Details
-
Suggestion
-
Resolution: Unresolved
-
None
-
None
Description
Dynamic Lookups (recommended method) - Applications should follow the guidance found in Internet Engineering Task Force Request for Comments 2782 (http://www.ietf.org/rfc/rfc2782.txt): A DNS RR for specifying the location of services (DNS SRV). The RFC outlines how a client can query for services (LDAP for domain or GC for forest) using the Domain Name System (DNS). Also, application code can use serverless binding techniques such as LDAP://RootDSE or GC://<forestname>. Serverless binding techniques allow the application code to find any available domain controller with preference given to domain controllers in the same Site (see next section "Site Aware").
NOTE: When using the serverless binding technique, please note that LDAP://nam.nsroot.net is not the
same as LDAP://DC=nam,DC=nsroot,DC=net.
If the application uses LDAP://nam.nsroot.net, a domain controller is located based on the DNS
round robin function of offering all the registered 'A' (Host) records for the domain in a random order. The impact of this method is that DNS will offer 'A' records in a random order, thus the application could receive an IP address of a remote domain controller. In addition, the records returned in response to the 'A' query may not represent domain controllers that are online or available for use by the application as DNS is not aware of the status of the domain controller or the application services it provides.
If the application uses LDAP://DC=nam,DC=nsroot,DC=net, it is using the serverless binding
technique and relying upon the Directory Service DCLocator function. The DCLocator function(http://msdn.microsoft.com/en-us/library/ms675900(VS.85).aspx\) is
AD Site Aware and will select a domain controller closest to the server and will also ensure that the domain controller is responsive.