DNS requirements for joining an Active Directory domain

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

DNS requirements for joining an Active Directory domain

Active Directory uses Domain Name System (DNS) to locate domain controllers, enabling computers joining the network to obtain a domain controller's IP address, and then begin the process of network authentication.

Computers joining an Active Directory domain must satisfy the following three DNS requirements:

  • The computer must be configured with the IP address of a preferred DNS server.

  • The **_ldap._tcp.dc._msdcs.**DNSDomainNameservice (SRV) resource record must exist in DNS.

  • The address (A) resource record for the DNS name of the domain controllers specified in the data field of the **_ldap._tcp.dc._msdcs.**DNSDomainName SRV resource record must exist in DNS.

Configuring a computer’s preferred DNS server

You must configure the computer with the static IP address of a preferred DNS server manually or assign the IP address of a preferred DNS server using Dynamic Host Configuration Protocol (DHCP).

For more information, see To configure a computer's preferred DNS server.

Configuring the required DNS resource records

Computers joining an Active Directory domain need the following resource records in DNS to locate a domain controller:

  • **_ldap._tcp.dc._msdcs.**DNSDomainName SRV resource record, which identifies the name of the domain controller that hosts the Active Directory domain.

    DNSDomainName is the DNS name of the Active Directory domain the computer is attempting to join.

  • A corresponding address (A) resource record that identifies the IP address for the domain controller listed in the **_ldap._tcp.dc._msdcs.**DNSDomainName SRV resource record.

For more information, see To verify the DNS resource records needed to join an Active Directory domain using nslookup; Configure TCP/IP to use DNS.