re: Best of Questions and Answers for TechNet Webcast: Best Practices for Designing the Active Directory Structure

pradeep.prasad@itu.int — Sun, 31 Dec 2006 10:56:42 GMT

Excellent site you have

I have two questions:

Q1/

We have multiple sites in our network some of them are connected with a VPN having round trip delay of between 200 Millsec to 2000 Milli seconds.

We have the DNS configured on an Unix Server in round robin format

The DNS Name resolution for the domain is done fine but it lists all the DC's in a round Robin Format

Example

Domain.xx

a.x.y.100 -- Local site

b.p.q.200 - remote site

the second time the DNS query is done

Domain.xx

b.p.q.200 - remote site

a.x.y.100 -- Local site

This causes massive delays during logons.

Once the DFS starts to work it is better. But the connection to netlogon takes a lot of time depeinding on if the Local or Remote AD is sent out first.

Does Microsoft AD basesd DNS's provide the Values Based on SITE awareness and site costs.

Q2/

I was told for back and recovery of the AD it is useful to have a DC located in a special site where the replication is very slow about once a week or manually when we think the AD is consitent.

How can we ensure that this DC does not take part in daye to day logons.

Thanks a lot

Pradeep