Share via

6.3.2.3 SRV Records

  • Article

The SRV DNS Resource Record for specifying the location of services is specified in [RFC2782]. An SRV record maps the name of a service to the DNS name of a server that offers that service.

The creation of DNS Resource Records is specified in [RFC2136].

The name of an SRV Resource Record is in the following form:

  • Service.Proto.Name TTL Class SRV Priority Weight Port Target

A client queries for these records by sending a DNS SRV query [RFC2782] to a DNS server.

Non-RODC server

If the DC is a non-RODC with default NC X (and NC X's GUID is G) in forest Z, then it registers SRV records with Service.Proto.Name equal to the following.

   _ldap._tcp.X
   _ldap._tcp.dc._msdcs.X
   _ldap._tcp.G. domains._msdcs.Z
   _kerberos._tcp.X
   _kerberos._udp.X
   _kerberos._tcp.dc._msdcs.X
   _kpasswd._tcp.X
   _kpasswd._udp.X

In addition, the DC registers site-specific records for the following sites:

  • The site that the DC is in (see sections 6.1.1.2.2.1 and 6.1.1.2.2.1.2).

  • The sites listed in dc.dnsRegistrationSettings.SitesForDCRecordsList.

  • If dc.dnsRegistrationSettings.PerformAutoSiteCoverage is TRUE, the additional sites that SHOULD be covered by this DC as determined by the implementation's chosen algorithm.

For each site Yi in the above list of sites, the DC registers SRV records with Service.Proto.Name equal to the following.

   _ldap._tcp.Yi._sites.X
   _ldap._tcp.Yi._sites.dc._msdcs.X
   _kerberos._tcp.Yi._sites.X
   _kerberos._tcp.Yi._sites.dc._msdcs.X

RODC Server

If the DC is an RODC with default NC X (and NC X's GUID is G) in site Y and in forest Z, then it registers SRV records with Service.Proto.Name equal to the following.

 _ldap._tcp.Y._sites.X
 _ldap._tcp.Y._sites.dc._msdcs.X
 _kerberos._tcp.Y._sites.X
 _kerberos._tcp.Y._sites.dc._msdcs.X

Non-RODC GC server

If the DC is also a non-RODC GC server, then it registers SRV records with Service.Proto.Name equal to the following.

 _ldap._tcp.gc._msdcs.Z
 _gc._tcp.Z

In addition, the DC registers site specific records for the following sites:

  • The site that the DC is in (see sections 6.1.1.2.2.1 and 6.1.1.2.2.1.2).

  • The sites listed in dc.dnsRegistrationSettings.SitesForGCRecordsList.

  • If dc.dnsRegistrationSettings.PerformAutoSiteCoverage is TRUE, the additional sites that SHOULD be covered by this domain controller as determined by the implementation's chosen algorithm.

For each site Yi in the above list of sites, the DC registers SRV records with Service.Proto.Name equal to the following:

 _ldap._tcp.Yi._sites.gc._msdcs.Z
 _gc._tcp.Yi._sites.Z

RODC GC server

If the DC is also an RODC GC server, then it registers SRV records with Service.Proto.Name equal to the following.

 _ldap._tcp.Y._sites.gc._msdcs.Z
 _gc._tcp.Y._sites.Z

PDC

If the DC is also holds the PDC Emulator FSMO role for its default NC, then it registers SRV records with Service.Proto.Name equal to the following.

 _ldap._tcp.pdc._msdcs.X

Application NC host

If the DC also hosts application NCs, then for each application NC Ai, it registers SRV records with Service.Proto.Name equal to the following.

 _ldap._tcp.Ai

In addition, the DC also registers site-specific records for the following sites:

  • The site that the DC is in (see sections 6.1.1.2.2.1 and 6.1.1.2.2.1.2).

  • The sites listed in dc.dnsRegistrationSettings.SitesForNDNCRecordsList.

  • If dc.dnsRegistrationSettings.PerformAutoSiteCoverage is TRUE, the additional sites that SHOULD be covered by this domain controller as determined by the implementation's chosen algorithm.

For each application NC Ai and each site Yi in the above list of sites, the DC registers SRV records with Service.Proto.Name equal to the following:

 _ldap._tcp.Yi._sites.Ai

Example: If a DC with default NC:

 X = na.fabrikam.com

is in site:

 Y = site1

and forest:

 Z = fabrikam.com

and NC X's GUID is:

 G = 52f6c43b-99ec-4040-a2b0-e9ebf2ec02b8

then its record of type _ldap._tcp.Y._sites.dc._msdcs.X has:

 Service.Proto.Name =
     _ldap._tcp.site1._sites.dc._msdcs.na.fabrikam.com

and its record of type _ldap._tcp.G.domains._msdcs.Z has:

 Service.Proto.Name =
     _ldap._tcp.52f6c43b-99ec-4040-a2b0-e9ebf2ec02b8.domains._msdcs.fabrikam.com

The following table describes the other fields of each SRV record registered by a server.

Field

Value

TTL

Set to dc.dnsRegistrationSettings.DNSRecordTTL.

Class

Set to IN.

SRV

Set to SRV.

Priority

Set to dc.dnsRegistrationSettings.SRVRecordPriority.

Weight

Set to dc.dnsRegistrationSettings.SRVRecordWeight.

Port

Set to 389 for LDAP service. Set to 3268 for GC service. Set to 88 for Kerberos KDC service. Set to 464 for Kerberos Password Change service.

Target

Set to the fully qualified DNS name of the server.