Change of the LOGONSERVER

I upgraded to a new server (DC) however the old server is still in place. On one of the client workstations the machine keeps logging in to the old server (run --> set--> LOGONSERVER=\\oldservername). I tried to change in via command line with set /p logonserver=\\new server
and whenever I retype set it shows that new server is the new logon server but whenever I log off and log back in the old server is the one that is logged into
please do you have an idea why the oldservername still  displayed in the LOGONSERVER parameter ?
In fact, I checked the network settings on the client, and I saw the new DNS (new server DC).
Thanks in advance for your eventual answer.
DRRAMAsked:
Who is Participating?
 
Krzysztof PytkoConnect With a Mentor Active Directory EngineerCommented:
If you do not want to use LOGINSERVER of that old the only on option is to decommission it. But it's not recommended because DC redundancy is important.

The one thing I can think of is to create new Site under AD Sites and Servicers console and move that old DC there. Create some "fake" subnet for that new Site and your clients won't authenticate to it :)

If you new DC will be up-and-running, your clients will always authenticate on it only.

But may I ask you why you don't want to use also the old DC for authentication whereas it is not demoted :]

Regards,
Krzysztof
0
 
Mike KlineCommented:
Is the old server still up or did you take it down?

Thanks

Mike
0
 
KCTSCommented:
The LOGONSERVER variable does not determine which server is used to authenticate the client - it just records which one did.
You cannot use the SET option to change the server preferences

When authentication takes place, the client simply requests a list of available DCs from DNS by querying the SRV records. Assuming that you have a single site, and the SRV records have equal weight, the client will just use the one that responds first.
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
DRRAMAuthor Commented:
kcts: please
I agree that the client simply requests a list of available DCs from DNS

but in the DNS I remove the old DC....and in the dhcp server

please i wait your response

0
 
SandeshdubeySenior Server EngineerCommented:
Set up Sites and Services and be sure and add your Network Object for the site in question to the correct Site.  This will tell AD where you want the users on that Network to go for authentication.

It seems you are facing the issue with only one client PC.If this is the case check the host file on workstation and remove the entry of old server also remove the same from NIC.

Ran ipconfig /flushdns & ipconfig /registerdns and restart the PC.

If the old server exist in the network the client may authenticate to old server for various reason.
Make sure that on new DC GC is enabled.

I
0
 
DRRAMAuthor Commented:
THX
0
 
Krzysztof PytkoActive Directory EngineerCommented:
You're welcome :)

Krzysztof
0
All Courses

From novice to tech pro — start learning today.