Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Choose Logon server using powershell or another

Posted on 2014-11-14
9
Medium Priority
?
936 Views
Last Modified: 2014-12-17
I'm testing site replication in Active Directory. I have two sites and a link.

1. Is there a way to find logon server in powershell instead of all command 'echo %Logonserver%'?

2. How do I redirect Windows Login of clients to a DC in the remote site? Let's say I have a site A and a site 'Branch'. I like to redirect all user logins at Branch to the Site A without disconnecting the DC?
0
Comment
Question by:crcsupport
  • 5
  • 3
9 Comments
 
LVL 71

Accepted Solution

by:
Qlemo earned 1200 total points
ID: 40442904
The purpose of additional DCs is to provide faster login/authentication. So why would you want to use the remote one  only?
0
 
LVL 1

Author Comment

by:crcsupport
ID: 40442906
Yes, for lab purpose, I wonder if there's a way to force that. It could be fun
0
 
LVL 71

Assisted Solution

by:Qlemo
Qlemo earned 1200 total points
ID: 40442945
I think there is a setting somewhere for the preferred logon server. Need to do some research ...
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:crcsupport
ID: 40443195
I  created two SRV records for Kerberos and under Default-First-Site-Name,then I gave priority 0 to the logon server which I like to use for all, and change priority of other logon server to 100. Then, I resign in from clients, it still goes to a logon server with priority 100. I tried to flush dns cache, it doesn't help.
0
 
LVL 71

Assisted Solution

by:Qlemo
Qlemo earned 1200 total points
ID: 40444410
Not sure whether it does anything different, but try http://technet.microsoft.com/en-us/library/cc974369(v=ws.10).aspx - using ADMT.
0
 
LVL 20

Assisted Solution

by:compdigit44
compdigit44 earned 800 total points
ID: 40445877
Like others have state, changing the weight on the DNS records may be the only way to do this. On a side note, I have read that the echo "%logonserver% shows cached login server information and not the current login server...
0
 
LVL 1

Author Comment

by:crcsupport
ID: 40447916
I spent a couple of hours to try many methods online, but first of all, as Hulabaloo pointed out, %logonserver% seems a static variable showing last successful logon server, not showing the current logon server. I found this after I spent quite of time testing. So, I think I do  the same tests again when I have time suing 'nltest /sc_query:domainname' . I like to keep this post open for a bit longer for reference purpose.
0
 
LVL 1

Author Comment

by:crcsupport
ID: 40500530
As I've tested when there are only two sites, I was not able to redirect the logon unless I shut down the local DC. If there are 3 or more sites, then increasing Site LInk costs will do the trick.

Changing the priority SRV record does also only for local site.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question