Solved

Need Script to set LOGONSERVER in Windows

Posted on 2009-07-16
9
1,620 Views
Last Modified: 2012-06-21
I have an issue where some of my remote sites will not connect to the proper DC. This of course brings the login to a crawl. I would like a script to set the %LOGONSERVER% to my server. INPADHQDC1. So far I am having some problems finding out about the %LOGONSERVER% variable. All my users login to our DC but some of the other sites will try and connect too the wrong DC. We have multiple DC's and no roamers. I can't use the NET commands. TIA
SET \\INPADHQDC1 %LOGONSERVER%

Open in new window

0
Comment
Question by:MarkIsrael
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 10

Expert Comment

by:remmett70
ID: 24873739
Do you have sites setup in AD Sites and Services?
0
 
LVL 1

Assisted Solution

by:sporgg
sporgg earned 100 total points
ID: 24873770
Hi there

Having a script that sets the %LOGONSERVER% variable will not solve your problem.

Have a look at this article explaining the logon process, I hope this will point you in the right direction. If not let me know.

http://www.tekrevolution.com/open/2009/06/12/active-directory-and-the-logon-process/

Regards

Sporgg
0
 
LVL 31

Assisted Solution

by:Henrik Johansson
Henrik Johansson earned 200 total points
ID: 24873771
Clients will automatically try to authenticate to the closest DC. If they can't find a DC in the local site, they will search for a DC at the next closest site link for redundance when the normal DC is unavailable.
If you want a preferred DC for the local/remote locations, create different sites by using AD Sites and Services and assign the different subnets to the site they belong with the preferred DC they should authenticate to.
If you want to avoid WAN links for authentication, make sure you have atleast two DC/GCs in each site.
0
 

Author Comment

by:MarkIsrael
ID: 24878347
You all have hit the nail on the head. Which in my case there isn't a solution I can do from where I sit. We have a small group of contractors that control all the AD Forests in our company. I have a DC at my site but I can't logon, or do a damm thing with it. Also, the same group has the DNS server. From what I have seen they are clueless about the workings of what DNS Servers do. It appears I'll have to see if they do anything about the local site.
Unless there is something I can do with DHCP or something of another fashion. I'll wait to see if anything else comes down and award points next week.
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 31

Assisted Solution

by:Henrik Johansson
Henrik Johansson earned 200 total points
ID: 24879057
Sites/subnets nead as said to be correctly configured in ADSS to get the clients to authenticate with the local preferred site and avoid WAN-communication.

Is there a firewall between the sites preventing communication between clients and DCs causing authentication problems or is it just that they doesn't use the closest DC/GC and uses WAN-link when not neaded?

Some technet articles about site/subnet management:
http://technet.microsoft.com/en-us/library/cc782048.aspx
http://technet.microsoft.com/en-us/library/cc731907.aspx
http://technet.microsoft.com/en-us/library/cc740187.aspx
http://technet.microsoft.com/en-us/library/cc780426.aspx
0
 

Author Comment

by:MarkIsrael
ID: 24880286
We are talking about a WAN site. It is supposed use our DC but it tends to use the Denver DC. Even after it was setup on a differant TCP/IP address. At HQ we have a regular IP address. One that is registered with ICANN but the remote sites are on a private addressing scheme. We use the IP Helper command on our Cisco Routers to tell the computer where to find the DHCP Server which I have control over.
Also, I am wondering if the DC could be added to the HOSTS or LMHOSTS file to help the workstation look at our DC.  I am not sure how many DC's we have but the top of tree is Denver and Washington. When it hits the Denver DC all traffic runs at a snails pace.
0
 
LVL 4

Accepted Solution

by:
JimInLakeland earned 200 total points
ID: 24884261
The solution is in Active Directory Sites and Services.

In sites and services, find the site that has your domain controller. That DC should also be configured as a Global Catalog server. If it is not, set it. Let's call that site "Orlando"

If you want computers using a 10.10.10.0/24 subnet to use the DC in the Orlando site, you assign the 10.10.10.0/24 subnet to Orlando site.

If you do not have subnets assigned specifically, the client machines will organicly find the DC it feels like using (and it is always the one you don't want it to use.)


Sites and Services is your solution. If you don't manage that correctly, no amount of DHCP work will help.
0
 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 24884389
As you can't do it by your self, ask the networking guys to use AD Sites and Services for configuring the network to have separate sites for Denver and Washington and assign the different subnets to the correct site.
0
 
LVL 1

Expert Comment

by:sporgg
ID: 24894280
Hi there,

If you have a firewall installed on the computers you could set the firewall to deny access to the AD ports on outside server. This should force the computers to use your local ad server. The ports you would need to restrict are Kerberos: 750 & LDAP: 389. Would recommend testing this out before trying it on a live system.

Regards

Sporgg
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Server 2003 x64 upgrade question 10 44
How to virtualize old server? (2003) 7 91
Computer software inventory 5 76
DHCP server 6 48
Issue: Unstable cursor in Windows XP and Windows runs extremely slow in that any click will bring up the Hour glass (sometimes for several seconds before giving you what you want) . Troubleshooting Process and the FINAL FIX: This issue see…
If you have done a reformat of your hard drive and proceeded to do a successful Windows XP installation, you may notice that a choice between two operating systems when you start up the machine. Here is how to get rid of this: Click Start Clic…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now