How does Windows find/discover the Domain Controller when you log in

active-directorydomain-controller

How does Windows find/discover the Domain Controller when you log in?

I've added a new DC to my domain as a backup, but I'm not sure how the computers will know to look for it, as I don't quite understand the process of how Windows domain login works from a protocol point of view.

Best Answer

When you promote a domain controller, it's added to the DNS srv records. If you drill down through the _msdcs section in DNS, you'll see a bunch of stuff that looks like this:

This link joeqwerty included in a comment provides a more detailed description. An excerpt:

The first step is to perform the DNS discovery. The client issues a DNS request for _ldap._tcp.dc._msdcs.mockup1.contoso. com The DNS server returns a list of SRV records that match this request. If no records are available, then the domain location fails. The DNS exchange is done as specified in the DNS protocols (RFC 1769 and related RFCs). If target hosts have the same priority, the client select a return SRV record according to weighted pseudorandom order (see RFC2052).

The client then resolves the SRV record to an address, again as specified in the DNS protocols.

Once the address is known, the client sends an LDAP “Ping,” as a way of detecting that the domain controller is in fact handling requests and determining the characteristics of this domain controller. The LDAP “Ping” also known as connectionless LDAP is sent over UDP

Best Answer

Related Solutions

How to Connect to Specific Domain Controller

Windows – What protocols are used when a machine joins to a windows domain

Related Topic