Isilon - What domain controller is my node connected to and how can I force all nodes to point to just one?

isi_for_array -s isi auth status | grep activedirectory-provider

i tried this command on my test cluster and it changes all nodes to use that specific DC, not just that particular node

isi auth ads modify --domain-controller=mydc.mycompany.com --provider-name=mycompany.com

Any issues with intermitted disconnects from AD?  I get this with multiple clusters OneFS 7.2.1.4.  I can be ssh'ed into a node and run a command one minute and everything is lovely and another minute I don't appear to have the rights to run the command.  So it tells me that the node has temporarily lost COM to AD.  Is there a log that I can find out about the disconnects or that will provide insight to whats going on outside of looking at messages?

Thank you,

I see this occasionally.  We have "distant" DCs in a remote data center that averages 25ms roundtrip.  We'll see certain isi commands hang for 20 to 30 seconds, then suddenly respond and populate.  We can always tell when we're logged into a remote DC when that occurs.

Yes, I remember this being a problem so what I did is pinged all the DC to see which one the cluster has the least latency to and made sure that the cluster was pointed to that DC, and notice that we still have this problem from time to time.  I really don't know how to troubleshoot this unless we had a way of monitoring the activity on the DC for load as well as the Isilon for responses from the DC.

One thing I would check, would be to make sure that the sites in AD sites and services are configured correctly and have metrics for the distance to some sites.  Point being that what DC is used is usually determined by the proximity of that DC.  Same idea for DFSR.  You may simply be seeing an AD replication or architecture problem.