none
Computers point to DC in wrong DC Site Name

    Question

  • Hi, everyone.
    I have 2 DC on Windows Server 2008R2.
    I have only one Domain (domain.local)
    Both DC are located in different places.
    The first is DC in the Azure Cloud and the second DC at the office.

    The problem that clients are not properly determined "DC Site Name" and when sign-in a domain account, Signed in occurs in about 2 minutes in the Azure Cloud and a little faster at the office.
    1. I created sites in AD Sites and Services.
    2. Moved DC in these sites.
    3. Configured subnets on the sites.

    OfficeSite=192.168.xxx.x/24
    CloudSite=100.71.x.x/16
    CloudSite=10.0.0.0/8 - it is VPN subnet, through which the combined local networks.

    OFFICEDC=192.168.xxx.x
    CLOUDDC=10.71.xx.xx and 10.1.0.xxx

    PC at the office. (Defines the wrong site)

    C:\Users\user>nltest /DCLIST:domain.local
    Get list of DCs in domain 'domain.local' from '\\CLOUDDC.domain.local'.
        CLOUDDC.domain.local        [DS] Site: CloudSite
          OFFICEDC.domain.local [PDC]  [DS] Site: OfficeSite
    The command completed successfully
    
    C:\Users\user>nltest /DSGETSITE
    CloudSite
    The command completed successfully
    
    C:\Users\user>nltest /DSGETDC:domain.local /KDC
               DC: \\CLOUDDC.domain.local
          Address: \\100.71.xx.xx
         Dom Guid: ec816caf-e075-4633-b577-xxxxxxxxxxxx
         Dom Name: domain.local
      Forest Name: domain.local
     Dc Site Name: CloudSite
    Our Site Name: CloudSite
            Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST CLO
    SE_SITE FULL_SECRET WS
    The command completed successfully
    
    C:\Users\user>nltest /DSGETDC:domain.local /GC
               DC: \\CLOUDDC.domain.local
          Address: \\10.1.0.xxx
         Dom Guid: ec816caf-e075-4633-b577-xxxxxxxxxxxx
         Dom Name: domain.local
      Forest Name: domain.local
     Dc Site Name: CloudSite
    Our Site Name: CloudSite
            Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST CLO
    SE_SITE FULL_SECRET WS
    The command completed successfully
    
    C:\Users\user>nltest /DSGETDC:domain.local
               DC: \\CLOUDDC.domain.local
          Address: \\100.71.xx.xx
         Dom Guid: ec816caf-e075-4633-b577-xxxxxxxxxxxx
         Dom Name: domain.local
      Forest Name: domain.local
     Dc Site Name: Cloud-CNF-25dc83cd-f6f3-4731-9cb8-xxxxxxxxxxxx
            Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST FUL
    L_SECRET WS
    The command completed successfully
    
    C:\Users\user>nltest /DSGETDC:domain.local /force
               DC: \\CLOUDDC.domain.local
          Address: \\100.71.xx.xx
         Dom Guid: ec816caf-e075-4633-b577-xxxxxxxxxxxx
         Dom Name: domain.local
      Forest Name: domain.local
     Dc Site Name: CloudSite
    Our Site Name: CloudSite
            Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST CLO
    SE_SITE FULL_SECRET WS
    The command completed successfully

    The Server in the Azure Cloud. (Defines the wrong site)

    C:\Users\user>nltest /DCLIST:domain.local
    Get list of DCs in domain 'domain.local' from '\\OFFICEDC.domain.local'.
          OFFICEDC.domain.local [PDC]  [DS] Site: OfficeSite
        CLOUDDC.domain.local        [DS] Site: CloudSite
    The command completed successfully
    
    C:\Users\user>nltest /DSGETSITE
    OfficeSite
    The command completed successfully
    
    C:\Users\user>nltest /DSGETDC:domain.local /KDC
               DC: \\OFFICEDC.domain.local
          Address: \\192.168.xxx.x
         Dom Guid: ec816caf-e075-4633-b577-xxxxxxxxxxxx
         Dom Name: domain.local
      Forest Name: domain.local
     Dc Site Name: OfficeSite
    Our Site Name: OfficeSite
            Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN
    DNS_FOREST CLOSE_SITE FULL_SECRET WS
    The command completed successfully
    
    C:\Users\user>nltest /DSGETDC:domain.local /GC
               DC: \\OFFICEDC.domain.local
          Address: \\192.168.xx.xx
         Dom Guid: ec816caf-e075-4633-b577-xxxxxxxxxxxx
         Dom Name: domain.local
      Forest Name: domain.local
     Dc Site Name: OfficeSite
    Our Site Name: OfficeSite
            Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN
    DNS_FOREST CLOSE_SITE FULL_SECRET WS
    The command completed successfully
    
    C:\Users\user>nltest /DSGETDC:domain.local
               DC: \\OFFICEDC.domain.local
          Address: \\192.168.xxx.x
         Dom Guid: ec816caf-e075-4633-b577-xxxxxxxxxxxx
         Dom Name: domain.local
      Forest Name: domain.local
     Dc Site Name: OfficeSite
    Our Site Name: OfficeSite
            Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN
    DNS_FOREST CLOSE_SITE FULL_SECRET WS
    The command completed successfully
    
    C:\Users\user>nltest /DSGETDC:domain.local /force
               DC: \\OFFICEDC.domain.local
          Address: \\192.168.xxx.x
         Dom Guid: ec816caf-e075-4633-b577-xxxxxxxxxxxx
         Dom Name: domain.local
      Forest Name: domain.local
     Dc Site Name: OfficeSite
    Our Site Name: OfficeSite
            Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN
    DNS_FOREST CLOSE_SITE FULL_SECRET WS
    The command completed successfully

    The Server in the Azure Cloud. (Defines the right site)

    C:\Users\user>nltest /DCLIST:domain.local
    Get list of DCs in domain 'domain.local' from '\\CLOUDDC.domain.local'.
        CLOUDDC.domain.local        [DS] Site: CloudSite
          OFFICEDC.domain.local [PDC]  [DS] Site: OfficeSite
    The command completed successfully
    
    C:\Users\user>nltest /DSGETSITE
    CloudSite
    The command completed successfully
    
    C:\Users\user>nltest /DSGETDC:domain.local /KDC
               DC: \\CLOUDDC.domain.local
          Address: \\100.71.xx.xx
         Dom Guid: ec816caf-e075-4633-b577-xxxxxxxxxxxx
         Dom Name: domain.local
      Forest Name: domain.local
     Dc Site Name: Cloud-CNF-25dc83cd-f6f3-4731-9cb8-xxxxxxxxxxxx
            Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST FUL
    L_SECRET WS
    The command completed successfully
    
    C:\Users\user>nltest /DSGETDC:domain.local /GC
               DC: \\CLOUDDC.domain.local
          Address: \\100.71.xx.xx
         Dom Guid: ec816caf-e075-4633-b577-xxxxxxxxxxxx
         Dom Name: domain.local
      Forest Name: domain.local
     Dc Site Name: CloudSite
    Our Site Name: CloudSite
            Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST CLO
    SE_SITE FULL_SECRET WS
    The command completed successfully
    
    C:\Users\user>nltest /DSGETDC:domain.local
               DC: \\CLOUDDC.domain.local
          Address: \\100.71.xx.xx
         Dom Guid: ec816caf-e075-4633-b577-xxxxxxxxxxxx
         Dom Name: domain.local
      Forest Name: domain.local
     Dc Site Name: Cloud-CNF-25dc83cd-f6f3-4731-9cb8-xxxxxxxxxxxx
            Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST FUL
    L_SECRET WS
    The command completed successfully


    The Server in the Azure Cloud.

    C:\Users\User>set logonserver 
    LOGONSERVER=\\CLOUDDC

    Checking replicate.

    C:\Users\User>repadmin /showutdvec clouddc dc=domain,dc=local
    CachingGUIDs...
    CloudSite\CLOUDDC                       @ USN   1770868 @ Time 2016-07-11 14:18:31
    OfficeSite\OFFICEDC                        @ USN    958563 @ Time 2016-07-11 14:16:58

    OFFICEDC (IP: 192.168.xxx2)

    Ethernet adapter Local Area Connection:
    
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
       Physical Address. . . . . . . . . : D8-CB-8A-5C-xx-xx
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::49xx:xxx7:76x0:439%10(Preferred)
       IPv4 Address. . . . . . . . . . . : 192.168.xxx.2(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Default Gateway . . . . . . . . . : 192.168.xxx.1
       DHCPv6 IAID . . . . . . . . . . . : 249088906
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-E3-FB-C9-D8-CB-8A-xx-xx-xx
    
       DNS Servers . . . . . . . . . . . : ::1
                                           192.168.xxx.2
                                           10.1.0.xxx
       Primary WINS Server . . . . . . . : 192.168.xxx.2
       NetBIOS over Tcpip. . . . . . . . : Enabled

    CLOUDDC (IP: 100.71.xx.59 and IP: 10.1.0.xxx)
    Ethernet adapter Local Area Connection 2:
    
       Connection-specific DNS Suffix  . : xxxxxxx.d3.internal.xxxxxxx.net
       Description . . . . . . . . . . . : Microsoft Virtual Machine Bus Network Ada
    pter #3
       Physical Address. . . . . . . . . : 00-15-5D-E0-xx-xx
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::558c:cb94:32xx:x8x4%23(Preferred)
       IPv4 Address. . . . . . . . . . . : 100.71.xx.59(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.254.0
       Lease Obtained. . . . . . . . . . : Saturday, March 26, 2016 11:07:33 AM
       Lease Expires . . . . . . . . . . : Thursday, August 17, 2152 8:59:47 PM
       Default Gateway . . . . . . . . . : 100.71.xx.1
       DHCP Server . . . . . . . . . . . : 100.71.x.218
       DHCPv6 IAID . . . . . . . . . . . : 385881437
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-E3-BA-88-00-15-5D-xx-xx-xx
    
       DNS Servers . . . . . . . . . . . : 100.71.xx.59
                                           192.168.xxx.2
       Primary WINS Server . . . . . . . : 100.71.xx.59
       NetBIOS over Tcpip. . . . . . . . : Enabled



    • Edited by Cancer_zern Wednesday, January 11, 2017 11:03 AM
    Wednesday, January 11, 2017 10:22 AM

All replies

  • Hi,

    If the PC or server at office is not able to contact  the local DC Dc , that means that its subnet is not assigned to local site.

    If seems that your  subnet settings in Active directory Sites and services is wrong, It can be a missing subnet or a subnet in wrong site.

     you should define all your subnet and assign them to the closest site from Management Console sites and services active directory.

    For exemple you can follow this :

    Subnet for local PC should be assigned to OfficeSite

    Subnet for cloud server should be assigned to CloudSite

    If the Cloud DC belong to different , you should create it and assign it to CloudSite

    If you have another subnet you should create it on Active directory sites and services and assign it to closest site

    • Proposed as answer by Todd Heron Wednesday, January 11, 2017 12:39 PM
    Wednesday, January 11, 2017 12:26 PM
  • I made some changes.

    The subnets 10.2.0.0/16, 10.3.0.0/16, 10.4.0.0/16, 10.5.0.0/16, 10.6.0.0/16, 10.7.0.0/16 are can connect to DC in Azure Cloud and DC at the Office.


    192.168.100.0/24 - General Office.
    100.71.0.0/16 - MS Azure Servers subnet.
    10.[2-7].0.0/16 - Offices which closer MS Azure subnet

    I will analyse this configuration, but today everything ok.

    A week later I'll update the information.





    • Edited by Cancer_zern Thursday, January 12, 2017 1:07 PM
    Thursday, January 12, 2017 11:18 AM
  • Hi,

    I am checking how the issue going, if you still have any questions, please feel free to contact us.

    And if the replies as above are helpful, we would appreciate you to mark them as answers, and if you resolve it using your own solution, please share your experience and solution here. It will be greatly helpful to others who have the same question.

    Appreciate for your feedback.

    Best regards,

    Wendy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Thursday, January 19, 2017 2:28 AM
    Moderator