Q: How do I configure a domain
controller (DC) to register sitespecific
records for an additional
domain?
A: By default, a DC registers sitespecific
records for its own site.
If you want a DC to also register
records for an additional location
(e.g., perhaps a location that has
no DC of its own, and you want to control where the clients authenticate
against), you can instruct
the DC to register for additional
sites. To do so, open the Group
Policy Object Editor, go to Computer
Configuration, Administrative
Templates, System, Net
Logon, DC Locator DNS Records,
and use the Sites Covered by the
domain controller locator DNS
SRV Records Net Logon service
Group Policy settings to specify
the space-delimited site names
for which the DC should register
records, as Figure 1 shows. If you
use Group Policy, you need to
ensure that the GPO applies only
to the DCs you want to register;
therefore, you should apply a
security filter to the GPO so
that only specific DCs read
the policy.
You can also add site
names via the registry by
updating the SiteCoverage
value under the HKEY_
LOCAL_MACHINE\SYS
TEM\CurrentControlSet Services\Netlogon\Param
eters registry key. Enter each
site on its own line.
—John Savill
End of Article
Register
