|
|
|||
|
Case Study -
Client authentication goes across the WAN Situation: There are two offices located in different cities connecting with T1 line. There is a Windows Server 2003 DC in each office. However, the authenticate of most clients at the branch office goes to the main office site instead of the local site. Cause: If they do not have AD Sites implemented, the client authentication will go across the WAN. Sites are designed for logon traffic and replication traffic control. If they were to implement AD in each site or subnet, the clients would always check for the DC/GC in their own site or subnet first. Global catalog servers register global-catalog-specific service (SRV) resource records in DNS so that clients can locate them according to site or subnet. If no global catalog server is available in the site or subnet of the user, a global catalog server is located in the next closest site. Resolution: 1. Create multiple sites to optimize both server-to-server and client-to-server traffic over WAN links. In the Windows 2000/2003 operating system, inter-site replication automatically minimizes bandwidth consumption between sites. 2. Place at least one domain controller in every site, and make at least one domain controller in each site a global catalog. 3. To provide high performance, availability, and flexibility in distributed environments, use AD multi-master replication. With the multi-master replication, the fully synchronized directory replicas can give users faster performance because they can locate resources using the local directory service rather than by traversing the WAN Post your questions, comments, feedbacks and suggestions Related Topics
Active Directory How to |
|
|
This web is provided "AS IS" with no warranties.
Copyright © 2002-2018
ChicagoTech.net,
All rights reserved. Unauthorized reproduction forbidden.