Priority Set in the DC Locator DNS SRV RecordsID: oval:org.secpod.oval:def:19046 | Date: (C)2014-05-29 (M)2023-07-04 |
Class: COMPLIANCE | Family: windows |
The Priority Set in the DC Locator DNS SRV Records machine setting should be configured correctly.
Specifies the Priority field in the SRV resource records registered by domain controllers (DC) to which this setting is applied. These DNS records are dynamically registered by the Net Logon service and are used to locate the DC. The Priority field in the SRV record sets the preference for target hosts (specified in the SRV records Target field). DNS clients that query for SRV resource records attempt to contact the first reachable host with the lowest priority number listed. To specify the Priority in the DC Locator DNS SRV resource records, click Enabled, and then enter a value. The range of values is 0 to 65535. If this setting is not configured, it is not applied to any DCs, and DCs use their local configuration.
Fix:
(1) GPO: Computer Configuration\Administrative Templates\System\Net Logon\DC Locator DNS Records\Priority Set in the DC Locator DNS SRV Records
(2) KEY: HKLM\Software\Policies\Microsoft\Netlogon\Parameters\LdapSrvPriority
Platform: |
Microsoft Windows Server 2008 R2 |