Determine Active Directory Logon Server

When you log on to Active Directory, it determines the “best” DC to respond to you using an algorithm. If your AD Sites and Services are not configured correctly, you could be logging into random DCs on your AD network. They could be local, or they could be on the other side of the world. One way this happens is AD Sites and Services are setup correctly initially, then additional subnets are added to your network as it grows, but no one remembers to add those subnets to AD Sites and Services.

An easy way to determine if you are having a problem is to determine the logon server for machines you suspect to be talking to a domain controller outside of the local network. Go to the machine, launch a DOS prompt and type either Set LOG or echo %LOGONSERVER%. Either command will show the LOGONSERVER environment variable.

LOGONSERVER Environment Variable

Comments are closed.