Active Directory – Check Which Domain Controller your Machine is Getting Authenticated

To totally unlock this section you need to Log-in

If you have multiple domain controllers in your environment and you want to check with domain controller is authenticating your client, you can execute the following command on command prompt (Execute it with elevated privileges).

If you are working in large active directory environment we all might experience active directory authentication issues were the initial level of troubleshooting will be checking out to which domain controller the computer is getting authenticated. The following is a quick method, using the nltest command (embedded into Windows OS), as the following:

nltest /dsgetdc:<domain>

This will return you the domain controller you are getting authenticated from.

Active Directory - Check Which Domain Controller your Machine is Getting Authenticated

Above picture shows the client machine is authenticating from S2016VMLT.yourdomain.com domain controller.

Using the Set Command

  • Press “Windows-Q” to go to the Apps screen, type “cmd.exe” into the search bar, and then press “Enter” to run Command Prompt.
  • Type “set l” (without quotation marks) into the console, and then press “Enter” to execute the command.
  • Review the information next to the LOGONSERVER field to see the name of the domain controller the user is authenticated to.

Echo Command

Similar to the Set command approach, we can get the same LOGONSERVER value with the following simple procedure:

  • Open run command by pressing Windows + R key.
  • Type echo %logonserver% and press Enter.
  • The above command will list out the domain controller name to which your computer is getting authenticated.

Category