Solved

Choose Logon server using powershell or another

Posted on 2014-11-14
9
693 Views
Last Modified: 2014-12-17
I'm testing site replication in Active Directory. I have two sites and a link.

1. Is there a way to find logon server in powershell instead of all command 'echo %Logonserver%'?

2. How do I redirect Windows Login of clients to a DC in the remote site? Let's say I have a site A and a site 'Branch'. I like to redirect all user logins at Branch to the Site A without disconnecting the DC?
0
Comment
Question by:crcsupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 70

Accepted Solution

by:
Qlemo earned 300 total points
ID: 40442904
The purpose of additional DCs is to provide faster login/authentication. So why would you want to use the remote one  only?
0
 
LVL 1

Author Comment

by:crcsupport
ID: 40442906
Yes, for lab purpose, I wonder if there's a way to force that. It could be fun
0
 
LVL 70

Assisted Solution

by:Qlemo
Qlemo earned 300 total points
ID: 40442945
I think there is a setting somewhere for the preferred logon server. Need to do some research ...
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 1

Author Comment

by:crcsupport
ID: 40443195
I  created two SRV records for Kerberos and under Default-First-Site-Name,then I gave priority 0 to the logon server which I like to use for all, and change priority of other logon server to 100. Then, I resign in from clients, it still goes to a logon server with priority 100. I tried to flush dns cache, it doesn't help.
0
 
LVL 70

Assisted Solution

by:Qlemo
Qlemo earned 300 total points
ID: 40444410
Not sure whether it does anything different, but try http://technet.microsoft.com/en-us/library/cc974369(v=ws.10).aspx - using ADMT.
0
 
LVL 20

Assisted Solution

by:compdigit44
compdigit44 earned 200 total points
ID: 40445877
Like others have state, changing the weight on the DNS records may be the only way to do this. On a side note, I have read that the echo "%logonserver% shows cached login server information and not the current login server...
0
 
LVL 1

Author Comment

by:crcsupport
ID: 40447916
I spent a couple of hours to try many methods online, but first of all, as Hulabaloo pointed out, %logonserver% seems a static variable showing last successful logon server, not showing the current logon server. I found this after I spent quite of time testing. So, I think I do  the same tests again when I have time suing 'nltest /sc_query:domainname' . I like to keep this post open for a bit longer for reference purpose.
0
 
LVL 1

Author Comment

by:crcsupport
ID: 40500530
As I've tested when there are only two sites, I was not able to redirect the logon unless I shut down the local DC. If there are 3 or more sites, then increasing Site LInk costs will do the trick.

Changing the priority SRV record does also only for local site.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question