Recipe 11.17 Configuring a Domain Controller to Cover Multiple Sites
11.17.1 ProblemYou want to configure a domain controller to cover multiple sites, which will cause clients in those sites to use that domain controller for authentication and directory lookups. 11.17.2 Solution11.17.2.1 Using a graphical user interface
11.17.2.2 Using a command-line interface> reg add HKLM\System\CurrentControlSet\Services\Netlogon\Parameters /v[RETURN] "SiteCoverage" /t REG_MULTI_SZ /d <Site1>\0<Site2> 11.17.2.3 Using VBScript' This code configures a domain controller to cover multiple sites. ' ------ SCRIPT CONFIGURATION ------ strDC = "<DomainControllerName>" ' e.g. dc01 arrSites = Array("<Site1>","<Site2>") ' Array of sites to cover ' ------ END CONFIGURATION --------- strNTDSReg = "SYSTEM\CurrentControlSet\Services\Netlogon\Parameters" const HKLM = &H80000002 set objReg = GetObject("winmgmts:\\" & strDC & "\root\default:StdRegProv") objReg.SetMultiStringValue HKLM, strNTDSReg, _ "SiteCoverage", _ arrSites WScript.Echo "Site coverage set for " & strDC 11.17.3 DiscussionIt is perfectly valid to have a site that does not contain its own domain controller. In fact, if you model the site topology after your real network, some sites will lack their own domain controllers unless you've deployed a branch office architecture or have very few sites. If you create sites without any domain controllers, the site links between the sites determine what domain controllers will "cover" or advertise their services to the site. When a domain controller covers for a remote site, it needs to publish site-specific DNS resource records, which clients in the site use to find the domain controller. Active Directory will select DCs to cover DC-less sites automatically, but you can hard-code the list of sites a specific domain controller should cover by modifying the Registry as described in the Solution section. 11.17.4 See AlsoMS KB 200498 (Configure a Domain Controller for Membership in Multiple Sites) |
Run.
EAN: 2147483647
Pages: 456