There are times when you need to determine which domain controller you have authenticated to. This can be helpful for a number of reasons such as troubleshooting group policy, slow logins, application issues, map network drives or printers, and so on.
For example, recently I ran into an issue where single sign-on was not working for multiple applications. I was troubleshooting the issue on multiple virtual desktops and noticed that single sign on was working on one of them. I thought this was strange considering all the virtual desktops were the exact same. That is when I checked which domain controller it authenticated against and noticed it was DC2 and all the others were DC1.
How to Check Logon Server
You can check the logon server with either the command line or PowerShell.
Option 1 – Using the Command Line
Open the command line, type the command below, and press enter
In the screenshot above I authenticated to the DC2 domain controller. The set l command displays everything from the set command that starts with l so it’s displaying the localappdata also. You could just type set logon to see only the logonserver.
Option 2 – Using PowerShell
Open PowerShell, type the command below, and press enter
Find Domain Controller Group Policy Was Applied From
If you need to know which domain controller a computer or user applied its group policy settings from then run the gpresult /r command.
You can see in the above screenshot the group policy was applied from DC2.
Make sure you check the user settings section as the policy could apply from a different domain controller.
Recommended Tool: SolarWinds Server & Application Monitor
This utility was designed to Monitor Active Directory and other critical services like DNS & DHCP. It will quickly spot domain controller issues, prevent replication failures, track failed logon attempts and much more.
What I like best about SAM is it’s easy to use dashboard and alerting features. It also has the ability to monitor virtual machines and storage.