Solved

Change of the LOGONSERVER

Posted on 2011-09-29
7
2,403 Views
Last Modified: 2012-08-13
I upgraded to a new server (DC) however the old server is still in place. On one of the client workstations the machine keeps logging in to the old server (run --> set--> LOGONSERVER=\\oldservername). I tried to change in via command line with set /p logonserver=\\new server
and whenever I retype set it shows that new server is the new logon server but whenever I log off and log back in the old server is the one that is logged into
please do you have an idea why the oldservername still  displayed in the LOGONSERVER parameter ?
In fact, I checked the network settings on the client, and I saw the new DNS (new server DC).
Thanks in advance for your eventual answer.
0
Comment
Question by:DRRAM
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36818571
Is the old server still up or did you take it down?

Thanks

Mike
0
 
LVL 70

Expert Comment

by:KCTS
ID: 36818630
The LOGONSERVER variable does not determine which server is used to authenticate the client - it just records which one did.
You cannot use the SET option to change the server preferences

When authentication takes place, the client simply requests a list of available DCs from DNS by querying the SRV records. Assuming that you have a single site, and the SRV records have equal weight, the client will just use the one that responds first.
0
 

Author Comment

by:DRRAM
ID: 36874558
kcts: please
I agree that the client simply requests a list of available DCs from DNS

but in the DNS I remove the old DC....and in the dhcp server

please i wait your response

0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 36889970
Set up Sites and Services and be sure and add your Network Object for the site in question to the correct Site.  This will tell AD where you want the users on that Network to go for authentication.

It seems you are facing the issue with only one client PC.If this is the case check the host file on workstation and remove the entry of old server also remove the same from NIC.

Ran ipconfig /flushdns & ipconfig /registerdns and restart the PC.

If the old server exist in the network the client may authenticate to old server for various reason.
Make sure that on new DC GC is enabled.

I
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 500 total points
ID: 36889980
If you do not want to use LOGINSERVER of that old the only on option is to decommission it. But it's not recommended because DC redundancy is important.

The one thing I can think of is to create new Site under AD Sites and Servicers console and move that old DC there. Create some "fake" subnet for that new Site and your clients won't authenticate to it :)

If you new DC will be up-and-running, your clients will always authenticate on it only.

But may I ask you why you don't want to use also the old DC for authentication whereas it is not demoted :]

Regards,
Krzysztof
0
 

Author Closing Comment

by:DRRAM
ID: 37041638
THX
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 37043222
You're welcome :)

Krzysztof
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question