Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1034
  • Last Modified:

Choose Logon server using powershell or another

I'm testing site replication in Active Directory. I have two sites and a link.

1. Is there a way to find logon server in powershell instead of all command 'echo %Logonserver%'?

2. How do I redirect Windows Login of clients to a DC in the remote site? Let's say I have a site A and a site 'Branch'. I like to redirect all user logins at Branch to the Site A without disconnecting the DC?
0
crcsupport
Asked:
crcsupport
  • 5
  • 3
4 Solutions
 
QlemoC++ DeveloperCommented:
The purpose of additional DCs is to provide faster login/authentication. So why would you want to use the remote one  only?
0
 
crcsupportAuthor Commented:
Yes, for lab purpose, I wonder if there's a way to force that. It could be fun
0
 
QlemoC++ DeveloperCommented:
I think there is a setting somewhere for the preferred logon server. Need to do some research ...
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
crcsupportAuthor Commented:
I  created two SRV records for Kerberos and under Default-First-Site-Name,then I gave priority 0 to the logon server which I like to use for all, and change priority of other logon server to 100. Then, I resign in from clients, it still goes to a logon server with priority 100. I tried to flush dns cache, it doesn't help.
0
 
QlemoC++ DeveloperCommented:
Not sure whether it does anything different, but try http://technet.microsoft.com/en-us/library/cc974369(v=ws.10).aspx - using ADMT.
0
 
compdigit44Commented:
Like others have state, changing the weight on the DNS records may be the only way to do this. On a side note, I have read that the echo "%logonserver% shows cached login server information and not the current login server...
0
 
crcsupportAuthor Commented:
I spent a couple of hours to try many methods online, but first of all, as Hulabaloo pointed out, %logonserver% seems a static variable showing last successful logon server, not showing the current logon server. I found this after I spent quite of time testing. So, I think I do  the same tests again when I have time suing 'nltest /sc_query:domainname' . I like to keep this post open for a bit longer for reference purpose.
0
 
crcsupportAuthor Commented:
As I've tested when there are only two sites, I was not able to redirect the logon unless I shut down the local DC. If there are 3 or more sites, then increasing Site LInk costs will do the trick.

Changing the priority SRV record does also only for local site.
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now