Windows Server – How to identify which domain controller authenticated a user
A question came up in class this week which is asked quite often when I am teaching an Active Directory class. Whether it is the Active Directory administration class or the advanced design class I am asked, “I have a user that is logged on. I don’t think they received the correct GPO settings, is there a way to identify which domain controller authenticated them?”
The answer is “Yes!” You can. Here is how.
Have the logged on user launch the command prompt on the target computer. Type Set Logonserver the name of the domain controller that authenticated the user will be returned. See the figure below.
Using echo %username% will allow you create a script to identify the authenticating domain controller. See the figure below.
If you just desire to identify which domain controller the user retrieved group policies from you can type gpresult /r. The returned results will provide you the name of the domain controller that provided the logged on user with GPOs. See the figure below.
As you can see there are multiple ways to identify which domain controller authenticated a user.
Until next time Ride Safe!
Rick Trader
Windows Server Instructor – Interface Technical Training
Phoenix, AZ
Creating Users and Managing Passwords in Microsoft Office 365
In this Office 365 training video, instructor Spike Xavier demonstrates how to create users and manage passwords in Office 365.
How to clone a Windows Server 2012 or 2012 R2 Domain Controller
One of the coolest new features in Window Server 2012 and Windows Server 2012 R2 is the ability to clone a Domain Controller. In the past, if we had virtualized Domain Controllers and we actually took a snapshot of it and then rolled back to that snapshot, it would break the logon service on that … Continue reading How to clone a Windows Server 2012 or 2012 R2 Domain Controller
Detailed Forensic Investigation of Malware Infections – April 21, 2015
In this IT Security training video, Security expert Mike Danseglio (CISSP / CEH) will perform several malware investigations including rootkits, botnets, viruses, and browser toolbars.
Write a Comment
See what people are saying...
Share your thoughts...
The user have to type this command. As an admin, I don’t want to depend on user’s skills. Is there a way to find out witch DC is a user authenticated by, from another computer?