DC Locator DNS records not registered by the DCsID: oval:org.secpod.oval:def:19056 | Date: (C)2014-05-29 (M)2023-07-04 |
Class: COMPLIANCE | Family: windows |
The DC Locator DNS records not registered by the DCs machine setting should be configured correctly.
Determines which Domain Controller (DC) Locator DNS records are not registered by the Netlogon service. If this setting is disabled, DCs configured to perform dynamic registration of DC Locator DNS records register all DC locator DNS resource records. If this setting is not applied to DCs, DCs use their local configuration.
Fix:
(1) GPO: Computer Configuration\Administrative Templates\System\Net Logon\DC Locator DNS Records\DC Locator DNS records not registered by the DCs
(2) KEY: HKLM\Software\Policies\Microsoft\Netlogon\Parameters\DnsAvoidRegisterRecords
Platform: |
Microsoft Windows Server 2008 R2 |