Skip navigation
Menu
Windows and User Productivity>Active Directory

JSI Tip 3335. How do I verify the creation of SRV resource records for an Active Directory domain controller?

To verify the creation of the SRV resource records for an Active Directory domain controller, you can use NSlookup, DNS Manager, or the Netlogon service.

NSlookup

1. Open a CMD prompt on the DNS server.

2. Type nslookup.

3. Type set type=all.

4. Type Type _ldap._tcp.dc._msdcs.<DomainName>

NSlookup should return one or more SRV records in the following format:

<hostname>.<DomainName>
<ipaddress>

where <hostname> is the host name of the domain controller, <DomainName> is the domain to which the domain controller belongs, and <ipaddress> is the domain controllers IP address.

DNS Manager

Using the DNS MMC snap-in, verify that the SRV records exist for the _kerberos and _ldap services in the following folders:

_msdcs/dc/_sites/default-first-site-name/_tcp
_msdcs/dc/_tcp

Netlogon Service

If you use a non-Microsoft DNS for Active Directory, you can use Notepad to open %SystemRoot%\System32\Config\Netlogon.dns. The first record should be the domain controller's LDAP SRV record:

_ldap._tcp.<DomainName>


Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Related
A Cybersecurity Strategy to Secure the Real World
COVID-19 Active Directory Vulnerabilities and Attacks that Seek Total Annihilation
Jun 16, 2020
mktg-webinar-nolabel3
Sponsor Content
How to Efficiently Handle Massive Forced Change
May 07, 2020
Active Directory: Best Practices for Administration and Backup
Active Directory: Best Practices for Administration and Backup
Mar 13, 2020
mktg-wp-nolabel2.jpg
Sponsor Content
This is no April Fools' joke: What if your AD is wiped out completely?
Mar 11, 2020