In the event of multiple domain controllers for a given domain, if sites and services is not configured for a given site, any Windows workstation will create a secure channel with a random domain controller in the domain. This may introduce latency if the domain controller is across the WAN. Also it may be desirable to have BCAAA establish a secure channel with a specific domain controller to minimize impact on actual logons. Is it possible to accomplish this?
The NLTEST utility from Microsoft will need to be placed on the Windows workstation or server hosting the BCAAA agent. This utility is a part of Windows 2003 support tools. The tools can be downloaded from:
For a list of all the available command line parameters, please run nltest /? from the command line. Three specific command line parameters will be used. They are:
nltest /sc_query:<domain name> This displays which domain controller the secure channel currently is connected to.
nltest /dclist:<domain name> This displays all available domain controllers by hostname.
nltest /SC_RESET:<domain name>\dcname This resets the secure channel to the domain controller (DC) specified.
After using nltest /dclist:<domain name> to obtain the list of DC's, use the nltest /sc_reset command to force the secure channel to the desired DC. Note: This channel will reset when the Windows server is rebooted. If you want to force the server where the BCAAA agent resides to a particular DC, create a Windows startup script to force the sc_reset command on bootup.
Imported Document ID: 000009829
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.