Thanx that article helped a lot, something I was looking for optimizing the AD infrastructure overall.
It has fleeting remarks that, DFS obey site boundaries, so that helps a bit.
I am still novice in DFS,
now I need to know, is \\example.com\netlogon is part of domain DFS?
is domain DFS enabled by default?
U know, i would have tested it myself, by putting a text file in local DC's netlogon folder,
and going to client PC and flushing DNS & opening \\example.com\netlogon to see that file is present or not.
but sadly, I don't have access to netlogon folder.
On 9/7/05, Tony Murray <[EMAIL PROTECTED]> wrote:
I think this is the article you are referring to:Tony
From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Roger Seielstad
Sent: Wednesday, 7 September 2005 2:49 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] DNS resolution - prioritization
You are correct - the DNS server won't provide any intelligence with regards to what it returns to a request. DNS should be returning ALL records for the appropriate domain, which I believe NetLogon on the local machine then parses against AD Sites by subnet.Gil Kirkpatrick wrote an extensive article for Windows IT Pro Magazine (or whatever they're calling it now) about 12-18 months ago that detailed how the whole process works.--------
Roger Seielstad
E-mail Geek
Thanks Roger for the reply,
From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Kamlesh Parmar
Sent: Tuesday, September 06, 2005 12:47 AM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] DNS resolution - prioritization
Problem is not the site setting, you see... when I ping for my domain's DNS name... or access the netlogon folder on DC as \\example.com\netlogon
This DNS resolution, will NOT consider site boundaries and give me appropriate IP of local DC.
this DNS resolution will ask for client's subnet mask and if it finds any matching IP of DC which falls into this client network, it will provide that DC IP as first one. (making sure traffic remains inside LAN)
but, since client IP network is restrictive /21, the server which is there in the same physical LAN but in different subnet, will not be returned as first choice.
I hope it clears it a bit.
On 9/6/05, Roger Seielstad <[EMAIL PROTECTED] > wrote:I'd create smaller subnet records in AD (probably matching the /25 VLANs) and assign those to the sites which house the domain controller which you want them to use. You can keep the /21 subnet entry as a catch all as well, just in case.--------
Roger Seielstad
E-mail Geek
From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Kamlesh Parmar
Sent: Monday, September 05, 2005 3:30 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] DNS resolution - prioritization
Dear All,We have around 50 sites with 80 DCs, all in single domain.Now issue is three sites, have very restrictive network configuration for subnets. (all having 500+ machines)i.e. their subnet specification in AD is 10.*/21but at the network level they have divided this subnet into VLANs with mask of /25, all inclusive in mask /21 defined for subnet at AD level.Problem: when machine tries to find the nearest DC using domain DNS name, DNS server doesn't give IP of nearest DC first.as server falls into only into one of the /25 subnets. ( "subnet mask request" in DNS server is enabled)And as a result, machines go to other DCs for netlogon related activities/scripts. (generating unnecessary WAN traffic, slow login)I am working with Network team to initiate the feasibility of so many VLANs, (long process)and if its possible to merge some VLAN, then I will move the DC in that subnet.Any solution other than hard coding nearest DC in host file of all these machines.Regards,Kamlesh
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Fortune and Love befriend the bold"
~~~~~~~~~~~~~~~~~~~~~~~~~~~
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Fortune and Love befriend the bold"
~~~~~~~~~~~~~~~~~~~~~~~~~~~
This e-mail message has been scanned for Viruses and Content and cleared by NetIQ MailMarshal at Gen-i Limited
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Fortune and Love befriend the bold"
~~~~~~~~~~~~~~~~~~~~~~~~~~~
