Can anyone tell me How the DNS service discovers which computer is the AD server? Thnx in advance.
How does the DNS service discovers which computer is the AD server?
- Thread starter KAMAZON
- Start date
it's coded into the zone files...open up DNS on the DC (almost every DC is a DNS server as well) and take a look at the stuff.
As they said already, it is in the SRV records that each computer in the domain has.
Heres an article on wikipedia if you are intersted further:
http://en.wikipedia.org/wiki/SRV_record
Heres an article on wikipedia if you are intersted further:
http://en.wikipedia.org/wiki/SRV_record
The DNS server (and any other domain member) will discover this information by querying for SRV records in DNS. The query will start for a service in a particular site and then query for any record at all.
The individual AD servers will (typically) populate DNS via dynamic updates. The netlogon service for instance is responsible for popupulating domain controller SRV records. For a list of records netlogon will update, check the netlogon.dns file located in system32\config.
If your DNS is AD integrated the zone file is actually loaded from AD itself. I believe the DC=forestdnszones and DC=domaindnszones containers in the forest and domain partitions hold this info. (bust open adsiedit and have a look if you want to be sure).
Also, we don't usually query for an "AD server" we query for something specific... ldap server, kerberos server, global catalog, pdc emulator etc.
Kamazon, what question led to this question?
The individual AD servers will (typically) populate DNS via dynamic updates. The netlogon service for instance is responsible for popupulating domain controller SRV records. For a list of records netlogon will update, check the netlogon.dns file located in system32\config.
If your DNS is AD integrated the zone file is actually loaded from AD itself. I believe the DC=forestdnszones and DC=domaindnszones containers in the forest and domain partitions hold this info. (bust open adsiedit and have a look if you want to be sure).
Also, we don't usually query for an "AD server" we query for something specific... ldap server, kerberos server, global catalog, pdc emulator etc.
Kamazon, what question led to this question?
This depends on what kind of domain you have. In 2000, AD integrated zones were stored in the domain NC. 2003 introduced the idea of application partitions, and moved the msdcs subdomain into the forest application partition and the domain zones into the domain application partition.
Moving the msdcs zone into the forest app partition solves the DNS islanding problem that existed in 2000. Since these records are replicated to all DNS servers in the forest in 2003, there are no issues with new servers finding them.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 23K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter