How to know which DC is being used for authentication on fo a specific AD User

del-mo · June 27, 2017, 5:29pm

I’m trying to find Which DC is the user auth being verified with for a specific ad user

donj · June 27, 2017, 6:21pm

From the DC or from the client?

del-mo · June 27, 2017, 6:32pm

From the DC.
I have 6 domain controllers, the users I’m looking for using Linux machines. just need to know which DC is auth those machines
For some reason the logon is not being seen by FSSO

donj · June 27, 2017, 6:34pm

Well, it’s not really a PowerShell question - it’s an AD question. But I’ll give it a shot!

You need to have logon auditing turned on for every D.C. You will need to query the event log on each DC to see which one processed the login. There’s no way to make that fast or easy.

del-mo · June 27, 2017, 8:32pm

It’s turned on already.

Is it possible to use

$DCs= (Get-ADForest).Domains | %{ Get-ADDomainController -Filter * -Server $_ }

and then loop-through each one and get the log from security log files ??

donj · June 27, 2017, 8:34pm

Possible? Sure. Give it a shot. That’s the easiest way to tell if it’s possible :).

Topic		Replies	Views
Will 'get-ADUser -server $FQDN' use the same DC as 'get-addomaincontroller -Server $FQDN' PowerShell Help	10	896	May 16, 2024
Command to find out the DC a user is logged into PowerShell Help	4	617	May 16, 2024
How to tell systems which are accessed by a user PowerShell Help	3	217	May 16, 2024
Create a script to get last 30 days history logon of DC user as service PowerShell Help	2	194	May 16, 2024
Comparing Objects between AD DCs, horrible scripting champion PowerShell Help	3	162	May 16, 2024

How to know which DC is being used for authentication on fo a specific AD User

Related topics