Ulf,
Thanks for clarification.
I will follow your advices. :)
Just an OT ... i found your windows server 2003 book on amazon.com here
http://www.amazon.de/exec/obidos/ASIN/3866456042
Do you have english (or french version) of the book available ?
Cheers,
Yann
"Ulf B. Simon-Weidner" <[EMAIL PROTECTED]> a écrit :
v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);}
Hello Yann,
youre welcome!
No it is not best practice to disable it. The effect you have is only
happening if a Site has no DC assigned to it, or if a single DC of a Site is
offline for a while. It is important that the Clients are able to look up a DC,
and if you disable Automatic Site Coverage and a Site is without a DC for some
time Clients may experience longer logon times, and they might fall back on a
DC which is in a site which goes over multiple WAN links. Id say best practice
is to keep the Automatic Site Coverage active, and check once in a while if
there are wrong registrations which you may delete if the DCs of that Site are
back online. They will also dissolve if you enable aging and scavenging.
Also what some customers are doing is the following: Assuming a Star-shaped
Network Topology with a Hub-Site where each Branch connects to, they are
configuring the DCs of the Hub-Site to register their SRV-Records at the Branch
Sites with a lower Priority than default, therefore the Branch-Office Clients
will use the Branch-Office DC as long as its available but fall back to the
Hub DCs when the BO-DC is not available.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile & Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811D
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Yann
Sent: Mittwoch, 24. Januar 2007 11:19
To: [email protected]
Subject: RE : RE: [ActiveDir] Question about DNS SRV registration.
Hello Ulf,
Thanks so much for such explainations ! That rocks !
2 interesting points you pointed to me
So if i understand, it is good practice, in my case, to disable automatic
site coverage ?
After checking our production, Automatic site coverage is effectively set
to disable (set on default domain controller policy). So it seems that DCa is
still advertising himself as DC in site B. I will look why the process does not
work in our case... :(
We did not configured automatic aging/scavenging, i will look also into
this option.
Thanks again,
Yann
"Ulf B. Simon-Weidner" <[EMAIL PROTECTED]> a écrit :
Hello Yann,
this is usual and happens because Site B was configured in Active Directory
before DC B was there and assigned to that site. Automatic Site Coverage is the
process which is taking care of this effect. What it does, is making sure that
every site in Active Directory has DCs. If a DC detects a site which has no DCs
assigned to it, it will try to figure out if hes a close DC (not crossing
multiple site-links) and assigning himself to that site.
So since Site B was configured and DC A was the only DC in your
environment, DC A decided to advertise himself as DC in Site B. However since
DC B exists now, DC A will not refresh those records, and if you have aging and
scavenging configured the old records of DC A in Site B will vanish.
You can also delete those records if you wish, as long as the records of DC
B are registered in Site B you can delete the records of DC A in Site B,
however make sure that you are only deleting the SRV-Records underneath the
DNS-Subdomains of the Site-specific Records in the Site B-DNS-Domains (looks
like folders in the DNS Managementconsole).
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile & Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811D
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Yann
Sent: Dienstag, 23. Januar 2007 22:28
To: [email protected]
Subject: [ActiveDir] Question about DNS SRV registration.
Hello all and happy new year:-),
Say:
-> Site A with DCa that is also dns (integrated to AD).
-> Site B that is a new site.
my goal: dcpromo a new DC (DCb) in site B.DCb will be also dns
(integrated to AD).
-> DCa & DCb belong to the same domain (domain.local).
My AD is w2k3 FFL mode.
In order to add the new DCb in the existing domain.com, DCb is dns
client to DCa.
When dcpromo is finished, i configured:
- DCb as dns client for himself
- DCa as secondary dns sever for DCb.
Everything looks good .. BUT:
When clients in site B ask for all DCs in site B (with netlogon
process),DCb returns DCb and DCa !
a nslookup set type=srv _ldap._tcp.siteB._sites.domain.local shows the 2
DCs
-> DCa.domain.local
-> DCb.domain.local
When i search in dns console, i found that DCa still present in site B, i
think, this is due to the fact that DCb's nic allow dynamic update and thus
dynamically records DCa srv records.
The only way i found to avoid DCb returning DCa to clients in site B is
to delete srv records for DCa in dns (site B).
Question:
What is the best practice to avoid DCb to return DCa to clients and where
in the process i'm wrong ?
Thanks,
Yann
---------------------------------
Découvrez une nouvelle façon d'obtenir des réponses à toutes vos questions
! Profitez des connaissances, des opinions et des expériences des internautes
sur Yahoo! Questions/Réponses.
---------------------------------
Découvrez une nouvelle façon d'obtenir des réponses à toutes vos questions !
Profitez des connaissances, des opinions et des expériences des internautes sur
Yahoo! Questions/Réponses.
---------------------------------
Découvrez une nouvelle façon d'obtenir des réponses à toutes vos questions !
Profitez des connaissances, des opinions et des expériences des internautes sur
Yahoo! Questions/Réponses.
