Tag: Windows, Windows / Home

Windows

NAVIGATION
CATEGORIES
REFERRENCE
LINKS
Home » Windows

  • Lag site- disabling auth on Lag DC.

    1 answers - 606 bytes - related search similar search Add To My Delicious Add To My Stumble Upon Add To My Google Mark Add To My Facebook Add To My Digg Add To My Reddit

    hello all,
    We are about to build a lag site for our AD recovery strategy.
    We schedule replication Prod Sites <->Lag Sites one time a week.
    We have one forest with a Root and Child domain.
    The lag site will contain only one DC. We would like to disable clients auth on this DC. So I found 2 ways to do this:
    1) Configuring the "DC Locator DNS Records" via a gpo.
    or
    2) Stop and disable the netlogon service.
    What will be the best choice ? 1) or 2) ?
    Shall i also disable the service server to avoid replication of sysvol too ?
    Thanks for input.

  • No.1 | | 2064 bytes | |

    SRV records

    * make sure the DC only registers the CNAME SRV record which is used for replication
    * don't assign the lag site DCs WINS servers, otherwise these will register the 1Ch record in WINS
    * make sure the site link cost between the main site and the lag are higher than any other site links that also links to the main site

    for the lag to work properly make sure you have at least one DC from each domain, because of eventual cross domain links (e.g. group memberships)

    Met vriendelijke groeten / Kind regards,
    Ing. Jorge de Almeida Pinto
    Senior Infrastructure Consultant
    MVP Windows Server - Directory Services

    LogicaCMG Nederland B.V. (BU RTINC Eindhoven)
    ( Tel : +31-(0)40-29.57.777
    ( Mobile : +31-(0)6-26.26.62.80
    * E-mail : <see sender address>

    From: ActiveDir-owner (AT) mail (DOT) activedir.org on behalf of Yann
    Sent: Mon 2006-05-15 21:36
    To: ActiveDir (AT) mail (DOT) activedir.org
    Subject: [ActiveDir] Lag site- disabling auth on Lag DC.

    hello all,

    We are about to build a lag site for our AD recovery strategy.
    We schedule replication Prod Sites <->Lag Sites one time a week.
    We have one forest with a Root and Child domain.
    The lag site will contain only one DC. We would like to disable clients auth on this DC. So I found 2 ways to do this:
    1) Configuring the "DC Locator DNS Records" via a gpo.
    or
    2) Stop and disable the netlogon service.

    What will be the best choice ? 1) or 2) ?

    Shall i also disable the service server to avoid replication of sysvol too ?

    Thanks for input.

    This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.

Re: Lag site- disabling auth on Lag DC.


max 4000 letters.
Your nickname that display:
In order to stop the spam: 9 + 8 =
QUESTION ON "Windows"

EMSDN.COM