Solved

Choose Logon server using powershell or another

Posted on 2014-11-14
9
502 Views
Last Modified: 2014-12-17
I'm testing site replication in Active Directory. I have two sites and a link.

1. Is there a way to find logon server in powershell instead of all command 'echo %Logonserver%'?

2. How do I redirect Windows Login of clients to a DC in the remote site? Let's say I have a site A and a site 'Branch'. I like to redirect all user logins at Branch to the Site A without disconnecting the DC?
0
Comment
Question by:crcsupport
  • 5
  • 3
9 Comments
 
LVL 69

Accepted Solution

by:
Qlemo earned 300 total points
ID: 40442904
The purpose of additional DCs is to provide faster login/authentication. So why would you want to use the remote one  only?
0
 
LVL 1

Author Comment

by:crcsupport
ID: 40442906
Yes, for lab purpose, I wonder if there's a way to force that. It could be fun
0
 
LVL 69

Assisted Solution

by:Qlemo
Qlemo earned 300 total points
ID: 40442945
I think there is a setting somewhere for the preferred logon server. Need to do some research ...
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 1

Author Comment

by:crcsupport
ID: 40443195
I  created two SRV records for Kerberos and under Default-First-Site-Name,then I gave priority 0 to the logon server which I like to use for all, and change priority of other logon server to 100. Then, I resign in from clients, it still goes to a logon server with priority 100. I tried to flush dns cache, it doesn't help.
0
 
LVL 1

Author Comment

by:crcsupport
ID: 40443196
0
 
LVL 69

Assisted Solution

by:Qlemo
Qlemo earned 300 total points
ID: 40444410
Not sure whether it does anything different, but try http://technet.microsoft.com/en-us/library/cc974369(v=ws.10).aspx - using ADMT.
0
 
LVL 19

Assisted Solution

by:compdigit44
compdigit44 earned 200 total points
ID: 40445877
Like others have state, changing the weight on the DNS records may be the only way to do this. On a side note, I have read that the echo "%logonserver% shows cached login server information and not the current login server...
0
 
LVL 1

Author Comment

by:crcsupport
ID: 40447916
I spent a couple of hours to try many methods online, but first of all, as Hulabaloo pointed out, %logonserver% seems a static variable showing last successful logon server, not showing the current logon server. I found this after I spent quite of time testing. So, I think I do  the same tests again when I have time suing 'nltest /sc_query:domainname' . I like to keep this post open for a bit longer for reference purpose.
0
 
LVL 1

Author Comment

by:crcsupport
ID: 40500530
As I've tested when there are only two sites, I was not able to redirect the logon unless I shut down the local DC. If there are 3 or more sites, then increasing Site LInk costs will do the trick.

Changing the priority SRV record does also only for local site.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to prepare an HTML email signature template file containing dynamic placeholders for users' Azure AD data. Furthermore, it explains how to use this file to remotely set up a department-wide email signature policy in Office …
This article runs through the process of deploying a single EXE application selectively to a group of user.
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question