Home | Troubleshooting |  Quick Setup  |  Cisco How to  |  Wireless  |  Forums   | Site Map | Services  | About Us | Chicagotech MVP  | Search  | Contact Us  |              

 

 

Case Study - Client authentication goes across the WAN

Situation: There are two offices located in different cities connecting with T1 line. There is a Windows Server 2003 DC in each office. However, the authenticate of most clients at the branch office goes to the main office site instead of the local site.

Cause: If they do not have AD Sites implemented, the client authentication will go across the WAN. Sites are designed for logon traffic and replication traffic control. If they were to implement AD in each site or subnet, the clients would always check for the DC/GC in their own site or subnet first. Global catalog servers register global-catalog-specific service (SRV) resource records in DNS so that clients can locate them according to site or subnet. If no global catalog server is available in the site or subnet of the user, a global catalog server is located in the next closest site.

Resolution: 1. Create multiple sites to optimize both server-to-server and client-to-server traffic over WAN links. In the Windows 2000/2003 operating system, inter-site replication automatically minimizes bandwidth consumption between sites.

2. Place at least one domain controller in every site, and make at least one domain controller in each site a global catalog.

3. To provide high performance, availability, and flexibility in distributed environments, use AD multi-master replication. With the multi-master replication, the fully synchronized directory replicas  can give users faster performance because they can locate resources using the local directory service rather than by traversing the WAN

Post your questions, comments, feedbacks and suggestions

Contact a consultant

Related Topics

Active Directory How to
Active Directory Overview
AD Operations Overview
Troubleshooting AD

 

 


 

 

Hit Counter   This web is provided "AS IS" with no warranties.
Copyright 2002-2015 ChicagoTech.net, All rights reserved. Unauthorized reproduction forbidden.