A Quick Tip To Prevent NetLogon Service From Registering SRV and Domain Records

by [Published on 5 Jan. 2011 / Last Updated on 31 Oct. 2009]

This article explains how you can use a registry hack to prevent NetLogon from registering SRV, CNAME and Domain DNS Records in the DNS Server.

By default, NetLogon service performs registration of SRV, CNAME and Domain DNS Records in the DNS Server every 24 hours or depending on the versions of Operating System in use. The DNS Server must support the Dynamic update so that registration is done dynamically. In some situations, you may require to disable this functionality. For example, you are using a DNS Server in your environment which does not support Dynamic Updates. NetLogon service may throw errors in Event Viewer if it is not able to register the missing SRV Records in DNS Server.

To disable this behaviour, use the below registry hack:

  • KEY Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
  • Entry Name: UseDynamicDns
  • Data: REG_DWORD
  • Value: 0 (disabled registration of SRV records dynamically) 1 (enabled registration of SRV records dynamically)

Note: The default value is 1. So NetLogon performs the registration of SRV and other records dynamically. If you disable this then you must register the SRV and other Records found in C:\Windows\System32\Config\NetLogon.DNS file.

 

 

See Also


The Author — Nirmal Sharma

Nirmal Sharma avatar

Nirmal Sharma is a MCSEx3, MCITP, and was awarded Microsoft MVP in Directory Services. In his spare time, he likes to help others and share some of his knowledge by writing tips and articles for various online communities. Nirmal can also be found contributing to PowerShell based Dynamic Packs for ADHealthProf.ITDynamicPacks.Net solutions.

Featured Links