Hello, I am currently running a multi-site Windows 2008 R2 functional level domain between 2 sites. I have Sites and Services separated by subnets (172.17.0.0) and (172.16.0.0) and replication all works properly. This design works great to keep things local that should stay local, and to ensure policy goes to proper site. DNS is ADI. Clients point to local site DNS first, secondary site DNS second. Is there a way that I can ensure that if Site A's DCs are downed completely, we cross campus to Site B. With this simply work with my current design, pointing to second sites DNS, which references all DCs? To be fair, I haven't pulled a DC down to test, and it might work already, but since Server 2008 r2 won't broadcast it's services over the WAN link, I'm not certain. Basically, my question is... does Sites and Services steer a user to authenticate to local site, and then after not finding an available DC allow them authentication to other sites, OR does it restrict to authenticate ONLY at that site's specific DCs? Thanks, let me know if you need any more info. Eric

Sorry, what I meant was it's the client initiating the authentication via SRV records and not the server broadcasting out like a DHCP server would. You verified exactly my thoughts, much appreciated JM.