Announcement

Collapse
No announcement yet.

AD FSMO Transfer - Users still connect to old DC

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AD FSMO Transfer - Users still connect to old DC

    Hi,

    I am in the process of transferring to my 2003 R2 DC to a new server running 2008 R2.


    I have just completed the transfer of all FSMO roles to new server but now i have a silly question.

    Why do all my users still authenticate/connect to older DC even after I have transferred all FSMO roles?

    Am I missing something? BTW both server are running DNS but not DCHP.


    Any help would be appreciated.

  • #2
    Re: AD FSMO Transfer - Users still connect to old DC

    Users just connect to a DC. FSMO has nothing to do with the client. Active Directory is a distributed directory service, but there has to be some control over it. That is where the FSMO roles are for. The clients ask the DNS server for a logon server.

    When you demote the old dc, the dns records will and can be removed.
    gerth

    MCITP sa, ea & va, [email protected]

    Comment


    • #3
      Re: AD FSMO Transfer - Users still connect to old DC

      OK thanks, but how to I force my users to Authenticate/connect through my new server?

      Comment


      • #4
        Re: AD FSMO Transfer - Users still connect to old DC

        I have even set my DNS priority through registry to insure new server is set with highest priority but still when I login through my test machine I am authenticated through the old server.

        My test PC Primary DNS is pointing to my new server.


        Has anyone got any other suggestions?

        Comment


        • #5
          Re: AD FSMO Transfer - Users still connect to old DC

          AD is designed to allow users to authenticate via any DC, with preference to the local site. Changing DNS just changes which DC responds with the name of a DC to authenticate against, not the actual DC. If you want to change priorities, you will need to modify SRV records to reflect this.

          Retire (DCPROMO) the old DC and users will use the new one
          Tom Jones
          MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
          PhD, MSc, FIAP, MIITT
          IT Trainer / Consultant
          Ossian Ltd
          Scotland

          ** Remember to give credit where credit is due and leave reputation points where appropriate **

          Comment


          • #6
            Re: AD FSMO Transfer - Users still connect to old DC

            Hi,

            thanks for the reply.

            SRV records have been changed and i have given the newest DC the highest priority but I still cant understand why it still defaults to older server.

            I dont want to run DCPROMO until i'm 100% it's all working ok.

            Comment

            Working...
            X