NoteA domain is a logical grouping of network servers and other computers that share common security and user account information. In a domain-based network, Windows NT computers are configured as members of a specified domain.
When domain computers require access, such as network logon or access to a shared resource in the domain, authentication of the user in the domain security database is needed to control access. Domain controllers are computers running Windows NT Server that perform the specialized function of controlling this access. If a domain controller for the domain cannot be located, the user is denied access. For this reason, it is critical that member computers in each domain be able to locate domain controllers.
For environments with domains running Windows NT Server 4.0 and earlier versions, the process of locating domain controllers involves the resolution of the <domain> [1C] name. This name is registered for use by the domain controllers within each domain and can contain up to 25 IP addresses.
The first IP address is always for the primary domain controller (PDC). The additional (up to 24) IP addresses are for backup domain controllers (BDCs). Because this name is treated as a domain group by WINS, each member of the group (a domain controller) must renew its name individually in WINS, or its IP address entry in the list is released and can be eventually overwritten.
Each time a domain controller starts, it registers its <domain>[1Ch] name. This record can then be updated dynamically in the WINS database and replicated to other WINS servers located throughout the network.
In addition to locating domain controllers, some domain functions are reserved for handling only by the domain master browser or PDC Because the PDC or domain master browser is a single server computer, locating it involves resolution of a special record type, the <domain> [1B] name. This record can be registered by the PDC in WINS and is used to map the domain name to a single IP address of the server computer performing in this domain role.
Note
Queries for <domain> [1B] names are made by:
When a user in a Windows NT domain attempts to change their password at a domain member computer, a WINS query is used to locate the configured <domain>[1B] name of the domain master browser (typically, also the primary domain controller) to authenticate the current password and process the request to update the password in domain data.
The <domain>[1B] names are used to assist in obtaining browse list information for remote Windows NT domains on your network. For more information, see Browsing WANs using WINS
Queries for <domain> [1C] names are made by:
When a computer that participates in a domain starts on the network, it queries for its configured <domain> [1C] name to locate a domain controller that can authenticate the logon request.
A broadcast is sent from the primary domain controller (PDC) to the backup domain controllers (BDCs) in the domain instructing them to request replication of the new changes to the domain accounts database.
Since these broadcasts do not cross IP routers, directed traffic must be used to accomplish these tasks. When a broadcast is sent to the domain for these tasks, the message is also sent directly to remote domain controllers. Either WINS or entries in the Lmhosts file can determine the list of computers receiving the direct message.
These clients contact WINS and ask for the list of domain controllers in the domain. WINS replies with a list of up to 25 domain controllers. The client then sends the domain message directly to these domain controllers.
The client broadcasts the message directly to the domain and also looks for any #DOM entries in the Lmhosts file with a matching domain name. If it finds a matching entry, it sends the same message directly to the computer listed.
It is recommended to add remote domain controller #DOM entries to each client. This way, if the local domain controllers are offline, the user is still able to log on. If there are no local domain controllers, a #DOM entry is required if the user wants to log on.
A Non-WINS PDC must have #DOM entries for all BDCs. All of the BDCs must have an entry for the PDC. One recommended practice here is for all domain controllers to use #DOM entries for each other as well. This way, if a BDC is later promoted to a PDC, all of the remaining BDCs still have a #DOM mapping to the new PDC.
When a WINS-enabled client is configured to use a WINS server, it queries the WINS server for its <domain>[1C] name if it needs to locate a domain controller.
When a WINS server receives a <domain> [1C] name query from a WINS client, either a domain controller or a computer logging on to the domain, it replies with up to 25 IP addresses of domain controllers for the queried domain name.
In the reply, IP addresses for any domain controllers that registered with the queried WINS server are returned first, sorted by registration date and time. The response list is ordered so the first entry in list is the IP address that matches the mapped address for the <domain> [1B] name registered with the queried WINS server. After locally owned entries are listed in the response, any IP addresses of domain controllers for the domain that are owned by WINS servers (other than the one queried) are included.
WINS applies the following handling for static <domain>[1C] names when they are found in database changes:
When used in WINS, static <domain>[1C] names can eventually cause other problems in your network. For example, if an IP address for a domain controller changes, or if a domain controller is retired or removed from the network, the static <domain>[1C] record might list stale members. This can cause failures for clients if they then query WINS and use the stale members provided there when attempting to locate domain services.