Dynamic Registration of the DC Locator DNS RecordsID: oval:org.secpod.oval:def:19199 | Date: (C)2014-05-29 (M)2023-07-04 |
Class: COMPLIANCE | Family: windows |
The Dynamic Registration of the DC Locator DNS Records machine setting should be configured correctly.
Determines if Dynamic Registration of the domain controller (DC) locator DNS resource records is enabled. These DNS records are dynamically registered by the Net Logon service and are used by the Locator algorithm to locate the DC. If you enable this setting, DCs to which this setting is applied dynamically register DC Locator DNS resource records through dynamic DNS update-enabled network connections. If you disable this setting, DCs will not register DC Locator DNS resource records. If this setting is not configured, it is not applied to any DCs, and DCs use their local configuration.
Fix:
(1) GPO: Computer Configuration\Administrative Templates\System\Net Logon\DC Locator DNS Records\Dynamic Registration of the DC Locator DNS Records
(2) KEY: HKLM\Software\Policies\Microsoft\Netlogon\Parameters\UseDynamicDns
Platform: |
Microsoft Windows Server 2008 R2 |