| Author | Messages | |
milburnr
Posts:12
 | | 09/01/2010 11:14 PM |
| Thanks all -
I found that waiting a bit for two of the jumpstations cleared it up. The third, which I was still logged on to, I ran this, and it worked after logging off and back on:
nltest /sc_reset:domainName
I've been meaning to get after those subnet registrations, I think I'll make it a priority. New subnets get added all the time, and I rarely hear about it. I've got some scripts, I just need to mod them and run them 
Rich
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of nidhin ck
Sent: Wednesday, September 01, 2010 3:23 PM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] how long before subnet to site registration affects a client?
Hi Rich,
You can also empty the DC Locater cache by typing nltest /dsgetdc omain Name /force.
Permanant solution to this problem is to set up Force Rediscovery time in registry for Windows 2003 after applying http://support.microsoft.com/kb/939252
After the installation of this hotfix you have create the Force Rediscovery entry in registry. For more information check out the above hotfix url
On Thu, Sep 2, 2010 at 1:17 AM, [Infraspec] Rob Silver <rob@infraspec.net<mailto:rob@infraspec.net>> wrote:
Sorry, I clicked send too fast:
Hi Rich
It's both replication and caching causing this. The subnet is stored in AD, not DNS. The device will use its cached DC (the one in Singapore). You can find this server by typing "set logonserver" or "nltest /dsGetDc:domainName" at the cmd prompt. The client only flushes this cached entry after 15 minutes of discovery that the DC is no good. Instead, you can run "nltest /sc_reset:domainName" to get the client to look for a better DC. If there are loads of machines, use psexec to do this on all the machines simultaneously with a text input file.
It uses the DcLocator service to find new DCs. You can repl the new site by running "repadmin /syncall /P /e" from any server which knows about the new subnet. Make sure you open the CMD prompt as Administrator before running this.
Regards,
Rob Silver<http://robsilver.org/>
From: activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org> [mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org>] On Behalf Of Milburn, Rich
Sent: 01 September 2010 7:51 PM
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: [ActiveDir] how long before subnet to site registration affects a client?
I found that we had jumpstations that were in a subnet which was not registered in AD. They were using login servers in Singapore and Indonesia, and of course any AD tool was pointing across the world also (yes I know how to change DC but I'd rather not have to go to the trouble). I registered the subnet in the correct site, but the jumpstation is still connecting to Singapore. I figured it might take a bit for this to take effect, but I'm not sure exactly what the backend processing is... does the subnet registration have to replicate, and if so, to where, before the client will see it? Is it the local DNS that has to see it? DNS is pointing to local DC/DNS servers, but for some reason they were sending it (in three instances I checked) across the world to authenticate. Does the client hold onto whatever site it got originally referred to, and if so, until when?
This is less operational urgency and more curiosity, perhaps someone else here might find the information interesting also.
Thanks
Rich
--
Regards,
Nidhin.CK
Chennai
Phone No: +91 9884622467
| | | |
|
|