CCE-36391-1Platform: win2012r2 | Date: (C)2015-10-08 (M)2022-10-10 |
Specify sites covered by the GC Locator DNS SRV Records
This policy setting specifies the sites for which the global catalogs (GC) should register site-specific GC locator DNS SRV resource records. These records are registered in addition to the site-specific SRV records registered for the site where the GC resides, and records registered by a GC configured to register GC Locator DNS SRV records for those sites without a GC that are closest to it.
The GC Locator DNS records and the site-specific SRV records are dynamically registered by the Net Logon service, and they are used to locate the GC. An Active Directory site is one or more well-connected TCP/IP subnets that allow administrators to configure Active Directory access and replication. A GC is a domain controller that contains a partial replica of every domain in Active Directory.
To specify the sites covered by the GC Locator DNS SRV records, click Enabled, and enter the sites' names in a space-delimited format.
If you do not configure this policy setting, it is not applied to any GCs, and GCs use their local configuration.
Parameter:
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\System\Net Logon\DC Locator DNS Records!Specify sites covered by the GC Locator DNS SRV Records
(2) WMI: ###
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: