Client Connects to Random Domain Controller (Logonserver)

The solution is only relevant if you have a mixed 2003 and 2008  or 2012 and higher environment and it is because of the different default value for SiteCostedReferrals.

Problem

During the logon process, to gain access to the scripts and policies stored in every DCs SYSVOL and NETLOGON folder, the client machine contacts a DC and requests a referral for SYSVOL and NETLOGON.

Domain controllers generate SYSVOL and NETLOGON referrals each time a client requests a referral. By default in Windows Server 2003, the list of domain controllers listed in the SYSVOL and NETLOGON referrals are sorted as follows:

  1. All DC’s in the client’s site are grouped in random order at the top of the list
  2. Domain controllers outside of client’s site are listed in random order.

Windows Server 2008 and higher, have this behavior changed by default.

It uses the Site Costed Referrals to sort DC’s outside of a client’s site in order of lowest cost.

If you have some DC’s in the domain with this feature disabled and others enabled you may receive DFS referrals that contain a list of random SYSVOL or NETLOGON referrals and experience slow performance during logon.

Solution

If Windows Server 2008 and higher domain controllers will co-exist for a period of time with Windows Server 2003 domain controllers, consider enabling the Site Costed Referrals setting on the Windows Server 2003 DCs.

Before enabling this feature, it’s important to:

  1. Review the costs set in site links and to check if they are configured correctly for the environment.
  2. Site Costed Referrals requires that the Bridge All Site Links option be enabled.

This behavior is controlled via the following Registry value:

HKLM\System\CurrentControlSet\Services\Dfs\Parameters

Value: SiteCostedReferrals

Type: REG_DWORD

Data:

Windows Server 2003 / 2003 R2

<not exist>= Disabled

0 = Disabled

1 = Enabled

Windows Server 2008 and higher

<not exist>= Enabled

0 = Disabled

1 = Enabled

Refer:

KB905846 You may receive DFS referrals that contain a list of random DFS targets, random SYSVOL or NETLOGON referrals, or experience slow performance when you access a shared folder in a DFS namespace on a Windows Server 2003-based computer

http://support.microsoft.com/default.aspx?scid=kb;EN-US;905846

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.