Windows Server – How to identify which domain controller authenticated a user

Home > Blogs > Windows Server > Windows Server – How to identify which domain controller authenticated a user

Windows Server – How to identify which domain controller authenticated a user

Like This Blog 1Rick Trader
Added by April 3, 2013

A question came up in class this week which is asked quite often when I am teaching an Active Directory class. Whether it is the Active Directory administration class or the advanced design class I am asked, “I have a user that is logged on. I don’t think they received the correct GPO settings, is there a way to identify which domain controller authenticated them?”

The answer is “Yes!” You can. Here is how.

Have the logged on user launch the command prompt on the target computer. Type Set Logonserver the name of the domain controller that authenticated the user will be returned. See the figure below.

Windows Server - How to identify which domain controller authenticated a user

Using echo %username% will allow you create a script to identify the authenticating domain controller. See the figure below.

Echo%username% Windows Server Authentication

If you just desire to identify which domain controller the user retrieved group policies from you can type gpresult /r. The returned results will provide you the name of the domain controller that provided the logged on user with GPOs. See the figure below.

gpresult /r command prompt Windows Server

As you can see there are multiple ways to identify which domain controller authenticated a user.

Until next time Ride Safe!

Rick Trader
Windows Server Instructor – Interface Technical Training
Phoenix, AZ

Videos You May Like

Creating Users and Managing Passwords in Microsoft Office 365

0 411 3

In this Office 365 training video, instructor Spike Xavier demonstrates how to create users and manage passwords in Office 365.

How to clone a Windows Server 2012 or 2012 R2 Domain Controller

3 1044 3

One of the coolest new features in Window Server 2012 and Windows Server 2012 R2 is the ability to clone a Domain Controller. In the past, if we had virtualized Domain Controllers and we actually took a snapshot of it and then rolled back to that snapshot, it would break the logon service on that … Continue reading How to clone a Windows Server 2012 or 2012 R2 Domain Controller

Detailed Forensic Investigation of Malware Infections – April 21, 2015

3 408 3

In this IT Security training video, Security expert Mike Danseglio (CISSP / CEH) will perform several malware investigations including rootkits, botnets, viruses, and browser toolbars.

Write a Comment

See what people are saying...

  1. Avatar dan

    The user have to type this command. As an admin, I don’t want to depend on user’s skills. Is there a way to find out witch DC is a user authenticated by, from another computer?

Share your thoughts...

Please fill out the comment form below to post a reply.