We have 2 DCs, one main and one backup at another site. we had some issues with our main DC and i believe a lot of people were pushed over to the backup DC. is there a way to see everyone who is using a certain DC as their logon server without looking at each user individually?
SnapOverflow
The domain controller a user uses to login against has to do with the Site config. If you haven't done anything about Sites, you have one big one. Users and computers will (within some bounds) pick a random DC in that site to login against. If you do have separate Sites declared in AD, the login process will respect Site boundaries; it will only cross to another Site when all local DCs are not available. Once the local DCs are back up, it will log in to those.
Which is to say, no there isn't a way to see who logged in against a specific Domain Controller short of hitting the Security log. Search for event ID 4624 to get Logon events. There will be a lot of them, as both computer and user logins record that event.
The one area that isn't as clear is where Group Policies are downloaded from. Computers will resolve the domain's DNS to get a list of domain controllers to pull from. That can cross sites, which may lead to slow GPO application times if this is happening. I believe you can weight the DNS entries to discourage use of the distant DC.
None that I know of. That is normally assumed to be non-important information. You may be able to get some info out of th eevent log, but that will reuire correlating all event logs on the DCs and possibly tuning up standard output in the security area.