none
Volatile Environment registry value LOGONSERVER causing authentication issues when one DC is off line RRS feed

  • Question

  • Recently, I needed to shutdown one of our domain controllers.  At the end of the day I logged out of the network.  Next day I started my computer and logged in, but when my logon script tried to execute it froze and eventually timed out.  After reviewing my system I noticed that the LOGONSERVER environment variable was pointing to the server I took off line the day before.  Our network logon scripts are bat files and use the LOGONSERVER variable throughout.  I tried many times to reset that variable until I finally found it in the "Volatile Environment" registry key.  Once I changed it to the DC that is accessible, I was able to successfully log on and run my script.  I realize it's not often that a DC would be offline, but I would think this variable should auto update whenever a user gets a response back from the DC that answers the call for authentication.  I must have something configured incorrectly but I don't know where to go to fix this.  Can you please point me in the right direction?  Thank you.

    Saturday, May 2, 2020 8:00 PM

All replies

  • %logonserver% is dynamically set, I'd just make sure the problem members are getting a valid healthy domain controller ip address listed for DNS from DHCP server.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Saturday, May 2, 2020 8:44 PM
  • You should not rely on LOGONSERVER environment variable.

    Instead, check the output of 

    nltest /sc_query:yourdomainname

    hth

    Marcin

    Sunday, May 3, 2020 11:36 AM
  • Thanks Dave.

    You helped me identify the underlying issue which only exists for remote workers:  The ip address and related info is being supplied by a DHCP server  incorporated into our remote access device.  It has very limited capabilities, in that it can pass an IP address, subnet, gateway and DNS servers but nothing else.  My apologies for not painting a clearer picture but now I have a better understanding. 

    Wednesday, May 20, 2020 11:02 PM
  • Glad to hear it helps.

     

    (please don't forget to mark helpful replies as answer)

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Wednesday, May 20, 2020 11:06 PM