Well, before going much into the details of DCLOCATOR process, I will give brief description of what it is.
“DCLOCATOR is a process(or a procedure) which describes the steps involved in a windows XP client computer trying to identify it’s nearest domain controller”
A windows XP computer tries to identify its nearest domain controller in mainly two scenarios:
1) During it’s start-up
2) When the domain controller to which it is connected goes down
In this part-I, I am going to give details about the first scenario. I hope you already know about the requirement for a windows XP computer to locate its nearest domain controller.
If not, find them below.
o Faster authentication
o Less utilization of Wan Links
o Faster GPO processing
So, we know why XP has to get it’s nearest DC. Now lets look at the details of how it identifies nearest DC. Any computer that is booting into network will be either a new computer that is added to domain or an existing computer. The new computer needs an additional step when compared to existing computer
A new computer booting into the network will make a query to its DNS server by passing IP address (uses the DSGETSITE api). The DNS server returns the SITE name by verifying AD sites and services and subnet assigned it to. The client caches this returned information in registry. An existing computer which is booting into the network will not require this as it already cached the SITE name during its previous boot process.
After knowing the site name, client performs the below steps to identify the DC
1) Client makes below DNS query to find the SRV records of DCs which are available in the site that client belongs to. DCs will register these SRV records in DNS during their startup.
_ldap._tcp.mysite._sites.dc._msdcs.mydomain.com
where mysite is the site name of client
2) DNS returns all the DC SRV records available in enquired site to client irrespective of their DC availability.
3) Client picks up one DC randomly from list and checks for the services(authentication service) it is looking for and caches the DC name if it succeeds.
4) If client finds the picked DC as unavailable, then it picks another DC from list and caches it after checking the availability.
5) The cache will be maintained by netlogon service and it passes the cached DC name for all DC requests that it receives from applications installed on client.
NOTE: If the can not find it’s site name, it queries the DNS for all DCs using the below SRV record and picks one from the list returned by DNS. There is no guarentee that it can get the nearest DC and the pick is random. These type of clients may experience during their boot/login time.
_ldap._tcp.dc._msdcs.mydomain.com
In part-II, I will give details about how a window XP client switches to another DC when the DC it cached goes down.
Happy Learning..,
Sitaram Pamarthi