Authentication

Hey Guys, an off topic exam question.

Does Microsoft provide any command line tool that will provide me with which DC the user is authenticating with ? I have a suspicion that one of my remote sites users are authenticating at my main office DC.

Is there anyway I can prove this ?

Cheers
Colin

Find more posts tagged with

Comments

sprkymrk

Run gpresult.exe on the computer.

APA

Open up command prompt and type SET, A whole heap of info will appear you will specifically be looking for the line LOGONSERVER= \\(Servername)

sprkymrk

A.P.A wrote:

Open up command prompt and type SET, A whole heap of info will appear you will specifically be looking for the line LOGONSERVER= \\(Servername)

That didn't work for me, here is what set listed:

C:\WINDOWS\SYSTEM32>set

ALLUSERSPROFILE=
CommonProgramFiles=
COMPUTERNAME=
ComSpec=
FP_NO_HOST_CHECK=
NUMBER_OF_PROCESSORS=
OS=
Path=
PATHEXT=
PROCESSOR_ARCHITECTURE=
PROCESSOR_IDENTIFIER=
PROCESSOR_LEVEL=
PROCESSOR_REVISION=
ProgramFiles=
PROMPT=
RoxioCentral=
SystemDrive=
SystemRoot=
TEMP=
TMP=
USERDNSDOMAIN=
USERDOMAIN=
USERNAME=
USERPROFILE=
windir=

I only mention it because I had never heard of it doing that with the set command, so I thought I would try it. Using XP Pro SP2 on W2K3 domain, if that makes a difference. Thanks.

BeaverC32

I've never heard of that either, but I tried it, and sure enough, it worked. I am also using XP Pro SP2 on a W2K3 domain.

elover_jm

It actually work guys.............. at least for it did

running XP pro sp2

APA

sprkymrk wrote:

That didn't work for me, here is what set listed:

C:\WINDOWS\SYSTEM32>set

ALLUSERSPROFILE=
CommonProgramFiles=
COMPUTERNAME=
ComSpec=
FP_NO_HOST_CHECK=
NUMBER_OF_PROCESSORS=
OS=
Path=
PATHEXT=
PROCESSOR_ARCHITECTURE=
PROCESSOR_IDENTIFIER=
PROCESSOR_LEVEL=
PROCESSOR_REVISION=
ProgramFiles=
PROMPT=
RoxioCentral=
SystemDrive=
SystemRoot=
TEMP=
TMP=
USERDNSDOMAIN=
USERDOMAIN=
USERNAME=
USERPROFILE=
windir=

I only mention it because I had never heard of it doing that with the set command, so I thought I would try it. Using XP Pro SP2 on W2K3 domain, if that makes a difference. Thanks.

Sprky thats extremely weird........ The set command always shows the LOGONSERVER and related info... I'll show you what comes up on my home machine.... It isn't connected to a domain but I still get the LOGONSERVER variable shown as the local machine......I have used the Set command at work in our Win2k3 domain and it brings up everything below.....

ALLUSERSPROFILE=
APPDATA=
CLASSPATH=
CLIENTNAME=
CommonProgramFiles=
COMPUTERNAME=
ComSpec=
DEFAULT_CA_NR=
FP_NO_HOST_CHECK=
HOMEDRIVE=
HOMEPATH=
LOGONSERVER
NUMBER_OF_PROCESSORS=
OS=
Path=
PATHEXT=
PROCESSOR_ARCHITECTURE=
PROCESSOR_IDENTIFIER=
PROCESSOR_LEVEL=
PROCESSOR_REVISION=
ProgramFiles=
PROMPT=
QTJAVA=
SESSIONNAME=
SystemDrive=
SystemRoot=
TEMP=
TMP=
USERDOMAIN=
USERNAME=
USERPROFILE=
windir=

It seems that quite a few of your environment variables have been disabled or removed Sprky.........

theseman

I ran it on a W2k3 SP2 server, and an XP Pro SP2 client.

Both had the LOGONSERVER= parameter.

sprkymrk

Sure enough, on my home computer (which is in a workgroup) set had the had logonserver variable. I'll have to see what's up with that at work. Thanks.

sprkymrk

Mystery solved.....

I had used a cmd prompt I opened earlier in the day with "runas" for my admin account to do some remote work. Using the "set" command there did not show a logonserver. If I just open a cmd prompt with the user account I logged on with the "logonserver" entry is there.

Sorry for the confusion!

APA

Definately solved the riddle!!!!

Makes sense though...... glad to have pointed out something new to fellow forum members

doom969

thats useful, thanks