Home | Windows | Network | Interview Questions | Database | Virtualization | Knowledge Base | Contact Us

Quick Links

Windows 2003 KB

Windows 2008 KB

Windows 2012 KB

Exchange Q&A



Network Interview Questions

SQL Interview Questions

Windows Admin Interview Q&A

Windows Forum

Other Links



Active Directory FAQ's

AD History

Configuring New Domain

Deleted Object Recovery in AD


Global Catalog Server

NetDom Command

Replmon Command

NTDS Utility Guide

FSMO Guide

FSMO Failure


Network KB

Knowledge Base Home

Active Directory Trust

Group Policy Guide

IIS 6.0

RAID Levels


RPC Guide

Domain & Forest Functional Levels

SQL Failover Cluster


Print Server




Creating Trust

Planning Trust

How do client computers locate a domain controller

One of the first major tasks a domain member computer has to do when it starts is to locate adomain controller. Generally, this task requires the use of a Domain Name System (DNS) server, which contains records for each domain controller in the domain, and the Locator, a remote procedure call to the computer's local Netlogon service.

Starting Up
When the client computer starts, its Netlogon service starts automatically (in the default configuration). This service implements the DsGetDcName application programming interface (API), which is used to locate a domain controller The client begins by collecting a number of pieces of information that will be used to locate a domain controller. This information includes the client's local IP address, which is used to determine the client?s Active Directory site membership, the desired domain name, and a DNS server address.

Finding the Domain Controllers
Netlogon then queries the configured DNS server. Netlogon retrieves the service resource (SRV) records and host (A) records from DNS that correspond to the domain controllers for the desired domain. The general form for the queried SRV records is _service._protocol.domainname, where service is the domain service, protocol is the TCP/IP protocol, and domainname is the desired Active Directory
fully qualified domain name (FQDN). For example, because Active Directory is a Lightweight Directory Access Protocol (LDAP)-compliant directory service, clients query for _ldap._tcp.domainname (or or _ldap._tcp.dc._msdcs.domainname when locating the nearestdomain controller).

Each domain controller in a domain will register its host name with the SRV record, so the client's query results will be a list of domain controller host names. The client also retrieves the associated A records, providing the client with the IP address of every domain controller in the domain. The client then sends an LDAP search query, via the User Datagram Protocol (UDP), to each domain controller.

Selecting a Domain Controller

After the client locates a domain controller, the client uses LDAP to access Active Directory on a domain controller, preferably one in the client?s own subnet. The domain controller uses the client's IP address to identify the client's Active Directory site. If the domain controller is not in the closest site, then the domain controller returns the name of the client's site, and the client tries to find a domain controller in that site by querying DNS. If the client has already attempted to find a domain controller in that site, then the client will continue using the current, nonoptimal domain controller. Once the client finds a domain controller it likes, it caches that domain controllers information,and the client will continue to use that domain controller for future contacts (unless the domain controller becomes unavailable).

Go Back to WIN 2003 KB Home

HTML Comment Box is loading comments...
Designed by Techibird