DC locator service (Server 2008R2/2012) - what triggers switching to alternative DC

Question

I'm wondering how frequently DC locator checks availability of domain controller it is connected to. I assume it picks domain controller upon startup, but I'm not sure about the following:
- How often it checks if selected DC is still up and running/available
- What type of checks are being used
- What triggers switching to another DC for specific domain
- Are there major changes in DC locator behavior between different Windows Server versions or domain/forest functional levels?
- Are there scenarios when DC locator fails to recognize that its currently selected DC is failed and DC locator clings for the failed domain for prolonged period of time?

The latest point is of especial interest for me.

Answer 1

There is a wealth of public information on how the DC Locator process works.

Essentially it performs a series of DNS lookups and LDAP pings, and also attempts to stratify the results by selecting the closest domain controller.

It's unusual for Windows DC Locator to continue to use a failed domain controller, unless the domain controller is passing the DC Locator test but there is something else wrong with it (like the database is dismounted). A long time ago Exchange was famous for failed DC lock-in, but that is rare today.

Applications, on the other hand, it may be more common. This is usually due to the application or vendor is not following the same process as the DC Locator. For example, they may perform a straight DNS lookup and attempt some type of LDAP or custom code operation. If the DNS lookup returns a result to a query that contains an address for a domain controller that is unavailable, their application may fail.

In group policy, System\Net Logon, some of the relevant settings:

Specify positive periodic DC Cache refresh for non-background callers

"This policy setting determines when a successful DC cache entry is refreshed. This policy setting is applied to caller programs that do not periodically attempt to locate DCs and it is applied before the returning the DC information to the caller program. This policy setting is relevant to only those callers of DsGetDcName that have not specified the DS_BACKGROUND_ONLY flag.The default value for this setting is 30 minutes (1800)."

Force Rediscovery Interval

"This policy setting determines the interval for when a Force Rediscovery is carried out by DC Locator.The Domain Controller Locator (DC Locator) service is used by clients to find domain controllers for their Active Directory domain. When DC Locator finds a domain controller it caches domain controllers to improve the efficiency of the location algorithm. As long as the cached domain controller meets the requirements and is running DC Locator will continue to return it. If a new domain controller is introduced existing clients will only discover it when a Force Rediscovery is carried out by DC Locator. To adapt to changes in network conditions DC Locator will by default carry out a Force Rediscovery according to a specific time interval and maintain efficient load-balancing of clients across all available domain controllers in all domains or forests. The default time interval for Force Rediscovery by DC Locator is 12 hours. Force Rediscovery can also be triggered if a call to DC Locator uses the DS_FORCE_REDISCOVERY flag. Rediscovery resets the timer on the cached domain controller entries.If you enable this policy setting DC Locator on the machine will carry out Force Rediscovery periodically according to the configured time interval. The minimum time interval is 3600 seconds (1 hour) to avoid excessive network traffic from rediscovery. The maximum allowed time interval is 4294967200 seconds while any value greater than 4294967 seconds (~49 days) will be treated as infinity.If you disable this policy setting Force Rediscovery will be used by default for the machine at every 12 hour interval.If you do not configure this policy setting Force Rediscovery will be used by default for the machine at every 12 hour interval unless the local machine setting in the registry is a different value."

Use urgent mode when pinging domain controllers

"This policy setting configures whether the computers to which this setting is applied are more aggressive when trying to locate a domain controller (DC).When an environment has a large number of DCs running both old and new operating systems the default DC locator discovery behavior may be insufficient to find DCs running a newer operating system. This policy setting can be enabled to configure DC locator to be more aggressive about trying to locate a DC in such an environment by pinging DCs at a higher frequency. Enabling this setting may result in additional network traffic and increased load on DCs. You should disable this setting once all DCs are running the same OS version.The allowable values for this setting result in the following behaviors:1 - Computers will ping DCs at the normal frequency.2 - Computers will ping DCs at the higher frequency.To specify this behavior click Enabled and then enter a value. The range of values is from 1 to 2.If you do not configure this policy setting it is not applied to any computers and computers use their local configuration."

http://blogs.technet.com/b/arnaud_jumelet/archive/2010/07/11/domain-controller-locator-in-depth.aspx

Computers point to DC in wrong site

How Does A PC Know To Use Another Domain Controller When Its Regular Domain Controller Is Offline