Solved

Change of the LOGONSERVER

Posted on 2011-09-29
7
2,345 Views
Last Modified: 2012-08-13
I upgraded to a new server (DC) however the old server is still in place. On one of the client workstations the machine keeps logging in to the old server (run --> set--> LOGONSERVER=\\oldservername). I tried to change in via command line with set /p logonserver=\\new server
and whenever I retype set it shows that new server is the new logon server but whenever I log off and log back in the old server is the one that is logged into
please do you have an idea why the oldservername still  displayed in the LOGONSERVER parameter ?
In fact, I checked the network settings on the client, and I saw the new DNS (new server DC).
Thanks in advance for your eventual answer.
0
Comment
Question by:DRRAM
7 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36818571
Is the old server still up or did you take it down?

Thanks

Mike
0
 
LVL 70

Expert Comment

by:KCTS
ID: 36818630
The LOGONSERVER variable does not determine which server is used to authenticate the client - it just records which one did.
You cannot use the SET option to change the server preferences

When authentication takes place, the client simply requests a list of available DCs from DNS by querying the SRV records. Assuming that you have a single site, and the SRV records have equal weight, the client will just use the one that responds first.
0
 

Author Comment

by:DRRAM
ID: 36874558
kcts: please
I agree that the client simply requests a list of available DCs from DNS

but in the DNS I remove the old DC....and in the dhcp server

please i wait your response

0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 36889970
Set up Sites and Services and be sure and add your Network Object for the site in question to the correct Site.  This will tell AD where you want the users on that Network to go for authentication.

It seems you are facing the issue with only one client PC.If this is the case check the host file on workstation and remove the entry of old server also remove the same from NIC.

Ran ipconfig /flushdns & ipconfig /registerdns and restart the PC.

If the old server exist in the network the client may authenticate to old server for various reason.
Make sure that on new DC GC is enabled.

I
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 500 total points
ID: 36889980
If you do not want to use LOGINSERVER of that old the only on option is to decommission it. But it's not recommended because DC redundancy is important.

The one thing I can think of is to create new Site under AD Sites and Servicers console and move that old DC there. Create some "fake" subnet for that new Site and your clients won't authenticate to it :)

If you new DC will be up-and-running, your clients will always authenticate on it only.

But may I ask you why you don't want to use also the old DC for authentication whereas it is not demoted :]

Regards,
Krzysztof
0
 

Author Closing Comment

by:DRRAM
ID: 37041638
THX
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 37043222
You're welcome :)

Krzysztof
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question