AD

Domain Controller Locator

9th April 2019 /

The following sequence describes how the Locator is able to find a domain controller:

  1. On the client (the computer locating the domain controller), the Locator is initiated as an RPC to the local Net Logon service. The Locator application programming interface (API) (DsGetDcName) is implemented by the Net Logon service.
  2. The client collects the information that is needed to select a domain controller and passes the information to the Net Logon service by using the DsGetDcName API.
  3. The Net Logon service on the client uses the collected information to look up a domain controller for the specified domain in one of two ways:
    • For a DNS name, Net Logon queries DNS by using the IP/DNS-compatible Locator — that is, DsGetDcName calls the DnsQuery API to read the Service Resource (SRV) records and A records from DNS, after it appends an appropriate string to the front of the domain name that specifies the SRV record.
    A workstation that is logging on to a Windows 2000 domain queries DNS for SRV records in the general form:
    _service._protocol.DnsDomainName
    Active Directory servers offer the LDAP service over the TCP protocol; therefore, clients find an LDAP server by querying DNS for a record of the form:
    _ldap._tcp.DnsDomainName
    • For a NetBIOS name, Net Logon performs domain controller discovery by using the Microsoft® Windows NT® version 4.0–compatible Locator, that is, by using the transport-specific mechanism (for example, WINS).
    NoteIn Windows NT 4.0 and earlier, “discovery” is a process for locating a domain controller for authentication in either the primary domain or a trusted domain.
  4. The Net Logon service sends a datagram to (that is, pings) the computers that registered the name. For NetBIOS domain names, the datagram is implemented as a mailslot message. For DNS domain names, the datagram is implemented as an LDAP User Datagram Protocol (UDP) search. (UDP is the connectionless datagram transport protocol that is part of the TCP/IP protocol suite. TCP is a connection-oriented transport protocol.)NoteUDP allows an application on one computer to send a datagram to an application on another computer. UDP includes a protocol port number, which allows the sender to distinguish among multiple destinations (applications) on the remote computer.
  5. Each available domain controller responds to the datagram to indicate that it is currently operational and returns the information to DsGetDcName.
  6. The Net Logon service returns the information to the client from the domain controller that responds first.
  7. The Net Logon service caches the domain controller information so that subsequent requests need not repeat the discovery process. Caching this information encourages consistent use of the same domain controller and, thus, a consistent view of Active Directory.

Leave a Reply

Your email address will not be published. Required fields are marked *