[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

How to set preferred logon server?

Posted on 2015-01-22
5
Medium Priority
?
3,432 Views
Last Modified: 2015-02-04
This is using MS Windows 2003 R2 AD domain. There are 2 DCs, namely DC01 & DC02. However, we found that DC01 may has some problem with its AD data as attempt to update few settings on its DNS failed. Now, we are intend to setup the third DC, but the setup is pending for the server hardware. During this interim period, we want to set DC02 as the preferred logon server for all the user desktop. How can I set it?

thanks,
0
Comment
Question by:MichaelBalack
  • 3
5 Comments
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40564403
You can do this via the registry on the local machine in question. This will need to be done for any machine that you want to only point to a specific DC.

You are using 2003 AD so you cannot use Group Policy preferences to accomplish this. So you will need to create a login script to modify all machines.

Change Logon Server

Personally, I would not do this because there is a lot of work involved and also you will need to revert the change after the DC has been replaced. I would simply demote the domain controller that is not working properly.

Will.
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 40568252
Hi Will,

Let's me read through the link first...
0
 
LVL 39

Accepted Solution

by:
Mahesh earned 2000 total points
ID: 40569539
Instead of doing this on client level make it on server level

By default all dc’s have a priority of 0, the lower the priority, higher the preference.  The dc with the lowest priority in the site will receive ALL authentication requests unless it is unavailable.  If the lowest priority dc is unavailable then the next lowest dc in the site will receive all requests
Change DC priority for both DCs
Lower the number, higher the priority

Original article
https://technet.microsoft.com/en-us/library/cc816793(WS.10).aspx

Use below link to change the priority
Change the Priority for DNS Service (SRV) Resource Records in the Registry
Make the priority of working DC to 0
Make the priority of non working DC to 1
Then restart netlogon and dns server service on both DCs

Once your faulty DC is repaired, delete both registry values

As already highlighted, you always have option to demote faulty DC
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 40570142
Hi Mahesh,

Give me some time to read through the links. I'll update you once they are applied.
0
 
LVL 1

Author Closing Comment

by:MichaelBalack
ID: 40590232
Excellent. I can see that all logged on desktops have logon server set to the preferred server.
0

Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

591 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question