet as been placed
> into our UK site.
>
> the netlogon.log file has the "NO_CLIENT_SITE" error next to this
> machine..
>
> Is it not possible to use Public IP address/mask to define a site ?
>
> We will in the near future be using few public ip's for our support
> personal
> here, and we have the same issue with the few i have tested... being that
> they are not sure what site they are in and try and authenticate from
> random
> DC's.
>
> Is there anyway we can force all "No_CLIENT_SITE" clients to default to a
> certian site or force just a few machines to always authenticate using a
> certain DC.
>
> Please help, this has been driving me crazy all day !
>
> Many thanks,
>
> Mike
>
>
>
>

Relevant Pages

  • Re: Getting MacBook Pro to authenticate with AD (SBS environment)
    ... notebook off of the network. ... about (meaning getting the laptop to authenticate with AD). ... It seems to happen when Active Directory domain controllers are ... Remove Active Directory from the Authentication path in Directory ...
    (microsoft.public.macintosh.general)
  • Re: ipfw plus authentication (authpf is cool but....)
    ... their ipaddress, mac address, workstation os, etc. in our ldap directory. ... gain network access is indeed belongs to that user. ... router first before being allowed to access any server. ... user will authenticate to a web based login form which is tied up ...
    (freebsd-questions)
  • Re: [opensuse] Results of moving ssh to a high port - Zero scriptkiddies in a 24 hour period.
    ... I would generally prefer the password protected key option (to use the ... key you have to authenticate with a password), ... For gaining access to a specific node in your network, ... It raises the security level drastivally, but at what costs, is it ...
    (SuSE)
  • Re: Authenticating users through firewalls VPN
    ... Grab DrTCP and try reducing the MTU size. ... VPN to my internal network. ... it won't authenticate me so will not let me, for example, browse the ...
    (microsoft.public.windows.server.sbs)
  • Re: Intranet / IIS?
    ... If it's protected then IIS will attempt to authenticate everyone. ... securing things would be better than developing my own login etc, ... external visitors to the network are challenged to login (ideally ...
    (microsoft.public.dotnet.framework.aspnet)
Loading