What actually happens in the background when a domain client authenticates itself to the domain? That’s the question for today’s post.
Ok, let’s go into the details. We assume that the computer has already joined the domain.
This is a very simplified representation.
- During the client’s system startup, the logon service (netlogon) starts with the API DsGetDcName.
- The API collects information about the client’s configuration, such as IP-Address.
- The client now uses netlogon to query the configured DNS server for Domain Controllers in it’s site.
- The DNS server returns a list of all Domain Controller to the client.
- The client receives the information, tries to contact the Domain Controllers and uses the Domain Controller that responded first. First come, first serve! 😉
You can see the process in a network monitoring tool:
Categories: Windows Server