A Quick Tip To Prevent NetLogon Service From Registering SRV and Domain Records

by [Published on 5 Jan. 2011 / Last Updated on 31 Oct. 2009]

This article explains how you can use a registry hack to prevent NetLogon from registering SRV, CNAME and Domain DNS Records in the DNS Server.

By default, NetLogon service performs registration of SRV, CNAME and Domain DNS Records in the DNS Server every 24 hours or depending on the versions of Operating System in use. The DNS Server must support the Dynamic update so that registration is done dynamically. In some situations, you may require to disable this functionality. For example, you are using a DNS Server in your environment which does not support Dynamic Updates. NetLogon service may throw errors in Event Viewer if it is not able to register the missing SRV Records in DNS Server.

To disable this behaviour, use the below registry hack:

  • KEY Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
  • Entry Name: UseDynamicDns
  • Data: REG_DWORD
  • Value: 0 (disabled registration of SRV records dynamically) 1 (enabled registration of SRV records dynamically)

Note: The default value is 1. So NetLogon performs the registration of SRV and other records dynamically. If you disable this then you must register the SRV and other Records found in C:\Windows\System32\Config\NetLogon.DNS file.



See Also

The Author — Nirmal Sharma

Nirmal Sharma avatar

Nirmal Sharma is a MCSEx3, MCITP and was awarded the Microsoft MVP award in Directory Services and Windows Networking. He specializes in Microsoft Azure, Office 365, Directory Services, Failover Clusters, Hyper-V, PowerShell Scripting and System Center products. Nirmal has been involved with Microsoft Technologies since 1994. In his spare time, he likes to help others and share some of his knowledge by writing tips and articles on various sites and contributing to PowerShell-based Dynamic Packs for www.ITDynamicPacks.Net solutions.

Featured Links