DHCP options
I had a question regarding DHCP settings. I am still learning so I apologize ahead of time. I am wondering if their is a setting within DHCP that can point users to a certain DC. We have 3 sites and two domain controllers are at the main
site and one DC is at each of the others. I want to make sure each user is connecting to the right dc. Thanks
June 27th, 2013 3:02pm
DHCP is simply supplying a IP address, the servers run at a higher level in the protocol stack
AD has a DNS server role installed automatically so it should be able to find all the others easy.
July 1st, 2013 1:30am
right now we have 4 DC's two at main and 1 at each of the branches. What would be the best way to ensure that the right DC is connected to the right area?
July 1st, 2013 3:03pm
open up the server manager and see if all of the domain controllers are recognized
July 1st, 2013 4:55pm
can you 'see' all the other servers in the pool?
if you can you are good to go
July 1st, 2013 7:26pm
I'm not sure what you are talking about. I believe the DC's are all the same name like "dcdemo.com" the computer name is the only difference. I could be wrong but I think that's right.
July 1st, 2013 10:19pm
Hi,
Clients will get the correct DC if correct IPs are assigned. By default clients will connect to the local DC as they are in a same site. So simply check the IP of a client, see if it is correctly belong to its site and if so, you will not need to worry about
the connection.
July 2nd, 2013 5:18am
Yes, they are all recognized
July 2nd, 2013 8:48am
I know we had a problem a few weeks ago that when I typed in echo %logonserver% it showed that someone at our main site was attached to the DC in another state.
July 2nd, 2013 8:49am
you should create a pool from the DCs
then it will not matter which one is used
shared resources can be part of the pool too
July 2nd, 2013 9:24am
I'm not sure how I would go about doing this?
July 2nd, 2013 12:30pm
Where is the option to create a pool at?
July 2nd, 2013 3:36pm
You are being taken in the wrong direction with this I think... What you'd need to do if you have multiple sites is add the subnets and domain controller associated with each site into AD Sites and Services. So if you had 2 sites, Atlanta and New
York, and both sites have domain controllers capable of authenticating users (NYDC1.YourCorp.local and ATDC1.YourCorp.local), give the users in Atlanta 10.1.0.0/16 addresses and give New York 10.2.0.0/16 addresses and assign those domain controllers to each
site. That way, when the users fire up their computer and connect to the network, they will be assigned to a certain site and authenticate to any of the domain controllers assigned to that site.
July 2nd, 2013 3:51pm
when you go to add the computer to the domain you would have to take into account what site they would be at correct? and what if they come to the main branch would they still be able to logon?
July 2nd, 2013 4:12pm
Yes, because the DHCP server at the main office (assuming is Atlanta from my example above) would give them a 10.1.0.0/16 address and if they had that address they would be assigned to the Atlanta site in AD Sites and Services and authenticate to whatever
domain controller is "closest". I put the word "closest" in quotes because the physically closest domain controller might not actually be the most effective one to authenticate to, which is why you assign a "cost" to a site link. Perhaps reading up and Sites
and Subnets will better help you understand the process, but it's fairly straight forward.
http://technet.microsoft.com/en-us/library/cc730868.aspx
If my solutions are helpful, please mark it as so.
July 2nd, 2013 4:20pm
I will also note that having your Sites and Services setup properly is absolutely CRITICAL for domain replication to occur properly and speedily throughout all the sites in a forest.
July 2nd, 2013 4:22pm
Would I have to assign each computer a static IP?
July 3rd, 2013 10:49am
I believe it is setup this way but what im worried about is it sometimes connects to different sites. Is this okay?
July 3rd, 2013 10:53am
If you have someone from your site connecting to a domain controller in a different site, then it is not setup the way I mentioned or is just setup improperly. No, as I mentioned before, you do not need to assign a static address, the DHCP scope just needs
to dish out IP's in the subnet assigned to the site you'd like them to authenticate to. Have you checked AD Sites and Services?
July 3rd, 2013 10:56am
It's like I'm reading from 70-642 :)
July 3rd, 2013 11:07am
I am very sorry Brad, I'm not really sure what I need to do to configure this. I am looking at the DHCP options and I see the Scope Options and under that I see 003 Router IP set and I see 006 DNS Servers and 015 DNS Domain Name but im not really sure
what exactly I need to look at. I also am looking at AD sites and Services. There I see all 4 listed under servers but again im not sure what I should really be looking for.
July 3rd, 2013 1:13pm
Hi,
I think actually you are trying to understand how DHCP working.
First here is an article:
How DHCP Technology Works
http://technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx
And in my own words, when we connect a client to a site (use this example: 2 sites, Atlanta and New York, and both sites have domain controllers capable of authenticating users (NYDC1.YourCorp.local and ATDC1.YourCorp.local), give the users in Atlanta 10.1.0.0/16
addresses and give New York 10.2.0.0/16 addresses and assign those domain controllers to each site. ), it will trying to find an
insite DHCP server with broadcast --- so it will only get response from a local DHCP server, and get an IP with in its site.
Then when client trying to connect to DC, it will choose a closest one --- the insite one unless it is unavaliable.
July 4th, 2013 5:10am