How to Force the logon server

guys,
Is there a way I can force which server the users login to. I see most of
my clients logon server ServerA where in fact I would prefer its ServerB.
Any ideas?
Environment Win2K3/XP

Hello Nik,

Basically the logon server is automatically choosen based on the DCLocator
process. See here for more:


Also if you have more then one site, AD sites and services must reflect the
physical topology with the subnets and sites and there belonging DC in the
correct site.

You can work with server weights:
http://technet.microsoft.com/en-us/l...45(WS.10).aspx

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! [


> guys,
> Is there a way I can force which server the users login to. I see
> most of
> my clients logon server ServerA where in fact I would prefer its
> ServerB.
> Any ideas?
> Environment Win2K3/XP

Hey Meinolf,
The sites represents the physical topology. I was wondering about achieving
this in a local site. ServerA does not have as much resources as ServerB.
However, I see most of the clients seems to choose ServerA as their logon
server. So I was considering changing this.
In Addition, is there any harm in me disabling the browser service on all my
clients? I"m seeing a few of these errors EventID 8003


"Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
news:6cb2911db8d68cc57aee5591c6e@msnews.microsoft.com...
> Hello Nik,
>
> Basically the logon server is automatically choosen based on the DCLocator
> process. See here for more:
>
>
> Also if you have more then one site, AD sites and services must reflect
> the physical topology with the subnets and sites and there belonging DC in
> the correct site.
>
> You can work with server weights:
> http://technet.microsoft.com/en-us/l...45(WS.10).aspx
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!!
>
>> guys,
>> Is there a way I can force which server the users login to. I see
>> most of
>> my clients logon server ServerA where in fact I would prefer its
>> ServerB.
>> Any ideas?
>> Environment Win2K3/XP
>
>

Hello Nik,

Is serverA also the preferred DNS server on the machines NIC, mostly this
is choosen also as logon server?

You can disable it but, will loose the option to see machines in the network
neighborhood as far as i know, see here for more details about the computer
browser service:
http://support.microsoft.com/kb/188001



Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups


> Hey Meinolf,
> The sites represents the physical topology. I was wondering about
> achieving
> this in a local site. ServerA does not have as much resources as
> ServerB.
> However, I see most of the clients seems to choose ServerA as their
> logon
> server. So I was considering changing this.
> In Addition, is there any harm in me disabling the browser service on
> all my
> clients? I"m seeing a few of these errors EventID 8003
> "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
> news:6cb2911db8d68cc57aee5591c6e@msnews.microsoft.com...
>
>> Hello Nik,
>>
>> Basically the logon server is automatically choosen based on the
>> DCLocator process. See here for more:

>>
>> Also if you have more then one site, AD sites and services must
>> reflect the physical topology with the subnets and sites and there
>> belonging DC in the correct site.
>>
>> You can work with server weights:
>> http://technet.microsoft.com/en-us/l...45(WS.10).aspx
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers no rights.
>> ** Please do NOT email, only reply to Newsgroups

>>> guys,
>>> Is there a way I can force which server the users login to. I see
>>> most of
>>> my clients logon server ServerA where in fact I would prefer its
>>> ServerB.
>>> Any ideas?
>>> Environment Win2K3/XP[/color]

dcs Nik,

Nik schrieb:
> Hey Meinolf,
> The sites represents the physical topology. I was wondering about
> achieving this in a local site. ServerA does not have as much resources
> as ServerB. However, I see most of the clients seems to choose ServerA
> as their logon server. So I was considering changing this.
> In Addition, is there any harm in me disabling the browser service on
> all my clients? I"m seeing a few of these errors EventID 8003

As Meinolf stated, there's built-in functionality that lets clients
choose freely among DCs provided by DNS. What you could do is change the
weight of the DNS SRV records of the DCs to have clients pick a certain
DC more likely than another.

Here's some reading:
http://technet.microsoft.com/en-us/l...45(WS.10).aspx
http://technet.microsoft.com/en-us/l...25(WS.10).aspx

Do yourself (and your fellows) a favor and document this thoroughly. If
it's just that you think that the low-power-DC may be overutilized, I'd
first check on the resources during a normal day.

Cheers,
Florian
--
Microsoft MVP - Group Policy
eMail: prename [at] frickelsoft [dot] net.

ANY advice you get on the Newsgroups should be tested thoroughly in your
lab.

I've been trying to run perfmon against it from a remote computer and have
been unable to (while I can do the same for the other dc). I will take this
on next week and logon to the server and measure some counters and see
what's up. Also this server is not the primary DNS also it doesn't even hold
the FSMO roles.

"Florian Frommherz [MVP]" <florian@frickelsoft.DELETETHIS.net> wrote in
message news:O118ESZiKHA.2184@TK2MSFTNGP04.phx.gbl...
> dcs Nik,
>
> Nik schrieb:
>> Hey Meinolf,
>> The sites represents the physical topology. I was wondering about
>> achieving this in a local site. ServerA does not have as much resources
>> as ServerB. However, I see most of the clients seems to choose ServerA as
>> their logon server. So I was considering changing this.
>> In Addition, is there any harm in me disabling the browser service on all
>> my clients? I"m seeing a few of these errors EventID 8003
>
> As Meinolf stated, there's built-in functionality that lets clients choose
> freely among DCs provided by DNS. What you could do is change the weight
> of the DNS SRV records of the DCs to have clients pick a certain DC more
> likely than another.
>
> Here's some reading:
> http://technet.microsoft.com/en-us/l...45(WS.10).aspx
> http://technet.microsoft.com/en-us/l...25(WS.10).aspx
>
> Do yourself (and your fellows) a favor and document this thoroughly. If
> it's just that you think that the low-power-DC may be overutilized, I'd
> first check on the resources during a normal day.
>
> Cheers,
> Florian
> --
> Microsoft MVP - Group Policy
> eMail: prename [at] frickelsoft [dot] net.

> ANY advice you get on the Newsgroups should be tested thoroughly in your
> lab.

Hello Nik,

FSMO roles are not used for logon authentication, if universal groups are
used a Global catalog server is needed for authentication.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups



> I've been trying to run perfmon against it from a remote computer and
> have been unable to (while I can do the same for the other dc). I will
> take this on next week and logon to the server and measure some
> counters and see what's up. Also this server is not the primary DNS
> also it doesn't even hold the FSMO roles.
>
> "Florian Frommherz [MVP]" <florian@frickelsoft.DELETETHIS.net> wrote
> in message news:O118ESZiKHA.2184@TK2MSFTNGP04.phx.gbl...
>
>> dcs Nik,
>>
>> Nik schrieb:
>>
>>> Hey Meinolf,
>>> The sites represents the physical topology. I was wondering about
>>> achieving this in a local site. ServerA does not have as much
>>> resources
>>> as ServerB. However, I see most of the clients seems to choose
>>> ServerA as
>>> their logon server. So I was considering changing this.
>>> In Addition, is there any harm in me disabling the browser service
>>> on all
>>> my clients? I"m seeing a few of these errors EventID 8003
>> As Meinolf stated, there's built-in functionality that lets clients
>> choose freely among DCs provided by DNS. What you could do is change
>> the weight of the DNS SRV records of the DCs to have clients pick a
>> certain DC more likely than another.
>>
>> Here's some reading:
>> http://technet.microsoft.com/en-us/l...45(WS.10).aspx
>> http://technet.microsoft.com/en-us/l...25(WS.10).aspx
>>
>> Do yourself (and your fellows) a favor and document this thoroughly.
>> If it's just that you think that the low-power-DC may be
>> overutilized, I'd first check on the resources during a normal day.
>>
>> Cheers,
>> Florian
>> --
>> Microsoft MVP - Group Policy
>> eMail: prename [at] frickelsoft [dot] net.

>> ANY advice you get on the Newsgroups should be tested thoroughly in
>> your
>> lab.

thanks for that tip. anyhow, I will leave that browser service running since
there maybe another reasons why I'm getting that error - like 2 dhcp servers
on the same subnet.

"Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
news:6cb2911db8f08cc57b7d73c6e55@msnews.microsoft.com...
> Hello Nik,
>
> FSMO roles are not used for logon authentication, if universal groups are
> used a Global catalog server is needed for authentication.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups

>
>> I've been trying to run perfmon against it from a remote computer and
>> have been unable to (while I can do the same for the other dc). I will
>> take this on next week and logon to the server and measure some
>> counters and see what's up. Also this server is not the primary DNS
>> also it doesn't even hold the FSMO roles.
>>
>> "Florian Frommherz [MVP]" <florian@frickelsoft.DELETETHIS.net> wrote
>> in message news:O118ESZiKHA.2184@TK2MSFTNGP04.phx.gbl...
>>
>>> dcs Nik,
>>>
>>> Nik schrieb:
>>>
>>>> Hey Meinolf,
>>>> The sites represents the physical topology. I was wondering about
>>>> achieving this in a local site. ServerA does not have as much
>>>> resources
>>>> as ServerB. However, I see most of the clients seems to choose
>>>> ServerA as
>>>> their logon server. So I was considering changing this.
>>>> In Addition, is there any harm in me disabling the browser service
>>>> on all
>>>> my clients? I"m seeing a few of these errors EventID 8003
>>> As Meinolf stated, there's built-in functionality that lets clients
>>> choose freely among DCs provided by DNS. What you could do is change
>>> the weight of the DNS SRV records of the DCs to have clients pick a
>>> certain DC more likely than another.
>>>
>>> Here's some reading:
>>> http://technet.microsoft.com/en-us/l...45(WS.10).aspx
>>> http://technet.microsoft.com/en-us/l...25(WS.10).aspx
>>>
>>> Do yourself (and your fellows) a favor and document this thoroughly.
>>> If it's just that you think that the low-power-DC may be
>>> overutilized, I'd first check on the resources during a normal day.
>>>
>>> Cheers,
>>> Florian
>>> --
>>> Microsoft MVP - Group Policy
>>> eMail: prename [at] frickelsoft [dot] net.

>>> ANY advice you get on the Newsgroups should be tested thoroughly in
>>> your
>>> lab.
>
>

Hello Nik,

You can have also multiple DHCP servers on a subnet as long as they don't
provide the same scope.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!!

> thanks for that tip. anyhow, I will leave that browser service running
> since there maybe another reasons why I'm getting that error - like 2
> dhcp servers on the same subnet.
>
> "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
> news:6cb2911db8f08cc57b7d73c6e55@msnews.microsoft.com...
>
>> Hello Nik,
>>
>> FSMO roles are not used for logon authentication, if universal groups
>> are used a Global catalog server is needed for authentication.
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!!
>>> I've been trying to run perfmon against it from a remote computer
>>> and have been unable to (while I can do the same for the other dc).
>>> I will take this on next week and logon to the server and measure
>>> some counters and see what's up. Also this server is not the primary
>>> DNS also it doesn't even hold the FSMO roles.
>>>
>>> "Florian Frommherz [MVP]" <florian@frickelsoft.DELETETHIS.net> wrote
>>> in message news:O118ESZiKHA.2184@TK2MSFTNGP04.phx.gbl...
>>>
>>>> dcs Nik,
>>>>
>>>> Nik schrieb:
>>>>
>>>>> Hey Meinolf,
>>>>> The sites represents the physical topology. I was wondering about
>>>>> achieving this in a local site. ServerA does not have as much
>>>>> resources
>>>>> as ServerB. However, I see most of the clients seems to choose
>>>>> ServerA as
>>>>> their logon server. So I was considering changing this.
>>>>> In Addition, is there any harm in me disabling the browser service
>>>>> on all
>>>>> my clients? I"m seeing a few of these errors EventID 8003
>>>> As Meinolf stated, there's built-in functionality that lets clients
>>>> choose freely among DCs provided by DNS. What you could do is
>>>> change the weight of the DNS SRV records of the DCs to have clients
>>>> pick a certain DC more likely than another.
>>>>
>>>> Here's some reading:
>>>> http://technet.microsoft.com/en-us/l...45(WS.10).aspx
>>>> http://technet.microsoft.com/en-us/l...25(WS.10).aspx
>>>>
>>>> Do yourself (and your fellows) a favor and document this
>>>> thoroughly. If it's just that you think that the low-power-DC may
>>>> be overutilized, I'd first check on the resources during a normal
>>>> day.
>>>>
>>>> Cheers,
>>>> Florian
>>>> --
>>>> Microsoft MVP - Group Policy
>>>> eMail: prename [at] frickelsoft [dot] net.
>>>> blog:
>>>> ANY advice you get on the Newsgroups should be tested thoroughly in
>>>> your
>>>> lab.[/color]

agreed. but in this case they do provide the same scope. One is supposed to
be the backup to the other, but I think they are both running at the same
time. Anyhow, i guess this is something else I will have to look at starting
tomorrow.


"Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
news:6cb2911db8f58cc57b9f01a5e60@msnews.microsoft.com...
> Hello Nik,
>
> You can have also multiple DHCP servers on a subnet as long as they don't
> provide the same scope.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!!
>
>> thanks for that tip. anyhow, I will leave that browser service running
>> since there maybe another reasons why I'm getting that error - like 2
>> dhcp servers on the same subnet.
>>
>> "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
>> news:6cb2911db8f08cc57b7d73c6e55@msnews.microsoft.com...
>>
>>> Hello Nik,
>>>
>>> FSMO roles are not used for logon authentication, if universal groups
>>> are used a Global catalog server is needed for authentication.
>>>
>>> Best regards
>>>
>>> Meinolf Weber
>>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>>> confers no rights.
>>> ** Please do NOT email, only reply to Newsgroups
>>> ** HELP us help YOU!!!
>>>> I've been trying to run perfmon against it from a remote computer
>>>> and have been unable to (while I can do the same for the other dc).
>>>> I will take this on next week and logon to the server and measure
>>>> some counters and see what's up. Also this server is not the primary
>>>> DNS also it doesn't even hold the FSMO roles.
>>>>
>>>> "Florian Frommherz [MVP]" <florian@frickelsoft.DELETETHIS.net> wrote
>>>> in message news:O118ESZiKHA.2184@TK2MSFTNGP04.phx.gbl...
>>>>
>>>>> dcs Nik,
>>>>>
>>>>> Nik schrieb:
>>>>>
>>>>>> Hey Meinolf,
>>>>>> The sites represents the physical topology. I was wondering about
>>>>>> achieving this in a local site. ServerA does not have as much
>>>>>> resources
>>>>>> as ServerB. However, I see most of the clients seems to choose
>>>>>> ServerA as
>>>>>> their logon server. So I was considering changing this.
>>>>>> In Addition, is there any harm in me disabling the browser service
>>>>>> on all
>>>>>> my clients? I"m seeing a few of these errors EventID 8003
>>>>> As Meinolf stated, there's built-in functionality that lets clients
>>>>> choose freely among DCs provided by DNS. What you could do is
>>>>> change the weight of the DNS SRV records of the DCs to have clients
>>>>> pick a certain DC more likely than another.
>>>>>
>>>>> Here's some reading:
>>>>> http://technet.microsoft.com/en-us/l...45(WS.10).aspx
>>>>> http://technet.microsoft.com/en-us/l...25(WS.10).aspx
>>>>>
>>>>> Do yourself (and your fellows) a favor and document this
>>>>> thoroughly. If it's just that you think that the low-power-DC may
>>>>> be overutilized, I'd first check on the resources during a normal
>>>>> day.
>>>>>
>>>>> Cheers,
>>>>> Florian
>>>>> --
>>>>> Microsoft MVP - Group Policy
>>>>> eMail: prename [at] frickelsoft [dot] net.
>>>>> blog:
>>>>> ANY advice you get on the Newsgroups should be tested thoroughly in
>>>>> your
>>>>> lab.
>
>

Hello Nik,

For 2 DHCP servers never configure the same scope without excluding at least
the half of the scope from each other. So one scope with 1-120 and exclude
121-254 and the other scope the other way around.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!!


> agreed. but in this case they do provide the same scope. One is
> supposed to be the backup to the other, but I think they are both
> running at the same time. Anyhow, i guess this is something else I
> will have to look at starting tomorrow.
>
> "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
> news:6cb2911db8f58cc57b9f01a5e60@msnews.microsoft.com...
>
>> Hello Nik,
>>
>> You can have also multiple DHCP servers on a subnet as long as they
>> don't provide the same scope.
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!!
>>> thanks for that tip. anyhow, I will leave that browser service
>>> running since there maybe another reasons why I'm getting that error
>>> - like 2 dhcp servers on the same subnet.
>>>
>>> "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
>>> news:6cb2911db8f08cc57b7d73c6e55@msnews.microsoft.com...
>>>
>>>> Hello Nik,
>>>>
>>>> FSMO roles are not used for logon authentication, if universal
>>>> groups are used a Global catalog server is needed for
>>>> authentication.
>>>>
>>>> Best regards
>>>>
>>>> Meinolf Weber
>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>> and
>>>> confers no rights.
>>>> ** Please do NOT email, only reply to Newsgroups
>>>> ** HELP us help YOU!!!
>>>>> I've been trying to run perfmon against it from a remote computer
>>>>> and have been unable to (while I can do the same for the other
>>>>> dc). I will take this on next week and logon to the server and
>>>>> measure some counters and see what's up. Also this server is not
>>>>> the primary DNS also it doesn't even hold the FSMO roles.
>>>>>
>>>>> "Florian Frommherz [MVP]" <florian@frickelsoft.DELETETHIS.net>
>>>>> wrote in message news:O118ESZiKHA.2184@TK2MSFTNGP04.phx.gbl...
>>>>>
>>>>>> dcs Nik,
>>>>>>
>>>>>> Nik schrieb:
>>>>>>
>>>>>>> Hey Meinolf,
>>>>>>> The sites represents the physical topology. I was wondering
>>>>>>> about
>>>>>>> achieving this in a local site. ServerA does not have as much
>>>>>>> resources
>>>>>>> as ServerB. However, I see most of the clients seems to choose
>>>>>>> ServerA as
>>>>>>> their logon server. So I was considering changing this.
>>>>>>> In Addition, is there any harm in me disabling the browser
>>>>>>> service
>>>>>>> on all
>>>>>>> my clients? I"m seeing a few of these errors EventID 8003
>>>>>> As Meinolf stated, there's built-in functionality that lets
>>>>>> clients choose freely among DCs provided by DNS. What you could
>>>>>> do is change the weight of the DNS SRV records of the DCs to have
>>>>>> clients pick a certain DC more likely than another.
>>>>>>
>>>>>> Here's some reading:
>>>>>> http://technet.microsoft.com/en-us/l...45(WS.10).aspx
>>>>>> http://technet.microsoft.com/en-us/l...25(WS.10).aspx
>>>>>>
>>>>>> Do yourself (and your fellows) a favor and document this
>>>>>> thoroughly. If it's just that you think that the low-power-DC may
>>>>>> be overutilized, I'd first check on the resources during a normal
>>>>>> day.
>>>>>>
>>>>>> Cheers,
>>>>>> Florian
>>>>>> --
>>>>>> Microsoft MVP - Group Policy
>>>>>> eMail: prename [at] frickelsoft [dot] net.
>>>>>> blog:
>>>>>> ANY advice you get on the Newsgroups should be tested thoroughly
>>>>>> in
>>>>>> your
>>>>>> lab.

Meinolf,

This brings up a question that I asked eons ago, but never got an answer
(or at least not one I can remember).

Suppose I have two DHCP servers with, say, a 50/50 split scope. A user
logs on and goes to server 1. Server 1 is out of IP addresses to issue,
but Server 2 has plenty. What happens? I'm concerned that this could
happen in my domain. Will it go to Server 2 or fail to get an IP
address? If the latter, can it be configured to find another DHCP server?

--

Regards,
Hank Arnold
Microsoft MVP
Windows Server - Directory Services


Meinolf Weber [MVP-DS] wrote:
> Hello Nik,
>
> For 2 DHCP servers never configure the same scope without excluding at
> least the half of the scope from each other. So one scope with 1-120 and
> exclude 121-254 and the other scope the other way around.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!!
>
>> agreed. but in this case they do provide the same scope. One is
>> supposed to be the backup to the other, but I think they are both
>> running at the same time. Anyhow, i guess this is something else I
>> will have to look at starting tomorrow.
>>
>> "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
>> news:6cb2911db8f58cc57b9f01a5e60@msnews.microsoft.com...
>>
>>> Hello Nik,
>>>
>>> You can have also multiple DHCP servers on a subnet as long as they
>>> don't provide the same scope.
>>>
>>> Best regards
>>>
>>> Meinolf Weber
>>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>>> confers no rights.
>>> ** Please do NOT email, only reply to Newsgroups
>>> ** HELP us help YOU!!!
>>>> thanks for that tip. anyhow, I will leave that browser service
>>>> running since there maybe another reasons why I'm getting that error
>>>> - like 2 dhcp servers on the same subnet.
>>>>
>>>> "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
>>>> news:6cb2911db8f08cc57b7d73c6e55@msnews.microsoft.com...
>>>>
>>>>> Hello Nik,
>>>>>
>>>>> FSMO roles are not used for logon authentication, if universal
>>>>> groups are used a Global catalog server is needed for
>>>>> authentication.
>>>>>
>>>>> Best regards
>>>>>
>>>>> Meinolf Weber
>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>> and
>>>>> confers no rights.
>>>>> ** Please do NOT email, only reply to Newsgroups
>>>>> ** HELP us help YOU!!!
>>>>>> I've been trying to run perfmon against it from a remote computer
>>>>>> and have been unable to (while I can do the same for the other
>>>>>> dc). I will take this on next week and logon to the server and
>>>>>> measure some counters and see what's up. Also this server is not
>>>>>> the primary DNS also it doesn't even hold the FSMO roles.
>>>>>>
>>>>>> "Florian Frommherz [MVP]" <florian@frickelsoft.DELETETHIS.net>
>>>>>> wrote in message news:O118ESZiKHA.2184@TK2MSFTNGP04.phx.gbl...
>>>>>>
>>>>>>> dcs Nik,
>>>>>>>
>>>>>>> Nik schrieb:
>>>>>>>
>>>>>>>> Hey Meinolf,
>>>>>>>> The sites represents the physical topology. I was wondering
>>>>>>>> about
>>>>>>>> achieving this in a local site. ServerA does not have as much
>>>>>>>> resources
>>>>>>>> as ServerB. However, I see most of the clients seems to choose
>>>>>>>> ServerA as
>>>>>>>> their logon server. So I was considering changing this.
>>>>>>>> In Addition, is there any harm in me disabling the browser
>>>>>>>> service
>>>>>>>> on all
>>>>>>>> my clients? I"m seeing a few of these errors EventID 8003
>>>>>>> As Meinolf stated, there's built-in functionality that lets
>>>>>>> clients choose freely among DCs provided by DNS. What you could
>>>>>>> do is change the weight of the DNS SRV records of the DCs to have
>>>>>>> clients pick a certain DC more likely than another.
>>>>>>>
>>>>>>> Here's some reading:
>>>>>>> http://technet.microsoft.com/en-us/l...45(WS.10).aspx
>>>>>>> http://technet.microsoft.com/en-us/l...25(WS.10).aspx
>>>>>>>
>>>>>>> Do yourself (and your fellows) a favor and document this
>>>>>>> thoroughly. If it's just that you think that the low-power-DC may
>>>>>>> be overutilized, I'd first check on the resources during a normal
>>>>>>> day.
>>>>>>>
>>>>>>> Cheers,
>>>>>>> Florian
>>>>>>> --
>>>>>>> Microsoft MVP - Group Policy
>>>>>>> eMail: prename [at] frickelsoft [dot] net.
>>>>>>> blog:
>>>>>>> ANY advice you get on the Newsgroups should be tested thoroughly
>>>>>>> in
>>>>>>> your
>>>>>>> lab.
>
>

Hello Hank,

DHCP works that way that the machine searches that long for an ip address
until it gets one. After some time, don't know the exact one, the machine
uses APIPA if no DHCP server responses. So if in your case server 1 is out
of addresses server 2 will answer automatically to the broadcast from the
client.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!!


> Meinolf,
>
> This brings up a question that I asked eons ago, but never got an
> answer (or at least not one I can remember).
>
> Suppose I have two DHCP servers with, say, a 50/50 split scope. A user
> logs on and goes to server 1. Server 1 is out of IP addresses to
> issue, but Server 2 has plenty. What happens? I'm concerned that this
> could happen in my domain. Will it go to Server 2 or fail to get an IP
> address? If the latter, can it be configured to find another DHCP
> server?
>
> Meinolf Weber [MVP-DS] wrote:
>
>> Hello Nik,
>>
>> For 2 DHCP servers never configure the same scope without excluding
>> at least the half of the scope from each other. So one scope with
>> 1-120 and exclude 121-254 and the other scope the other way around.
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!!
>>> agreed. but in this case they do provide the same scope. One is
>>> supposed to be the backup to the other, but I think they are both
>>> running at the same time. Anyhow, i guess this is something else I
>>> will have to look at starting tomorrow.
>>>
>>> "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
>>> news:6cb2911db8f58cc57b9f01a5e60@msnews.microsoft.com...
>>>
>>>> Hello Nik,
>>>>
>>>> You can have also multiple DHCP servers on a subnet as long as they
>>>> don't provide the same scope.
>>>>
>>>> Best regards
>>>>
>>>> Meinolf Weber
>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>> and
>>>> confers no rights.
>>>> ** Please do NOT email, only reply to Newsgroups
>>>> ** HELP us help YOU!!!
>>>>> thanks for that tip. anyhow, I will leave that browser service
>>>>> running since there maybe another reasons why I'm getting that
>>>>> error - like 2 dhcp servers on the same subnet.
>>>>>
>>>>> "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
>>>>> news:6cb2911db8f08cc57b7d73c6e55@msnews.microsoft.com...
>>>>>
>>>>>> Hello Nik,
>>>>>>
>>>>>> FSMO roles are not used for logon authentication, if universal
>>>>>> groups are used a Global catalog server is needed for
>>>>>> authentication.
>>>>>>
>>>>>> Best regards
>>>>>>
>>>>>> Meinolf Weber
>>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>>> and
>>>>>> confers no rights.
>>>>>> ** Please do NOT email, only reply to Newsgroups
>>>>>> ** HELP us help YOU!!!
>>>>>>
>>>>>>> I've been trying to run perfmon against it from a remote
>>>>>>> computer and have been unable to (while I can do the same for
>>>>>>> the other dc). I will take this on next week and logon to the
>>>>>>> server and measure some counters and see what's up. Also this
>>>>>>> server is not the primary DNS also it doesn't even hold the FSMO
>>>>>>> roles.
>>>>>>>
>>>>>>> "Florian Frommherz [MVP]" <florian@frickelsoft.DELETETHIS.net>
>>>>>>> wrote in message news:O118ESZiKHA.2184@TK2MSFTNGP04.phx.gbl...
>>>>>>>
>>>>>>>> dcs Nik,
>>>>>>>>
>>>>>>>> Nik schrieb:
>>>>>>>>
>>>>>>>>> Hey Meinolf,
>>>>>>>>> The sites represents the physical topology. I was wondering
>>>>>>>>> about
>>>>>>>>> achieving this in a local site. ServerA does not have as much
>>>>>>>>> resources
>>>>>>>>> as ServerB. However, I see most of the clients seems to choose
>>>>>>>>> ServerA as
>>>>>>>>> their logon server. So I was considering changing this.
>>>>>>>>> In Addition, is there any harm in me disabling the browser
>>>>>>>>> service
>>>>>>>>> on all
>>>>>>>>> my clients? I"m seeing a few of these errors EventID 8003
>>>>>>>> As Meinolf stated, there's built-in functionality that lets
>>>>>>>> clients choose freely among DCs provided by DNS. What you could
>>>>>>>> do is change the weight of the DNS SRV records of the DCs to
>>>>>>>> have clients pick a certain DC more likely than another.
>>>>>>>>
>>>>>>>> Here's some reading:
>>>>>>>> http://technet.microsoft.com/en-us/l...45(WS.10).aspx
>>>>>>>> http://technet.microsoft.com/en-us/l...25(WS.10).aspx
>>>>>>>>
>>>>>>>> Do yourself (and your fellows) a favor and document this
>>>>>>>> thoroughly. If it's just that you think that the low-power-DC
>>>>>>>> may be overutilized, I'd first check on the resources during a
>>>>>>>> normal day.
>>>>>>>>
>>>>>>>> Cheers,
>>>>>>>> Florian
>>>>>>>> --
>>>>>>>> Microsoft MVP - Group Policy
>>>>>>>> eMail: prename [at] frickelsoft [dot] net.
>>>>>>>> blog:
>>>>>>>> ANY advice you get on the Newsgroups should be tested
>>>>>>>> thoroughly
>>>>>>>> in
>>>>>>>> your
>>>>>>>> lab.[/color]

Excellent! As usual, thanks for clearing that up. Guess I just added
another project to this year's to-do list... ;-)

--

Regards,
Hank Arnold
Microsoft MVP
Windows Server - Directory Services
http://mypcassistant.blogspot.com/

Meinolf Weber [MVP-DS] wrote:
> Hello Hank,
>
> DHCP works that way that the machine searches that long for an ip
> address until it gets one. After some time, don't know the exact one,
> the machine uses APIPA if no DHCP server responses. So if in your case
> server 1 is out of addresses server 2 will answer automatically to the
> broadcast from the client.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>> Meinolf,
>>
>> This brings up a question that I asked eons ago, but never got an
>> answer (or at least not one I can remember).
>>
>> Suppose I have two DHCP servers with, say, a 50/50 split scope. A user
>> logs on and goes to server 1. Server 1 is out of IP addresses to
>> issue, but Server 2 has plenty. What happens? I'm concerned that this
>> could happen in my domain. Will it go to Server 2 or fail to get an IP
>> address? If the latter, can it be configured to find another DHCP
>> server?
>>
>> Meinolf Weber [MVP-DS] wrote:
>>
>>> Hello Nik,
>>>
>>> For 2 DHCP servers never configure the same scope without excluding
>>> at least the half of the scope from each other. So one scope with
>>> 1-120 and exclude 121-254 and the other scope the other way around.
>>>
>>> Best regards
>>>
>>> Meinolf Weber
>>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>>> confers no rights.
>>> ** Please do NOT email, only reply to Newsgroups
>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>> agreed. but in this case they do provide the same scope. One is
>>>> supposed to be the backup to the other, but I think they are both
>>>> running at the same time. Anyhow, i guess this is something else I
>>>> will have to look at starting tomorrow.
>>>>
>>>> "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
>>>> news:6cb2911db8f58cc57b9f01a5e60@msnews.microsoft.com...
>>>>
>>>>> Hello Nik,
>>>>>
>>>>> You can have also multiple DHCP servers on a subnet as long as they
>>>>> don't provide the same scope.
>>>>>
>>>>> Best regards
>>>>>
>>>>> Meinolf Weber
>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>> and
>>>>> confers no rights.
>>>>> ** Please do NOT email, only reply to Newsgroups
>>>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>>> thanks for that tip. anyhow, I will leave that browser service
>>>>>> running since there maybe another reasons why I'm getting that
>>>>>> error - like 2 dhcp servers on the same subnet.
>>>>>>
>>>>>> "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
>>>>>> news:6cb2911db8f08cc57b7d73c6e55@msnews.microsoft.com...
>>>>>>
>>>>>>> Hello Nik,
>>>>>>>
>>>>>>> FSMO roles are not used for logon authentication, if universal
>>>>>>> groups are used a Global catalog server is needed for
>>>>>>> authentication.
>>>>>>>
>>>>>>> Best regards
>>>>>>>
>>>>>>> Meinolf Weber
>>>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>>>> and
>>>>>>> confers no rights.
>>>>>>> ** Please do NOT email, only reply to Newsgroups
>>>>>>> ** HELP us help YOU!!!
>>>>>>> http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>>>>> I've been trying to run perfmon against it from a remote
>>>>>>>> computer and have been unable to (while I can do the same for
>>>>>>>> the other dc). I will take this on next week and logon to the
>>>>>>>> server and measure some counters and see what's up. Also this
>>>>>>>> server is not the primary DNS also it doesn't even hold the FSMO
>>>>>>>> roles.
>>>>>>>>
>>>>>>>> "Florian Frommherz [MVP]" <florian@frickelsoft.DELETETHIS.net>
>>>>>>>> wrote in message news:O118ESZiKHA.2184@TK2MSFTNGP04.phx.gbl...
>>>>>>>>
>>>>>>>>> dcs Nik,
>>>>>>>>>
>>>>>>>>> Nik schrieb:
>>>>>>>>>
>>>>>>>>>> Hey Meinolf,
>>>>>>>>>> The sites represents the physical topology. I was wondering
>>>>>>>>>> about
>>>>>>>>>> achieving this in a local site. ServerA does not have as much
>>>>>>>>>> resources
>>>>>>>>>> as ServerB. However, I see most of the clients seems to choose
>>>>>>>>>> ServerA as
>>>>>>>>>> their logon server. So I was considering changing this.
>>>>>>>>>> In Addition, is there any harm in me disabling the browser
>>>>>>>>>> service
>>>>>>>>>> on all
>>>>>>>>>> my clients? I"m seeing a few of these errors EventID 8003
>>>>>>>>> As Meinolf stated, there's built-in functionality that lets
>>>>>>>>> clients choose freely among DCs provided by DNS. What you could
>>>>>>>>> do is change the weight of the DNS SRV records of the DCs to
>>>>>>>>> have clients pick a certain DC more likely than another.
>>>>>>>>>
>>>>>>>>> Here's some reading:
>>>>>>>>> http://technet.microsoft.com/en-us/l...45(WS.10).aspx
>>>>>>>>> http://technet.microsoft.com/en-us/l...25(WS.10).aspx
>>>>>>>>>
>>>>>>>>> Do yourself (and your fellows) a favor and document this
>>>>>>>>> thoroughly. If it's just that you think that the low-power-DC
>>>>>>>>> may be overutilized, I'd first check on the resources during a
>>>>>>>>> normal day.
>>>>>>>>>
>>>>>>>>> Cheers,
>>>>>>>>> Florian
>>>>>>>>> --
>>>>>>>>> Microsoft MVP - Group Policy
>>>>>>>>> eMail: prename [at] frickelsoft [dot] net.
>>>>>>>>> blog: http://www.frickelsoft.net/blog.
>>>>>>>>> ANY advice you get on the Newsgroups should be tested
>>>>>>>>> thoroughly
>>>>>>>>> in
>>>>>>>>> your
>>>>>>>>> lab.
>
>

Hello Meinolf,


nicely described here: http://technet.microsoft.com/en-us/l...60(WS.10).aspx

Greetings fom muenster

Andy
--
Andy Wendel
Senior Trainer & Consultant
Traicen GmbH
http://www.traicen.com



> Hello Hank,
>
> DHCP works that way that the machine searches that long for an ip
> address until it gets one. After some time, don't know the exact one,
> the machine uses APIPA if no DHCP server responses. So if in your case
> server 1 is out of addresses server 2 will answer automatically to the
> broadcast from the client.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>> Meinolf,
>>
>> This brings up a question that I asked eons ago, but never got an
>> answer (or at least not one I can remember).
>>
>> Suppose I have two DHCP servers with, say, a 50/50 split scope. A
>> user logs on and goes to server 1. Server 1 is out of IP addresses to
>> issue, but Server 2 has plenty. What happens? I'm concerned that this
>> could happen in my domain. Will it go to Server 2 or fail to get an
>> IP address? If the latter, can it be configured to find another DHCP
>> server?
>>
>> Meinolf Weber [MVP-DS] wrote:
>>
>>> Hello Nik,
>>>
>>> For 2 DHCP servers never configure the same scope without excluding
>>> at least the half of the scope from each other. So one scope with
>>> 1-120 and exclude 121-254 and the other scope the other way around.
>>>
>>> Best regards
>>>
>>> Meinolf Weber
>>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>>> confers no rights.
>>> ** Please do NOT email, only reply to Newsgroups
>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>> agreed. but in this case they do provide the same scope. One is
>>>> supposed to be the backup to the other, but I think they are both
>>>> running at the same time. Anyhow, i guess this is something else I
>>>> will have to look at starting tomorrow.
>>>>
>>>> "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
>>>> news:6cb2911db8f58cc57b9f01a5e60@msnews.microsoft.com...
>>>>
>>>>> Hello Nik,
>>>>>
>>>>> You can have also multiple DHCP servers on a subnet as long as
>>>>> they don't provide the same scope.
>>>>>
>>>>> Best regards
>>>>>
>>>>> Meinolf Weber
>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>> and
>>>>> confers no rights.
>>>>> ** Please do NOT email, only reply to Newsgroups
>>>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>>> thanks for that tip. anyhow, I will leave that browser service
>>>>>> running since there maybe another reasons why I'm getting that
>>>>>> error - like 2 dhcp servers on the same subnet.
>>>>>>
>>>>>> "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
>>>>>> news:6cb2911db8f08cc57b7d73c6e55@msnews.microsoft.com...
>>>>>>
>>>>>>> Hello Nik,
>>>>>>>
>>>>>>> FSMO roles are not used for logon authentication, if universal
>>>>>>> groups are used a Global catalog server is needed for
>>>>>>> authentication.
>>>>>>>
>>>>>>> Best regards
>>>>>>>
>>>>>>> Meinolf Weber
>>>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>>>> and
>>>>>>> confers no rights.
>>>>>>> ** Please do NOT email, only reply to Newsgroups
>>>>>>> ** HELP us help YOU!!!
>>>>>>> http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>>>>> I've been trying to run perfmon against it from a remote
>>>>>>>> computer and have been unable to (while I can do the same for
>>>>>>>> the other dc). I will take this on next week and logon to the
>>>>>>>> server and measure some counters and see what's up. Also this
>>>>>>>> server is not the primary DNS also it doesn't even hold the
>>>>>>>> FSMO roles.
>>>>>>>>
>>>>>>>> "Florian Frommherz [MVP]" <florian@frickelsoft.DELETETHIS.net>
>>>>>>>> wrote in message news:O118ESZiKHA.2184@TK2MSFTNGP04.phx.gbl...
>>>>>>>>
>>>>>>>>> dcs Nik,
>>>>>>>>>
>>>>>>>>> Nik schrieb:
>>>>>>>>>
>>>>>>>>>> Hey Meinolf,
>>>>>>>>>> The sites represents the physical topology. I was wondering
>>>>>>>>>> about
>>>>>>>>>> achieving this in a local site. ServerA does not have as much
>>>>>>>>>> resources
>>>>>>>>>> as ServerB. However, I see most of the clients seems to
>>>>>>>>>> choose
>>>>>>>>>> ServerA as
>>>>>>>>>> their logon server. So I was considering changing this.
>>>>>>>>>> In Addition, is there any harm in me disabling the browser
>>>>>>>>>> service
>>>>>>>>>> on all
>>>>>>>>>> my clients? I"m seeing a few of these errors EventID 8003
>>>>>>>>> As Meinolf stated, there's built-in functionality that lets
>>>>>>>>> clients choose freely among DCs provided by DNS. What you
>>>>>>>>> could do is change the weight of the DNS SRV records of the
>>>>>>>>> DCs to have clients pick a certain DC more likely than
>>>>>>>>> another.
>>>>>>>>>
>>>>>>>>> Here's some reading:
>>>>>>>>> http://technet.microsoft.com/en-us/l...945(WS.10).asp
>>>>>>>>> x
>>>>>>>>> http://technet.microsoft.com/en-us/l...225(WS.10).asp
>>>>>>>>> x
>>>>>>>>>
>>>>>>>>> Do yourself (and your fellows) a favor and document this
>>>>>>>>> thoroughly. If it's just that you think that the low-power-DC
>>>>>>>>> may be overutilized, I'd first check on the resources during a
>>>>>>>>> normal day.
>>>>>>>>>
>>>>>>>>> Cheers,
>>>>>>>>> Florian
>>>>>>>>> --
>>>>>>>>> Microsoft MVP - Group Policy
>>>>>>>>> eMail: prename [at] frickelsoft [dot] net.
>>>>>>>>> blog: http://www.frickelsoft.net/blog.
>>>>>>>>> ANY advice you get on the Newsgroups should be tested
>>>>>>>>> thoroughly
>>>>>>>>> in
>>>>>>>>> your
>>>>>>>>> lab.