Issue finding which logon server a remote workstation is currently Connected too ?

Hi Guys,

(Get-WmiObject-Classwin32_ntdomain-Filter"DomainName = 'domain'"-ComputerNamemade_up_workstation_name).DomainControllerName

When I run the above on my workstation it gives the same value as the set variable Logonserver

When I run it on my colleagues workstation it gives a Valid DC but not the one that shows in its set variable Logonserver

I get the same results wether I run on or remotely on both workstations

Any ideas ?

August 21st, 2015 8:38am

Hi,

Please use the below script.

https://gallery.technet.microsoft.com/scriptcenter/Get-ADSites-of-multiple-ac7fadf2

Free Windows Admin Tool Kit Click here and download it now
August 21st, 2015 8:55am

You can use the this one also.

>psexec \\remotepc nltest /sc_query:domain_name

August 21st, 2015 8:57am

Cheers for the reply Purvesh

I'm running the scripts on a windows 2012 server and a windows 7 pc

nltest fails with The procedure entry point I_NetloginGetrustid could not be located in the dynamic link library NETAPI32.dll

The get-adsites however gives me a list but its not complete ?
When I looked at the c:\UnreachableHosts.txt a lot of machines were missed
"relevant name" is not reachable

My method above will list all devices (via my script)

What's weird is how what is returned is not always the same as what the device thinks is its current logonserver ?

Get-WmiObject-Classwin32_ntdomain-Filter"DomainName = 'domain'"-ComputerName made_up_workstation_name).DomainControllerName

Free Windows Admin Tool Kit Click here and download it now
August 21st, 2015 9:51am

Let me have look and I will get back to you on this.
August 21st, 2015 10:07am

Cheers here's my code

cls
Remove-Item "C:\logon.txt" -ErrorAction SilentlyContinue

# THESE 2 LINES NEED TO BE CHANGED
$domain = "'domainhere'"                 # change to your domain name
$location = 'OU=???,DC=??,DC=??'    # location of devices to be checked

$computers = Get-ADComputer -filter * -Searchbase $location -ErrorAction SilentlyContinue
    $computers = $computers | sort
    foreach ($computer in $computers) {
        $Shortname = $computer.Name
        $status = Test-Connection $Shortname -ErrorAction SilentlyContinue
        If ($status -NE $null) {
            echo "Checking Computer $Shortname "
            $result =  (Get-WmiObject -Class win32_ntdomain -Filter "DomainName = $domain" -ComputerName $Shortname -ErrorAction SilentlyContinue).DomainControllerName
            if ($result -ne $null) {
                echo "Computer $Shortname which has result = $result "
                echo "Computer $Shortname which has result = $result " >> c:\logon.txt
            }
        } else {
        echo "Computer $Shortname appears to be offline"
        }
    }


  • Edited by aideyuk Friday, August 21, 2015 10:35 AM
Free Windows Admin Tool Kit Click here and download it now
August 21st, 2015 10:34am

Hi,

I worked on this query and it works fine with all required information provided are correct and list produce the output as correct for me. I want you to try this in your environment and revert back.

Get-ADComputer -filter * -Searchbase "OU=Computers,OU=Accounts,OU=US,DC=TESTLAB,DC=com" | %{(Get-WmiObject -Class win32_ntdomain -Filter "DomainName = 'Testlab'" -ComputerName $_.Name)} | Format-List -Property ComputerName,Name >> output.txt

August 21st, 2015 11:04am

Another way you could look at this. Generally all user logons go to the DC that the member computer has established it's secure channel with. You can query the secure channel with NLTEST. So you can query it at the machine level instead of for each logon.

C:\>nltest /sc_query:yourDomain  /server:userWorkstation

Free Windows Admin Tool Kit Click here and download it now
August 21st, 2015 11:14am

Hi,
 
Just checking in to see if above information was helpful. Please let us know if you would like further assistance.
 
Thanks,
 

Regards,

Eth

August 24th, 2015 11:41pm

Hi,

Any updates on issue?

Free Windows Admin Tool Kit Click here and download it now
August 25th, 2015 11:30am

Hi Purvesh I've been in a different office, back today I'll have a looksey asap .. many thanks ;)

August 26th, 2015 9:20am

Made the correct domain and locations mods ....

I'm getting

Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
At C:\Users\adavey\AppData\Local\Temp\925f0533-9ca8-433a-a40e-3d92b25c774d.ps1:1 char:91
+ Get-ADComputer -filter * -Searchbase "OU=Windows Servers,DC=ourdomainname,DC=lo ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [Get-WmiObject], COMException
    + FullyQualifiedErrorId : GetWMICOMException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

It may be hitting some dead workstations first that are still registered in AD?

Free Windows Admin Tool Kit Click here and download it now
August 26th, 2015 9:27am

Yes

but it should go to next one let me check

August 26th, 2015 9:29am

yep its progressing ;)
Free Windows Admin Tool Kit Click here and download it now
August 26th, 2015 9:32am

This is what it produced

Name : Domain: ourdomainname

Name : Domain: ourdomainname

Name : Domain: ourdomainname

lots of entries like this .....

Missing a value for Name and not the dc name the workstation is connect too :(

August 26th, 2015 9:49am

Hi All,

You can add the below command in script and then run it

$ErrorActionPreference = "Continue"

Free Windows Admin Tool Kit Click here and download it now
August 26th, 2015 10:10am

From my original script the output looks like this (snapshot of report)

Computer BMC-REPOS1 appears to be offline
Computer BMC-WILY1 appears to be offline
Checking Computer CH07513SRVR
Computer CH07513SRVR which has result = \\CH-DC1-12
Computer CH10624 appears to be offline
Checking Computer CH-ACS1-2K3
Computer CH-ACS1-2K3 which has result = \\CH-DC1-2K8
Checking Computer CH-AP1-2K3
Computer CH-AP1-2K3 which has result = \\CH-DC2-2K8

When I go go on the actual servers sometimes at command prompt the variable logonserver is correct but sometimes it is not.

Its the reason why it reports differently that I'm really after.
I'm in the process of moving from 2008 to 2012 servers.

I need to prove that the workstation logins are working correctly on 2012 before the forest level is increased to 2012 and then the 2008 Dc's can be  retired.

August 26th, 2015 10:36am

When I go go on the actual servers sometimes at command prompt the variable logonserver is correct but sometimes it is not. --you mean with echo %LOGONSERVER%

I'd suggest you try over Powershell forum :)

https://social.technet.microsoft.com/Forums/windows/en-US/home?forum=winserverpowershell

Free Windows Admin Tool Kit Click here and download it now
August 28th, 2015 1:18am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics