There are times when you need to determine which domain controller you have authenticated to. This can be helpful for a number of reasons such as troubleshooting group policy, slow logins, application issues, map network drives or printers, and so on.
For example, recently I ran into an issue where single sign-on was not working for multiple applications. I was troubleshooting the issue on multiple virtual desktops and noticed that single sign on was working on one of them. I thought this was strange considering all the virtual desktops were the exact same. That is when I checked which domain controller it authenticated against and noticed it was DC2 and all the others were DC1.
How to Check Logon Server
You can check the logon server with either the command line or PowerShell.
Option 1 – Using the Command Line
Open the command line, type the command below, and press enter
In the screenshot above I authenticated to the DC2 domain controller. The set l command displays everything from the set command that starts with l so it’s displaying the localappdata also. You could just type set logon to see only the logonserver.
Option 2 – Using PowerShell
Open PowerShell, type the command below, and press enter
Find Domain Controller Group Policy Was Applied From
If you need to know which domain controller a computer or user applied its group policy settings from then run the gpresult /r command.
You can see in the above screenshot the group policy was applied from DC2.
Make sure you check the user settings section as the policy could apply from a different domain controller.
Recommended Tool: Permissions Analyzer for Active Directory
This FREE tool lets you get instant visibility into user and group permissions and allows you to quickly check user or group permissions for files, network, and folder shares.
You can analyze user permissions based on an individual user or group membership.
This is a Free tool, download your copy here.
3 thoughts on “How to Find Which Logon Server You Authenticated to (Domain Controller)”