Menu
Windows and User Productivity>Active Directory

JSI Tip 3335. How do I verify the creation of SRV resource records for an Active Directory domain controller?

To verify the creation of the SRV resource records for an Active Directory domain controller, you can use NSlookup, DNS Manager, or the Netlogon service.

NSlookup

1. Open a CMD prompt on the DNS server.

2. Type nslookup.

3. Type set type=all.

4. Type Type _ldap._tcp.dc._msdcs.<DomainName>

NSlookup should return one or more SRV records in the following format:

<hostname>.<DomainName>
<ipaddress>

where <hostname> is the host name of the domain controller, <DomainName> is the domain to which the domain controller belongs, and <ipaddress> is the domain controllers IP address.

DNS Manager

Using the DNS MMC snap-in, verify that the SRV records exist for the _kerberos and _ldap services in the following folders:

_msdcs/dc/_sites/default-first-site-name/_tcp
_msdcs/dc/_tcp

Netlogon Service

If you use a non-Microsoft DNS for Active Directory, you can use Notepad to open %SystemRoot%\System32\Config\Netlogon.dns. The first record should be the domain controller's LDAP SRV record:

_ldap._tcp.<DomainName>


Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Related
Minimize Active Directory Dependency as You Move to the Cloud
Mar 19, 2019
mktg-wp-nolabel8
Sponsored Content
Single Sign-On: Four Common Myths Debunked
Mar 08, 2019
Informal meeting
Sponsored Content
6 Reasons Microsoft Customers Choose Okta for Identity Management
Mar 08, 2019
mktg-webinar-nolabel5
Sponsored Content
The Benefits of Migrating from ADFS to Okta
Dec 14, 2018