Skip navigation

JSI Tip 0463 - How do I get a specific BDC to validate my logon using TCP/IP?

Many factors go into determining which Domain Control will validate a logon. Here is a number of methods that help insure that a specific Domain Controller on a local sub-net validates the logon:

1. Use Regedt32.exe to browse:


Edit or Add Value the following type REG_DWORD values:

NodeType - set to a 4 (m-node/mixed node).
EnableLMHOSTS set to a 1 to enable LMHOSTS.

2. Use a true ASCII editor like Edit from a cmd prompt (not NotePad) to edit:

%SystemRoot%\system32\drivers\etc\LMHOSTS (you may need to copy LMHOSTS.SAM) and add an entry at the top for the BDC:

IP_ADDRESS_OF_BDC "DOMAINNAME \0x1C" #PRE where the entire entry in quotes is exacly 20 characters.

Make sure there are a few (3 or 4) blank lines at the bottom of the file.

Then type NBTSTAT -R (use exact case) to reload the LMHOSTS file and NBTSTAT -c to verify that the 1C entry is in the cache.

You can either reboot the client or use NLTEST or NETDOM from

NLTEST /SC_QUERY:<DOMAINNAME> to check and NLTEST /SC_RESET:<DOMAINNAME> to reset the secure channel.

NETDOM /Domain:<DOMAINNAME> MEMBER <YourComputer> /JOINDOMAIN to reset the secure channel.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.