A Quick Tip To Prevent NetLogon Service From Registering SRV and Domain Records

by [Published on 5 Jan. 2011 / Last Updated on 31 Oct. 2009]

This article explains how you can use a registry hack to prevent NetLogon from registering SRV, CNAME and Domain DNS Records in the DNS Server.

By default, NetLogon service performs registration of SRV, CNAME and Domain DNS Records in the DNS Server every 24 hours or depending on the versions of Operating System in use. The DNS Server must support the Dynamic update so that registration is done dynamically. In some situations, you may require to disable this functionality. For example, you are using a DNS Server in your environment which does not support Dynamic Updates. NetLogon service may throw errors in Event Viewer if it is not able to register the missing SRV Records in DNS Server.

To disable this behaviour, use the below registry hack:

  • KEY Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
  • Entry Name: UseDynamicDns
  • Data: REG_DWORD
  • Value: 0 (disabled registration of SRV records dynamically) 1 (enabled registration of SRV records dynamically)

Note: The default value is 1. So NetLogon performs the registration of SRV and other records dynamically. If you disable this then you must register the SRV and other Records found in C:\Windows\System32\Config\NetLogon.DNS file.



Featured Links