Without the proper DNS information, a client can't discover which server to contact for authentication. Each DC registers and maintains its own AD DNS integration records consisting of several A (Host), CNAME (Alias), and SRV (Service) records. These records are initially registered by the DC's NetLogon service.
|_tcp||Service uses TCP connections|
|udp||Service uses UDP connections|
|_kerberos||Record contains information about a Kerberos Key Distribution Center (KDC)|
|_msdcs||Service is running on a Domain Controller|
|_kpasswd||Kerberos Password Change service|
|_gc||Global Catalog service|
|_sites||Record contains information a specific site|
|dc||Domain Controller (DC)|
|gc||Global Catalog (GC)|
_ldap._tcp.bluecatnetworks.com SRV 0 0 389 server1.bluecatnetworks.com
_ldap._tcp.dc._msdcs.bluecatnetworks.com SRV 0 0 389 server1.bluecatnetworks.com
For a detailed list of these records, refer to Active Directory DNS records.