That'll be tough to track back. The GC consulted for cracking of group membership is done by the upstream DC, not by you the client. That state is not persisted anywhere. In fact, even after a given membership is cracked, a DC could fail over to another GC if the GC it has been using becomes latent for any reason.
So, you can't go in after the fact. Best you could do would be continuously track this (perhaps via network trace looking for certain API calls) and then correlate time of the auth. Or, better yet, make the non-GCs in to GCs if it is possible. :) ~Eric -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Passo, Larry Sent: Thursday, January 06, 2005 10:14 AM To: [email protected] Subject: [ActiveDir] What GC atuthenticated me? I can tell what DC authenticated my AD client by looking at the value of the environment variable LOGONSERVER. But there isn't an environment variable for which GC was involved. Since we have several sites that have more than one GC, I'd like to be able to tell which GC was used. Does anyone know how to tell? List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
