Jens,
in your example regardless of whether the local or remote DC authenticates you, you are still SHELLing to the authenticating DC contrary to our client's need to SHELL to the local DC.
Paul,
I'm a 'teach a man to fish' kinda guy so I leave it to you to come up with the code.
Since your main site has four DCs, you may want to rethink the methodology to use exception instead. That is, check to see if the @LServer is in the client's subnet. To hard code the server name to the subnet would disadvantage the main site.
Since I don't have an understanding of how your DCs are setup I can only surmise. On my network, my DCs only do authentication, DHCP, DNS, and WINS. All other things, like SQL, NAV, email, etc. are handled by separate application servers. I can see where in a small branch, you may consolidate onto fewer servers, but cannot imagine that to be the case for the main site.
_________________________
Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
