Announcement

Collapse
No announcement yet.

identification of client in domain

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • identification of client in domain

    hai,
    my question is, if i have domain ( one domain) with 2 or 3 dc (more than one)
    and i want to login from a client workstation to domain, wich dc will identify my username /password?
    who decide it? client or dc?
    i think that the ip off the dns in client says wich dc identify me in the domain
    am i right?
    thanks alot sharon

  • #2
    Re: identification of client in domain

    It depends...

    Are all your DC's in the same site? if they are then I think it's random to which DC you are authenticted against. go into a cmd prompt and type "set logonserver". This will tell you which DC you authenticated against.

    If you have multiple sites then depending which DC is in your site and subnet depends on which DC you are authenticated against.

    Hope this helps

    Michael
    Michael Armstrong
    www.m80arm.co.uk
    MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

    Comment


    • #3
      Re: identification of client in domain

      first off all thank you (it was fast)
      all dc in the same site...
      i wiil try to run this command
      and see how its work,
      but i dont think that identification against
      dcs is random, shuld be a rule about that,
      i will keep looking but thank you any way
      sagiv

      Comment


      • #4
        Re: identification of client in domain

        I found this,

        When a client logs on or joins the network, it must be able to locate a domain controller. The client sends a DNS Lookup query to DNS to find domain controllers, preferably in the client's own subnet. Therefore, clients find a domain controller by querying DNS for a record of the form:
        http://support.microsoft.com/kb/247811

        AFAIK it is random

        Michael
        Michael Armstrong
        www.m80arm.co.uk
        MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

        ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

        Comment


        • #5
          Re: identification of client in domain

          Per:

          http://technet2.microsoft.com/Window....mspx?mfr=true

          looks like it's proportionally random based on weight and priority.

          Adjusting the Weight for DNS SRV Records in the Registry

          Adjusting the weight of a domain controller to a value less than that of other domain controllers reduces the number of clients that DNS refers to that domain controller. The value is stored in the LdapSrvWeight registry entry. The default value is 100, but it can range from 0 through 65535. By reducing this value, DNS refers clients to a domain controller less frequently based on the proportion of this value to the value of other domain controllers. For example, to configure the system so that the domain controller hosting the PDC emulator role receives requests only half as many times as the other domain controllers, configure the weight of the domain controller hosting the PDC emulator role to be 50. DNS determines the weight ratio for that domain controller to be 50/100 (50 for that domain controller and 100 for the other domain controllers). After you reduce this ratio to 1/2, DNS refers clients to the other domain controllers twice as often as it refers to the domain controller with the reduced weight setting. By reducing client referrals, the domain controller receives fewer client requests and has more resources for other tasks, such as performing the role of PDC emulator.

          Adjusting the Priority for DNS SRV Records in the Registry

          Adjusting the priority of the domain controller also reduces the number of client referrals. However, rather than reducing it proportionally to the other domain controllers, changing the priority causes DNS to stop referring all clients to this domain controller unless all domain controllers with a lower priority setting are unavailable.

          To prevent clients from sending all requests to a single domain controller, the domain controllers are assigned a priority value. Clients always send requests to the domain controller that has the lowest priority value. If more than one domain controller has the same value, the clients randomly choose from the group of domain controllers with the same value. If no domain controllers with the lowest priority value are available, then the clients send requests to the domain controller with the next highest priority.

          A domain controller's priority value is stored in its registry. When the domain controller starts, the Net Logon service registers with the DNS server. The priority value is registered with the rest of its DNS information. When a client uses DNS to discover a domain controller, the priority for a given domain controller is returned to the client with the rest of the DNS information. The client uses the priority value to help determine to which domain controller to send requests.

          The value is stored in the LdapSrvPriority registry entry. The default value is 0, but it can range from 0 through 65535.
          Certainly worth examining the registry values and seeing if some controlled tweaking is in order.
          Cheers,

          Rick

          ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

          2006-2099 R Valstar. This post is offered "as is" for discussion purposes only with no express or implied warranty of any kind including, but not limited to, correctness or fitness for use. Nothing herein shall be construed as advice. Attempting any activity based on information in this post is done at your own risk.

          Comment


          • #6
            Re: identification of client in domain

            Originally posted by rvalstar View Post
            Per:

            http://technet2.microsoft.com/Window....mspx?mfr=true

            looks like it's proportionally random based on weight and priority.



            Certainly worth examining the registry values and seeing if some controlled tweaking is in order.
            Yeah - I seen something about that but it was in the conext of Exchange. I dont really know why you would want to do that except maybe to stop your more important DC's i.e. ones with the FSMO roles, from being hit as ofter as your other DC's

            Anyone else shed any light on this?

            Michael
            Michael Armstrong
            www.m80arm.co.uk
            MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

            ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

            Comment


            • #7
              Re: identification of client in domain

              the explanations is enough.
              thanks good day
              sagiv

              Comment

              Working...
              X