-
February 8th, 2007, 10:42 PM
#1
DNS file question (Win 2003 SP1)
Hi everyone -- I have a file in c:\windows\system32\dns\ which baffles me a bit.
The file is domainname.dns (our internal domain), and here's the sample which gets me :
@ 600 A 127.0.0.2
@ 600 A 127.0.0.3
@ 600 A 127.0.0.4
@ MX 10 mailserver_goes_here.
860d6822-eafb-4f2e-b10f-4c03c9e0f35a._msdcs 600 CNAME (domain controller).
a75186f6-5714-4a2d-b639-b4cdd1e57f2a._msdcs 600 CNAME (domain controller 2).
b322dc0e-9032-4c01-a377-c220566e7ee7._msdcs 600 CNAME (domain controller 3).
b767c5a8-158a-4a2f-9889-d8dbceab2952._msdcs 600 CNAME (domain controller 4).
bf7a48c7-607d-4e24-85c8-b42453e5e31b._msdcs 600 CNAME (domain controller 5).
d9912b05-e40c-4def-aaf8-a2b1624f6a75._msdcs 600 CNAME (domain controller 6).
_kerberos._tcp.active-directory-site-name._sites.dc._msdcs 600 SRV 0 100 88 (domain controller 0).
Is that normal? Expected? A problem that needs to be cleared up?
-
February 9th, 2007, 11:08 AM
#2
The SRV record is used by clients to find the domain controller.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
February 9th, 2007, 02:28 PM
#3
Okay -- what about the previous long lines that look like garbage?
-
February 9th, 2007, 07:01 PM
#4
Not sure, haven't used Windows in a while but they look like class or resource ID's to me. Perhaps some service that's running on the domain controller(s) or they could be used for trust relations as they're CNAMEs for existing domain controllers...
Edit: did some digging.. They're probably DSA_GUIDs..
In the CNAME resource record DSA_GUID._msdcs.ForestRootDNSDomainName), DSA_GUID is the GUID of the NTDS Settings object (also called the Directory System Agent (DSA) object) for the domain controller. ForestRootDNSDomainName is the DNS name of the forest where the domain controller is located. Destination domain controllers use the CNAME resource record to identify and locate their replication partners.
Technet article:
http://207.46.196.114/WindowsServer/...9f9971033.mspx
Last edited by SirDice; February 9th, 2007 at 07:06 PM.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
February 9th, 2007, 07:34 PM
#5
Ooh. Thanks.
-
February 10th, 2007, 01:54 PM
#6
This is a DNS zone database that is created when you create primary forward lookup zone. It is used to resolve DNS names to IP addresses. Record A identifies the IP address associated with the host name. Record MX identifies the Mail Exchanger, a mail server installed within your domain. CNAME record or Canonical Name record identifies an alias for the computer. That is it whereas host can have several aliases, its IP can be the same. The service record or SRV identifies domain controllers. That is needed for the domain client computer to identify domain controller. When the client will find that the 'domain controller 0' is the domain controller for the 'active-directory-site-name._sites.dc'. This example is a dummy file. Notice _kerberos on the beginning of the string. This indicates that the Kerberos service will be used to log on client to domain. And the _tcp is identifier for the protocol (that is TCP protocol) used to work with the specified service. Those '600' throughout this file represent the TimeToLive (TTL) value for the record to stay active. Zero written right after SRV record identifies the client priority in case there are multiple records and can actually vary from 0 to 65535. Then goes weight that allows to balance load by checking the record weight. And then we see the 88th port used by Kerberos.
Similar Threads
-
By gore in forum *nix Security Discussions
Replies: 22
Last Post: December 8th, 2005, 06:53 PM
-
By gore in forum Newbie Security Questions
Replies: 11
Last Post: December 29th, 2003, 08:01 AM
-
By R0n1n in forum *nix Security Discussions
Replies: 3
Last Post: November 20th, 2002, 02:20 PM
-
By sweet_angel in forum Other Tutorials Forum
Replies: 0
Last Post: November 7th, 2002, 01:19 AM
-
By problemchild in forum The Security Tutorials Forum
Replies: 4
Last Post: August 23rd, 2002, 02:10 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|