How to sign in to another domain or log on to a domain controller locally or remotely

System administrators often need to perform a domain sign in or log on locally to a domain controller (DC) for troubleshooting, maintenance, or administrative tasks.

This guide provides step-by-step instructions for Windows Server editions 2008 to 2022 and Windows desktop versions 10 and 11.

How to sign in to another domain in Windows

On the Windows sign-in screen, click Switch User. Instead of showing icons for all the users with accounts on the PC, you'll see two icons:

1. The first icon is the last user who signed in.
2. The second icon always shows Other user.

To sign in to a different domain:

1. On the sign-in screen, select Other user.
2. Enter your credentials in the format:
   Copy

   domain\username

   Example: CORP\JBond

   

3. Enter your password and press Enter.

How to sign in locally to a domain controller

Sometimes you need to sign in using the local Administrator account rather than a domain account:

1. Disconnect the network or disable the NIC temporarily.
2. On the sign-in screen, select Other user.
3. Enter the username in this format:
   Copy

   .\Administrator

4. Enter the local Administrator password and press Enter.

   

5. After signing in, reconnect to the network if required.

How to sign in to a domain controller via Remote Desktop (RDP)

1. On the domain controller, open System Properties (Win + Pause, or right-click This PC > Properties > Remote Settings).
2. Under the Remote Desktop section, use the Enable Remote Desktop toggle to allow remote connections to the computer.

   

3. Ensure Network Level Authentication (NLA) is enabled under Advanced settings for better security.
4. Confirm your account has administrative or delegated rights to connect remotely.

   

5. Open the Remote Desktop Connection client on your computer (type mstsc in the Run dialog or search for Remote Desktop).
6. In the Remote Desktop Connection window, enter the hostname or IP address of the domain controller you want to connect to.

   

7. Click Connect.
8. When prompted, enter your credentials in the format:
   Copy

   DOMAIN\Username

9. Enter your password and click OK.
10. If a security certificate warning appears, click Yes to proceed.

    

11. After successful authentication, you will see the desktop of the domain controller.

Best practices to consider during domain controller logons

To maintain a secure and reliable authentication environment, follow these best practices when logging on to domain controllers:

1. Use domain accounts with appropriate privileges instead of local administrator accounts whenever possible.
2. Limit logons to authorized administrators only, and avoid using service or shared accounts for interactive sign-ins.
3. Always log on over secure channels (like Remote Desktop over HTTPS or using VPN access) to prevent credential exposure.
4. Avoid using domain controllers for daily administrative tasks such as browsing the web or checking email.
5. Implement multi-factor authentication (MFA) for domain admin accounts to strengthen security.
6. Monitor and audit all domain controller logons to detect unusual access attempts early.

Wondering who's logging on to your domain controllers?

Not sure if the logons on your domain controllers are legitimate? ADAudit Plus gives you complete visibility into every domain controller logon so you can be confident they're done by the right user.

Quickly get insights on:

• Who logged on and when.
• Which domain controller was accessed.
• Logon trends across servers and workstations.
• User-specific logon history for auditing.

For detailed steps on auditing domain controller logon events, refer to our guide here.

Troubleshooting and FAQ