The following contains a list of Active Directory specific records that are registered by the NetLogon service. Each record is followed by an example of its usage.
SRV Records
_ldap._tcp.DomainName—SRV record that identifies an LDAP server in the
domain named by DomainName. The LDAP server isn't necessarily a Domain
Controller (DC). This record is registered by all DCs. For example:
_ldap._tcp.bluecatnetworks.com
_ldap._tcp.SiteName._sites.DomainName—Enables a client to
find an LDAP server in the domain named by DomainName. This record is
registered by all DCs. For
example:
_ldap._tcp.richmondhill.bluecatnetworks.com
_ldap._tcp.dc._msdcs.DomainName—Used by clients to locate
a Domain Controller (DC) in the domain named by DomainName. This record is
registered by all DCs. For
example:
_ldap._tcp.dc._msdcs.bluecatnetworks.com
_ldap._tcp.SiteName._sites.dc._msdcs.DomainName—Enables
a client to locate a DC for the given site and domain named by SiteName and
DomainName respectively. For
example:
_ldap.tcp.richmondhill._sites.dc._msdcs.bluecatnetworks.com
_ldap._tcp.pdc._msdcs.DomainName—Enables a client
to locate the Primary Domain Controller (PDC) for a domain named by
DomainName. This record is registered only by the PDC of the domain. For
example:
_ldap._tcp.pdc._mscdcs.bluecatnetworks.com
_ldap._tcp.gc._msdcs.DomainName—Enables a client
to find the Global Catalog (GC) for the forest. Only the DC for the GC registers
this record. For
example:
_ldap._tcp.gc._msdcs.bluecatnetworks.com
_ldap._tcp.SiteName._sites.gc._msdcs.ForestName—Enables
a client to find a GC for the forest named by ForestName. Only an LDAP server
responsible for the GC registers this record. For
example:
_ldap._tcp.richmondhill._sites.gc._msdcs.bluecatnetworks.com
_gc._tcp.ForestName—Enables a client to locate a GC for the forest
named by ForestName. Only an LDAP server responsible for the GC registers
this record. The LDAP server isn't necessarily a DC. For example:
_gc._tcp.bluecatnetworks.com
_gc._tcp.SiteName._sites.ForestName—Enables a
client to find a GC for the site and forest named by SiteName and
ForestName respectively. Only an LDAP server responsible for the GC
registers this record. For example:
_gc._tcp.richmondhill._sites.bluecatnetworks.com
_ldap._tcp.DomainGuid.domains._msdcs.ForestName—Used
by clients to find a DC given the domain GUID of DomainGuid in the forest
named by ForestName. This lookup can used to resolve the DC if the domain
name has changed. This record is used infrequently and doesn't work if the
ForestName has been changed. For example:
_ldap._tcp.01693484-b5c4-4b31-8608-80e 77ccc78b8.domains._msdcs.
bluecatnetworks.com
_kerberos._tcp.DomainName—Enables a client to find a Kerberos
Key Distribution Center (KDC) for the domain named by DomainName. This record
is registered by all DCs providing the Kerberos service. This service is RFC-1510
compliant with Kerberos 5 KDC. The server isn't necessarily a DC. For example:
_kerberos._tcp.bluecatnetworks.com
_kerberos._udp.DomainName—Enables
a client to find a Kerberos Key Distribution Center (KDC) for the domain named by
DomainName. This record is registered by all DCs providing the Kerberos
service. This service is RFC 1510 compliant with Kerberos 5 KDC. The server isn't
necessarily a DC. This service supports UDP. For
example:_kerberos._tcp.bluecatnetworks.com
_kerberos._tcp.SiteName._sites.DomainName—Enables
a client to locate a server running the Kerberos KDC for a site and domain named by
SiteName and DomainName respectively. The server isn't
necessarily a DC. For
example:
_kerberos._tcp.richmondhill._sites.bluecatnetworks.com
_kerberos._tcp.SiteName._sites.dc._msdcs.DomainName—Used
by clients to locate the DC running a Kerberos KDC for the site and domain named by
SiteName and DomainName respectively. For
example:
_kerberos._tcp.richmondhill._sites.dc._msdcs.bluecatnetworks.com
_kpasswd._tcp.DomainName—Enables a client to find a Kerberos Password
Change Server for the domain named by DomainName. The server isn't
necessarily a DC. All DCs running the Kerberos KDC register this record. For
example:
_kpasswd._tcp.bluecatnetworks.com
_kpasswd._udp.DomainName—Enables a client to find a Kerberos Password
Change Server for the domain named by DomainName. The server isn't
necessarily a DC. All DCs running the Kerberos KDC register this record. For
example:
_kpasswd._udp.bluecatnetworks.com
A records
ServerName.DomainName—The server name named by ServerName is
registered in the domain named by DomainName. This record is used by referral
lookups to SRV and CNAME records. For example:
dc1.bluecatnetworks.com
gc._msdcs.ForestName—Enables a client to find a GC for a given forest
named by ForestName. This record is used by referral from SRV records. For
example:
gc._msdcs.bluecatnetworks.com
CNAME records
DSAGuid._msdcs.ForestName—Enables a client to locate any DC in the
forest named by ForestName by the GUID of the MSFT-DSA (Directory Services)
object. For example:
01693484-b5c4-4b31-8608-80e77ccc78b8._msdcs.bluecatnetworks.com