[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Try Next Closest Site

ID: oval:org.secpod.oval:def:19327Date: (C)2014-05-29   (M)2023-07-04
Class: COMPLIANCEFamily: windows




The Try Next Closest Site machine setting should be configured correctly. The Domain Controller Locator (DC Locator) service is used by clients to find domain controllers for their Active Directory domain. The default behavior for DC Locator is to find a DC in the same site. If none are found in the same site, a DC in another site, which might be several site-hops away, could be returned by DC Locator. Site proximity between two sites is determined by the total site-link cost between them. A site is closer if it has a lower site link cost than another site with a higher site link cost. The Try Next Closest Site feature enables DC Locator to attempt to locate a DC in the nearest site based on the site link cost if a DC in same the site is not found. In scenarios with multiple sites, failing over to the try next closest site during DC Location streamlines network traffic more effectively. If you enable this policy setting, Try Next Closest Site DC Location will be turned on for the machine across all available but un-configured network adapters. If you disable this policy setting, Try Next Closest Site DC Location will not be used by default for the machine across all available but un-configured network adapters. However, if a DC Locator call is made using the DS_TRY_NEXTCLOSEST_SITE flag explicitly, the Try Next Closest Site behavior is honored. If you do not configure this policy setting, Try Next Closest Site DC Location will not be used by default for the machine across all available but un-configured network adapters. If the DS_TRY_NEXTCLOSEST_SITE flag is used explicitly, the Next Closest Site behavior will be used. Fix: (1) GPO: Computer Configuration\Administrative Templates\System\Net Logon\DC Locator DNS Records\Try Next Closest Site (2) KEY: HKLM\Software\Policies\Microsoft\Netlogon\Parameters\TryNextClosestSite

Platform:
Microsoft Windows Server 2008 R2
Reference:
CCE-11542-8
CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    1
CCE-11542-8
XCCDF    1
xccdf_org.secpod_benchmark_general_Windows_Server_2008_R2

© SecPod Technologies