none
請教AD SITE問題 RRS feed

  • 問題

  • 請問一下~
    目前網域有兩個SITE:
    SITE A在國內,內有一台DC-A
    SITE B在國外,內有一台DC-B
    國外地區的網段都劃到SITE B,所以理論上應該都找DC-B做驗證,但有以下疑問:

    1.DC-B如果掛掉,國外的CLIENT會自動找到DC-A做驗證嗎?
    2.如果有些網段沒有劃入SITE A或SITE B,那些網段的CLIENT PC又會怎麼找DC做驗證呢?
    2009年12月24日 上午 08:13

解答

  • 不知道你的DC是什麼樣的作業系統

    假如是Server2003的話..有一個Automatic Site Coverage的功能

    1.
    如果Site B裡面的DC掛了..SiteB裡面的Client端會去找最近的Site的DC去做驗證

    2.
    如果有些網段沒有規畫到Site裡面的話..這些網段的Client端可能會無法驗證..因為他們無法知道自己是屬於哪個Site.
    所以每個網段都要規劃在Site裡面才可以正常運作


    參考資料

    How DNS Support for Active Directory Works
    http://technet.microsoft.com/en-us/library/cc759550(WS.10).aspx

    Domain Controllers Running Windows Server 2003 Perform Automatic Site Coverage for Sites with RODCs
    http://technet.microsoft.com/en-us/library/cc732322(WS.10).aspx

    摘錄:
    Automatic Site Coverage

    There is not necessarily a domain controller in every site. For various reasons, it is possible that no domain controller exists for a particular domain at the local site. By default, each domain controller checks all sites in the forest and then checks the replication cost matrix. A domain controller advertises itself (registers a site-related SRV record in DNS) in any site that does not have a domain controller for that domain and for which its site has the lowest-cost connections. This process ensures that every site has a domain controller that is defined by default for every domain in the forest, even if a site does not contain a domain controller for that domain. The domain controllers that are published in DNS are those from the closest site (as defined by the replication topology).

    For example, given one domain and three sites, a domain controller for that domain might be located in two of the sites, but there might be no domain controller for the domain in the third site. Replication to the domain that does not have a domain controller in the third site might be too expensive in terms of cost or replication latency. To ensure that a domain controller can be located in the site closest to a client computer, if not the same site, Windows Server 2003 automatically attempts to register a domain controller in every site. The algorithm that is used to accomplish automatic site coverage determines how one site can cover another site when no domain controller exists in the second site.


    Thanks


    歡迎參加MSDN&TechNet技術社群交流活動 (時間:1/9(六) 11:30-17:30(台中金典),1/16(六) 11:30-17:30(台北微軟),1/23(六) 11:30-17:30(高雄漢來)),
    MSDN老爹TechNet小妹將盛裝出席, 要一睹風采, 就趕快報名!!
    • 已提議為解答 Vincent Lin 2009年12月28日 上午 10:39
    • 已標示為解答 Vincent Lin 2009年12月29日 下午 02:15
    2009年12月25日 上午 02:55