User and computer affinity for a DC (server 2008)

We have  3 DC's in our environment (Server 2008)

I have noticed if one of the DC's has issues (Like Sometimes \\dc\sysvol stops working -- dont know why)

The users who have this DC as logged on one cant work, somehow we start getting call from users either they are not able to log back in to locked pc's etc.

Q: Why would the syvol share stop working sometimes on our DC's (although DC is till pingable and can RDP into it)

Q:Why don't the users get failed over to another DC's during this situation

Q:what is the general failover for Users/Computers w.r.t DC (How does Client choose to get assigned or log on to one of the DC's)

Q:is there a way we can force COmputer/User to be switched to another DC

Q:if we create a Load Balanced address for our DC's does that help

August 26th, 2015 11:23am

Hi Kitaab,

Thanks for your post.

As far as I know, Active Directory (AD) uses Distributed File System Replication (DFSR) to replicate the disk-based portion of AD (SYSVOL) in Windows Server 2008 and later mode domains. And according to your description, DC is till pingable and can RDP into it, it may be related to DFS replication problem.

You may follow the article below to check the Status of the SYSVOL and Netlogon Shares.

https://technet.microsoft.com/en-us/library/Cc816833(v=WS.10).aspx

And the steps to check Active Directory Replication Issues Basic Troubleshooting Steps (Single AD Domain in a Single AD Forest)

http://social.technet.microsoft.com/wiki/contents/articles/18513.active-directory-replication-issues-basic-troubleshooting-steps-single-ad-domain-in-a-single-ad-forest.aspx

Besides, we could check DFSR or NTFRS logs under Applications and Services Logs in Event Viewer. It may also gives us prompt what the reason for the issue.

For how the client locate DC, I suggest you read the articles for more details.

https://support.microsoft.com/en-us/kb/247811

http://blogs.msmvps.com/acefekay/2010/01/03/the-dc-locator-process-the-logon-process-controlling-which-dc-responds-in-an-ad-site-and-srv-records/

Based on my knowledge, client will find the cloest DC. You could locate domain controllers more efficiently by enabling the Try Next Closest Site Group Policy setting

https://technet.microsoft.com/en-us/library/Cc733142%28v=WS.10%29.aspx?f=255&MSPPError=-2147217396

Best Regards,

Mary Dong

Free Windows Admin Tool Kit Click here and download it now
August 27th, 2015 1:08am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics