Re: DNS Lookup for BDC



There are no more BDC in an Active Directory domain though not all dcs are
equal as their are 5 FSMO role holders that may or may not be the same
domain controller. You can use Active Directory Computers and Users to find
that information for domain RID, PDC, and Infrastructure FSMO by right
clicking domain and selecting operation masters and all domain controllers
by default are located in the domain controller container and should be left
there. Other tools that can be used are the support tool netdiag using the
dcdiscovery test and dcdiag with the many tests that is does including
identifying the FSMO role holders. Nltest also may give you what you are
looking for. --- Steve

http://technet2.microsoft.com/WindowsServer/en/Library/f7396ad6-0baa-4e66-8d18-17f83c5e4e6c1033.mspx?mfr=true


"Michael B Allen" <mba2000@xxxxxxxxxx> wrote in message
news:pan.2006.05.13.18.10.54.588500@xxxxxxxxxxxxx
How can I locate a host that is an authority for a specific NT domain
name (or realm name)? This used to be done using a 0x1C WINS query for
the NT domain name but since WINS is deprecated I would like to know
how to lookup the BDC or PDC using DNS.

I know the KDC may be located using the realm in an SRV query for:

_kerberos._udp.dc._msdcs.<realm>

and I know Active Directory may be located using:

_ldap._tcp.dc._msdcs.<realm>

but is it always ok to query these machines for mundane SAM account
information?

Thanks,
Mike



.