N
N
Nicholas2016-09-09 10:22:21
Domain name market
Nicholas, 2016-09-09 10:22:21

Authorization only through a specific domain controller?

Good afternoon, there is a network with several domain controllers, there is one forest, there are 5 controllers, two in the head office, and 3 are in the branches (RODC) , all branches are on the same subnet (fiber is forwarded), but sometimes it happens that, for example, a user from a branch 1 logs in to the DC from branch 3 in the morning, the link fell by lunchtime (cable break, for example) , the user went out for lunch, returned, and cannot log in, because there is no physical link to the DC from the third branch, but at the same time the user has a sideways its DC, but its machine in the dns records holds domain.local with IP on DC in branch 3. Are there any mechanisms to implement such a scheme:
Branch-1: 192.168.21.0/16 was authorized only on RODC.filial1. en (192.168. 21.1 / 16)
Branch-2: 192.168.22.0/16 authorized only on RODC.filial2.ru (192.168.22.1/16 ) Branch-3: 192.168.23.0/16 authorized only on
RODC.filial3.ru ( 192.168.23.1/ 16) Well, did the head office machines actually request permission to enter PDC1 (192.168.1.1/16) and PDC2 (192.168.2.1/16) ? Thank you in advance!

Answer the question

In order to leave comments, you need to log in

2 answer(s)
S
Sergey Galaktionov, 2016-09-09
@Hagmos

https://technet.microsoft.com/en-us/library/cc7546...

S
SergeySL, 2016-09-09
@SergeySL

Divide the network into sites, as advised by Sergey Galaktionov

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question