How to point a client to different domain controller

16 May

Here is a useful command that I’ve discovered.
Imagine a situation where you have a domain called domain.local with multiple domain controllers DC0, DC1 etc.
For some reason some clients are not working as expected or working slower. In my case it was when I tried to run gpresult /r on some clients it was taking ages to provide full details. To find out if any of the domain controllers is having problems I wanted quickly to change the domain controller that the affected client is using.
Back in the day when Windows NT 4 ruled the world there was a command called setprfdc (set preferred domain controller) nltest does something similar.

So first I wanted to find out what DC the client is using. Now there are many different ways but here is a command that I’ve used:
nltest /dsgetdc:domain.local

The output was:

DC: \\DC0.DOMAIN.local
Address: \\10.10.10.1
Dom Guid: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Dom Name: DOMAIN.local
Forest Name: DOMAIN.local
Dc Site Name: Default-First-Site-Name
Our Site Name: Interxion
Flags: PDC GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST
The command completed successfully

This means that the client is using DC0. Now I wanted quickly to point the client to a diferent domain controller DC1. To do that write the following command:

nltest /Server:client0 /SC_RESET:domain.local\dc1

The output should be:

Flags: 30 HAS_IPĀ  HAS_TIMESERV
Trusted DC Name \\DC1.DOMAIN.local
Trusted DC Connection Status Status = 0 0x0 NERR_Success
The command completed successfully

If you run the first command again you should see that domain controller has changed.
This is a temporary thing as after some time the cleint will fallback to the original domain controller.

Tags: , ,

9 Responses

  1. Bruun says:

    Saved me alot of problems

  2. Steve says:

    So, I’m having an issue that I need help on. I have 4 domain controllers and I want the people that are at a certin location to log into that DC, if that DC goes down I want the users to to be able to log into one of the other 3 DC. All of the DC are mirrored and have the same information on them. Any suggestions on how to complete this task?

    Thanks
    Steve

    • Andrius says:

      I do not think that this post is what you looking for.
      Read some articles about intersite management and how to have multiple sites for your AD. This will allow clients in one site connect to the DC in the same site. Also there is a way to enable client to locate next closest site DC.

  3. Jason Deary says:

    Nice Post Andrius! This was helpful and I wanted to thank you for sharing!
    Jason Deary

  4. I used regkey SiteName for connecting shell to different ADsite & eventually the domain controllers/exchange servers I wanted to connect.

    http://msexchange.me/2014/07/06/connect-exchange-shell-to-different-ad-site-exchange-server/

  5. Crono says:

    Nice post, can you elaborate on the syntax of the last command: nltest /Server:client0 /SC_RESET:domain.local\dc1

    I’m just not sure what is suppose to be used for client0? Is that the host name of the system that you want to use a different DC?

    • Gil says:

      no need to put /Server:Client0

      You can just use nltest /SC_RESET:domain.local\dc1 on the machine that you want to change.

  6. Curtis says:

    Thanks for this! It helped us deal with a situation where a domain controller was failing and we needed to point clients to another one.

Leave a Reply

IT Blog

Just another blog on Kozeniauskas.com Network