This article explains how you can prevent NetLogon service from registering A record for Domain Name and Global Catalog.
By default, Windows Server running Domain Controller role registers A Record for Domain Name and Global Catalog in the DNS Servers. There are certain situations where you would want to disable the registration of the records mentioned below:
- DomainName.Com A IP_Address
- gc._msdcs.DomainName.Com A IP_Address
You can use the below mentioned registry entry on the domain controllers to dis-allow registration of these records:
- KEY Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
- Entry Name: RegisterDnsARecords
- Data: DWORD
- Value: 1 (Register A Records), 0 (Do not register A Records)
Note: This regsitry entry does not exist by default.
About Nirmal Sharma
Nirmal is a Microsoft MVP in Directory Services and working as a Technical Architect/Consultant. He has been involved in Microsoft Technologies since 1994 and followed the progression of Microsoft Operating Systems and software. He is specialized in Directory Services, Microsoft Clustering, SQL, MOM, Exchange and Citrix. In his spare time, he likes to help others and write "internal" technical articles, white papers and tips on various Microsoft technologies. You can contact him at nirmal_sharma@mvps.org.
Article not looking right or info is missing? Let us know so that we can fix it: .
