2

I just spotted than my PC, running Windows 8.1 Pro on a Windows 2012 R2 domain has been querying DNS for SRV records that doesn't exist.

All of the dcdiag /dnsall tests pass, but I wonder if there's something in Group Policy that is causing clients to query for the wrong SRV record.

When running ipconfig /displaydns to check the TTL on a cached DNS record, I spotted these:

_ldap._tcp.server1.contoso.com
----------------------------------------
Name does not exist.

_ldap._tcp.site-name._sites.server1.contoso.com
----------------------------------------
Name does not exist.

(site name, domain and server name changed).

For some reason, the DNS lookup includes the name of the logon server in the FQDN. If it had looked up _ldap._tcp.server1.contoso.com and _ldap._tcp.site-name._sites.server1.contoso.com, they would have returned the right records.

Am I just being paranoid, or is there something wrong with the way I've got our Active Directory / DNS configured?

Matty Brown
  • 675
  • 2
  • 13
  • 24
  • Interestingly, this question has been asked before IIRC and I saw this same behavior in my own lab and production environments. I don't think an answer was ever produced that explained the behavior but I'm going to go back and see if I can find the question to confirm that. If I find anything useful I'll post back here. – joeqwerty Aug 13 '15 at 13:09
  • 1
    Found it. Here's the related question, but no definitive answer. - http://serverfault.com/questions/669884/windows-hosts-dns-query-for-ldap-tcp-domaincontroller-is-this-normal – joeqwerty Aug 13 '15 at 13:16
  • 1
    Yep. I remember this. None of us ever figured it out. Wonder if it's a (relatively benign) bug. – Ryan Ries Aug 13 '15 at 13:23
  • I came across that question after I'd posted mine... it kinda looks like a bug in the OS, but like @KeithTwombley, I don't buy that this is "normal". – Matty Brown Aug 13 '15 at 15:49

0 Answers0