improvements to finding things close to you

I am a fountain of technical terms, I know.

in my opinion, one of the most convenient things about active directory is the ability to locate stuff. I don’t mean searching through the directory to find an object exactly. more so, I’m referring to how you can locate things like a DFS server or a domain controller without thinking about it. I don’t have to select which DC I want to use to authenticate me, for example.

if you spend any amount of time managing your active directory sites, you probably want to maximize your return on that work. managing sites is referring to the management of the site containers and objects. for instance, managing the subnets assigned to sites or the costs associated to site links would be an administrative task you might perform.

if all you did was manage the subnets associated to sites, you would get the immediate benefit of clients knowing where to go to get services, but what happens if where they were going is no longer available? well, in the DFS or AD scenario, they would grab something else – randomly.

wow. random. that doesn’t seem beneficial at all. in truth, it’s not. you don’t want your client who was talking to the dfs server next to them in idaho suddenly start talking to one in ireland. clearly this was understood as there were changes in both DFS (version 2003) and AD (version 2008) to address this specific concern.

 

distributed file system

the behavior in dfs is referred to as least expensive targeting (otherwise known as site-costing) and described below:

If you create a stand-alone or domain-based DFS root on a server running Windows Server 2003, and the domain controller acting as the Intersite Topology Generator (ISTG) is also running Windows Server 2003, you can use the /SiteCosting parameter in Dfsutil.exe to enable DFS to choose an alternate target based on connection cost if no same-site targets are available.

Windows Server 2003 uses the site and costing information in Active Directory to determine whether sites are linked by inexpensive, high-speed links or by expensive wide area network (WAN) links.

 

active directory

for AD, this is referred to as the setting try next closest site quoted below:

If you have a domain controller that runs Windows Server 2008 or Windows Server 2008 R2, you can make it possible for client computers that run Windows Vista, Windows 7, Windows Server 2008, or Windows Server 2008 R2 to locate domain controllers more efficiently by enabling the Try Next Closest Site Group Policy setting. This setting improves the Domain Controller Locator (DC Locator) by helping to streamline network traffic, especially in large enterprises that have many branch offices and sites.

This new setting can affect how you configure site link costs because it affects the order in which domain controllers are located. For enterprises that have many hub sites and branch offices, you can significantly reduce Active Directory traffic on the network by ensuring that clients fail over to the next closest hub site when they cannot find a domain controller in the closest hub site.

 

implementing these changes means that when your client can’t access what’s in their site, they will intelligently use services at a location that is closest to them. so that person in idaho? instead of ireland, they might to iowa.

this is stuff that’s been around for awhile but often overlooked. there’s plenty of information on it though. if you haven’t done this yet, it might be something to think about.