Windows NT provided a limited repository for user id\u2019s and passwords.\u00a0\u00a0NT domain credentials had the advantage of providing single-sign-on access to other Microsoft resources such as file shares and Exchange.\u00a0\u00a0Exchange itself housed a secondary directory, used for the \u201cglobal address list\u201d type details for Exchange accounts.\u00a0\u00a0Address, phone number, manager, email addresses \u2026 basically anything other than the user\u2019s ID and password were stored within the Exchange directory.\u00a0\u00a0The Exchange directory then linked each account into an NT4 domain user account for logon credentials.<\/p>\n
With Windows 2000, Microsoft integrated the two directories into Active Directory.\u00a0\u00a0This allowed a more robust set of user details to be provided \u2013 and moved the LDAP compliant directory off the Exchange server onto the domain controllers.\u00a0\u00a0Major changes were introduced in Active Directory \u2013 an increased maximum object count (from 40,000 to ten million in a single domain\u00a0with a billions\u00a0of objects in an AD forest), multi-master architecture, and attribute level replication being some of the key changes.<\/p>\n
Data Store<\/strong><\/p>\n Active Directory data is stored in\u00a0ntds.dit.\u00a0\u00a0ESE (extensible storage engine) is used to access the data within the database.\u00a0\u00a0In addition to\u00a0ntds.dit, there are several peripheral database files \u2013\u00a0edb.log\u00a0is the current in-use transaction log file.\u00a0\u00a0EDB#####.log\u00a0may be present if the\u00a0edb.log\u00a0file has been filled.\u00a0\u00a0EDB.CHK is the checkpoint file \u2013 this keeps track of which transactions have been committed to\u00a0ntds.dit\u00a0and a crash of the system will cause the transaction logs to be replayed from the pointer referenced in the\u00a0chk\u00a0file.\u00a0\u00a0Res1.log and res2.log, ten\u00a0meg\u00a0in total, are placeholder files\u00a0just in case<\/em>\u00a0should the server run out of disk space the files are removed to allow continued operation.<\/p>\n Within NTDS.DIT there are two main tables:<\/p>\n There are four other tables about which no additional information will be provided here-in<\/p>\n For linked attributes, the\u00a0backlinked\u00a0attribute is not modified directly but rather determined when it is queried.\u00a0\u00a0As an example \u2013 Active Directory generates a reporting structure.\u00a0\u00a0An object has a manager, but the \u201creports\u201d listing is calculated based on object\u2019s managers.\u00a0\u00a0The\u00a0linkID\u00a0of a forward link attribute is always even and\u00a0it\u2019s\u00a0associated\u00a0backlinked\u00a0attribute is always the forward\u00a0linkID\u00a0plus one (consequently also always odd).\u00a0\u00a0A full list of forward\/back link pairs can be generated by looking at the linkID values.<\/p>\n The data table contains three different naming contexts \u2013 the schema, the configuration, and the domain data.\u00a0\u00a0These correspond to the three partitions shown in REPLMON \u2013 \u201ccn=schema,cn=configuration,dc=windstream,dc=com\u201d, \u201ccn=configuration,dc=windstream,dc=com\u201d, and \u201cdc=windstream,dc=com\u201d.\u00a0\u00a0The term\u00a0partition<\/em>\u00a0in Active Directory is used to indicate a naming context \u2013 in no way related to Novell\u2019s use of the term to indicate a replication\u00a0boundry.<\/p>\n The schema and configuration partitions are replicated to all domain controllers in a forest \u2013 since we only have one tree in the forest rendering the point moot since all the domain controllers in the domain are also all the domain controllers in the forest.\u00a0\u00a0The domain partition is replicated to all domain controllers in the domain.<\/p>\n <\/p>\n Active Directory \u2013 Schema<\/strong><\/p>\n Microsoft\u2019s documentation on unmodified schema classes and attributes can be found at\u00a0http:\/\/msdn.microsoft.com\/library\/default.asp?url=\/library\/en-us\/adschema\/adschema\/active_directory_schema.asp<\/a>\u00a0\u00a0\u00a0The modifications Exchange makes to the AD schema can be found at\u00a0http:\/\/msdn.microsoft.com\/library\/default.asp?url=\/library\/en-us\/wss\/wss\/wss_ldf_AD_Schema_intro.asp<\/a><\/p>\n The schema management MMC is not automatically available on a Windows machine.\u00a0\u00a0To enable the snap-in, run\u00a0regsvr32 c:\\winnt\\system32\\schmmgmt.dll<\/strong>\u00a0\u2013 then \u201cActive Directory Schema\u201d will be an option when adding snap-ins to MMC<\/p>\n Active Directory\u2019s schema is normally in a read-only mode and no user has rights to modify the schema.\u00a0\u00a0Prior to enacting a schema change, then, you must enable schema writes and add your account to the \u201cSchema\u00a0Admins\u201d group.\u00a0\u00a0To enable schema writes, right click on the \u201cActive Directory Schema\u201d item in the MMC and select \u201cOperation Master\u201d.\u00a0\u00a0Then check the box next to \u201cThe Schema may be modified on this domain controller\u201d<\/p>\n When creating new schema classes or attributes, ensure you use the correct OID for our organisation.\u00a0\u00a0Preferably, too, create auxiliary classes and associate the aux class with a structural class.\u00a0\u00a0This prevents any vendor changes to the structural class from impacting your schema attributes.<\/p>\n In AD, schema changes cannot be deleted (well, it can<\/em> but the process is unsupported).\u00a0\u00a0An attribute can be deactivated, but it remains in the schema definition.<\/p>\n Active Directory \u2013 Configuration<\/strong><\/p>\n The AD Configuration partition holds, as the name implies, configuration for the domain and some services within the domain.<\/p>\n An example of the rights grouping is the \u201cPersonal-Information\u201d object,\u00a0rightsGUID\u00a077B5B886-944A-11d1-AEBD-0000F80367C1.\u00a0\u00a0You will find the corresponding octet string, 0x86 0xb8 0xb5 0x77 0x4a 0x94 0xd1 0x11 0xae 0xbd 0x00\u00a00x00\u00a00xf8 0x03 0x67 0xc1, applied to several schema attributes \u2013\u00a0telephoneNumber,\u00a0facsimileTelephoneNumber,\u00a0streetAddress,\u00a0telexNumber, and so on:<\/p>\n Thus using the \u201cDelegation\u00a0Of\u00a0Control\u201d wizard, it is possible to select \u201cRead and write Personal Information\u201d as a permission set rather than specifying each individual attribute you want editable. Note, too, in the ACL editor the listing of \u201cPersonal Information\u201d is retained<\/p>\n ForestUpdates<\/strong><\/p>\n Under\u00a0ForestUpdates\u00a0you will see an \u201cOperations\u201d CN.\u00a0\u00a0Operations holds\u00a0a listing of updates made to the forest (e.g. exchange \/forestprep).\u00a0\u00a0This allows the system to check that the requisite forest updates are in place prior to installation without requiring the changes to be re-run.<\/p>\n LostandFoundConfiguration<\/strong><\/p>\n This is basically the same thing \u201cLostAndFound\u201d in the domain naming context is, but within the configuration partition.\u00a0\u00a0All things being equal, it should be empty.\u00a0\u00a0Should an object be created within the Configuration partition at the same time\u00a0it\u2019s\u00a0parent is deleted, the object is moved to \u201cLostAndFoundConfig\u201d for holding.<\/p>\n Partitions<\/strong><\/p>\n Contains\u00a0crossref\u00a0objects to all partitions within the forest \u2013 again not as interesting here as it could be with just one tree and domain.<\/p>\n Physical Locations<\/strong><\/p>\n This is intended for use with Directory Enabled Networking.\u00a0\u00a0The DEN concept is maintained by DMTF (http:\/\/www.dmtf.org\/standards\/wbem\/den\/<\/a>) and is not at present implemented at Windstream<\/p>\n Services<\/strong><\/p>\n Forest-wide application settings \u2013 objects within this container correspond directly to the \u201cServices\u201d listed within the \u201cActive Directory Sites\u00a0And\u00a0Services\u201d\u00a0snapin.\u00a0\u00a0One of the services listed is Microsoft Exchange.\u00a0\u00a0Should a server fail, running setup \/disasterrecovery\u00a0will recover most of the Exchange settings for the server from within this container.<\/p>\n Sites<\/strong><\/p>\n The \u201cSites\u201d of \u201cActive Directory Sites and Services\u201d.\u00a0\u00a0IP subnets and their associated sites are defined in this container, as well as the replication partnerships between domain controllers.<\/p>\n WellKnown<\/strong>\u00a0Security Principals<\/strong><\/p>\n What I call the \u201cvirtual credentials\u201d \u2013 system security credentials like\u00a0Everyone\u00a0and Self are defined herein.<\/p>\n Active Directory \u2013 Domain Data<\/strong><\/p>\n Objects specific to just one domain within the forest \u2013 the obvious users, computers, printers, file shares, groups, and contacts.\u00a0\u00a0Less obvious items too are stored within the domain data.\u00a0\u00a0If Windows DNS zones are configured as \u201cActive Directory Integrated\u201d, the DNS entries will appear under \u201ccn=MicrosoftDNS,cn=System,dc=\u2026\u201d.\u00a0\u00a0File replication service (FRS) shares (including the domain SYSVOL), some information on Group Polices, Oracle database connections \u2026 any of the structural schema objects \u2026 can also be found within this partition.<\/p>\n An object named Infrastructure is in the root of the domain naming\u00a0context,\u00a0this object holds the NTDS settings for the domain infrastructure operations master.<\/p>\n Flexible Single Master Operations (FSMO) Roles<\/strong><\/p>\n FSMO roles are assigned for functions which cannot practically be performed by any domain controller \u2013 functionality which cannot subscribe to the multi-master principal.<\/p>\n There are two forest-wide FSMO roles, the Domain Naming Master and the Schema Master.<\/p>\n Three additional FSMO roles exist in each domain within a forest.\u00a0\u00a0The Infrastructure Master, RID Master, and PDC Emulator.<\/p>\n Normally you can move the FSMO roles between domain controllers using\u00a0MMC\u2019s.\u00a0\u00a0For the three per-domain roles the change is made in Active Directory Users and Computers.\u00a0\u00a0The Domain Naming Operation Master is changed from Active Directory Domains and Trusts\u201d; the Schema master is changed within Active Directory Schema Manager.<\/p>\n Within Active Directory Users and Computers, right click the domain and select \u201cConnect\u00a0To\u00a0Domain Controller\u201d \u2013 select the domain controller which will receive the new role.\u00a0\u00a0Then right click the domain and select \u201cOperation Masters\u201d.\u00a0\u00a0You just click the \u201cChange\u201d button to move the role.<\/p>\n In the event of a catastrophic server failure complete with no system state backups you\u00a0can<\/em>\u00a0forcibly transfer the FSMO roles from a non-operational source.\u00a0\u00a0We have done this once in production, the ICM domain, but there is additional peripheral cleanup required to remove the failed domain controller from operation.\u00a0\u00a0http:\/\/support.microsoft.com\/kb\/255504\/<\/a>\u00a0contains instructions for seizing FSMO roles.\u00a0\u00a0Microsoft mostly documents the domain cleanup process at\u00a0http:\/\/support.microsoft.com\/kb\/216498\/<\/a>\u00a0\u00a0\u00a0If\u00a0you want to try it for the experience, build two servers, create a fake domain with the two of them, turn one off and seize all the roles onto the remaining machine.\u00a0\u00a0This is effectively what happened in the ICM domain, they had three domain controllers but the first which held all roles was destroyed.\u00a0\u00a0Be careful in production as the post-seizure cleanup is not fully documented.\u00a0\u00a0DNS entries will still exist in BIND.\u00a0\u00a0It is possible for your domain controller machine password to be out of sync with the domain.\u00a0\u00a0I\u2019m sure there are other situations which could arise as well which we didn\u2019t happen across.<\/p>\n Domain Registration \u2013 WINS<\/strong><\/p>\n The WINS entries of your domain should only be used by \u2018legacy\u2019 clients, NT4 workstations and servers.\u00a0\u00a0If you configure your domain controllers TCP\/IP properties to use your WINS servers, the registration for the domain will be created automatically.\u00a0\u00a0Alternately you can create an LMHOST file for import into a foreign WINS server.\u00a0\u00a0The only reason we do this is to establish a trust with an NT4 domain.\u00a0\u00a0There are two records needed \u2013 and for our domain the text is included here-in.<\/p>\n If you are attempting to create the LMHOST file for an alternate domain, you can just change the values\u00a0except<\/strong>\u00a0the \u201cALLTEL\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\\0x1b” entry.\u00a0\u00a0There is a quotation\u00a0mark,\u00a0sixteen characters only (insert holy hand grenade like joke here) followed by the \\0x1b then the closing quotation mark.\u00a0\u00a0If your domain name is BOB you cannot replace ALLTEL with BOB, you need to replace it with BOB and three trailing space characters.<\/p>\n Domain Registration \u2013 DNS<\/strong><\/p>\n There are four \u201cunderscore zones\u201d \u2013 new DNS zones used to store the SRV records relevant to the domain. Active Directory works fine with BIND DNS servers – you need to allow dynamic updates from the domain controller IP addresses. Since I do\u00a0not<\/em> allow dynamic updates on the root zone, I manually add the domain controller A records.<\/p>\n The PDC emulator is also advertised here<\/p>\n \u00a0<\/strong><\/p>\n Client Authentication<\/strong><\/p>\n A client which has already authenticated to the domain will have a registry entry which retains the client\u2019s site.<\/p>\n When a client attempts to authenticate to Active Directory, the service records for the\u00a0kerberos\u00a0service are used to determine an appropriate authentication source.\u00a0\u00a0In the case of the PC above, this would be a query for _kerberos._tcp.LITUserAuth._sites.dc._msdcs.alltel.com.\u00a0service\u00a0records is made.\u00a0\u00a0An LDAP connection is initiated over udp\/389 to every domain controller returned by the DNS query.\u00a0\u00a0Each connection is initiated in 1\/10th<\/sup>\u00a0intervals second.\u00a0\u00a0The receiving servers compare the client\u2019s IP address to the subnet configuration to verify the client is reaching the correct site for\u00a0it\u2019s\u00a0current subnet.\u00a0\u00a0The first LDAP response received is then used as the\u00a0kerberosauthentication server.\u00a0\u00a0If the client\u2019s site is incorrect a referral is returned for the correct\u00a0site \u2013 which then prompt\u00a0the client to re-query DNS for the correct new site.<\/p>\n","protected":false},"excerpt":{"rendered":" Windows NT provided a limited repository for user id\u2019s and passwords.\u00a0\u00a0NT domain credentials had the advantage of providing single-sign-on access to other Microsoft resources such as file shares and Exchange.\u00a0\u00a0Exchange itself housed a secondary directory, used for the \u201cglobal address list\u201d type details for Exchange accounts.\u00a0\u00a0Address, phone number, manager, email addresses \u2026 basically anything other …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[30],"tags":[68,100],"class_list":["post-1522","post","type-post","status-publish","format-standard","hentry","category-system-administration","tag-active-directory","tag-dns"],"_links":{"self":[{"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/posts\/1522","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1522"}],"version-history":[{"count":1,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/posts\/1522\/revisions"}],"predecessor-version":[{"id":1523,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/posts\/1522\/revisions\/1523"}],"wp:attachment":[{"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1522"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1522"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1522"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\n
\n
\n
\n
\n
\n
10.33.8.25\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SCARLITNT631\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0#DOM:ALLTEL\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0#PRE\r\n10.33.8.25\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\"ALLTEL\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\\0x1b\"\u00a0\u00a0#PRE\r\n<\/pre>\n
\n
$ORIGIN\u00a0_tcp.TWNUserAuth._sites.alltel.com.\r\n_gc\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a03268\u00a0\u00a0\u00a0\u00a0neohtwnnt630.alltel.com.\r\n_kerberos\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a088\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0neohtwnnt630.alltel.com.\r\n_ldap\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a0389\u00a0\u00a0\u00a0\u00a0\u00a0neohtwnnt630.alltel.com.\r\n_gc\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a03268\u00a0\u00a0\u00a0\u00a0neohtwnnt631.alltel.com.\r\n_kerberos\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a088\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0neohtwnnt631.alltel.com.\r\n_ldap\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SRV\u00a0\u00a0\u00a0\u00a0\u00a0 0 100\u00a0\u00a0\u00a0389\u00a0\u00a0\u00a0\u00a0\u00a0neohtwnnt631.alltel.com.\r\n<\/pre>\n
\n
$ORIGIN\u00a0_tcp.alltel.com.\r\n_gc\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a03268\u00a0\u00a0\u00a0\u00a0neohtwnnt630.alltel.com.\r\n_kerberos\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a088\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0neohtwnnt630.alltel.com.\r\n_kpasswd\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a0464\u00a0\u00a0\u00a0\u00a0\u00a0neohtwnnt630.alltel.com.\r\n_ldap\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a0389\u00a0\u00a0\u00a0\u00a0\u00a0neohtwnnt630.alltel.com.\r\n<\/pre>\n
\n
$ORIGIN\u00a0_udp.alltel.com.\r\n_kerberos\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a088\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0neohtwnnt630.alltel.com.\r\n_kpasswd\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a0464\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0neohtwnnt630.alltel.com.\r\n<\/pre>\n
\n
$ORIGIN\u00a0_msdcs.alltel.com.\r\n47c1965e-87e8-4445-8552-fd20892c08c2\u00a0\u00a0\u00a0\u00a0CNAME\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0neohtwnnt630.alltel.com.\r\n_ldap._tcp.e0f0a709-9edf-483b-96e6-55c0dd55c1a6.domains\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SRV\u00a00 100 389\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0neohtwnnt630.alltel.com.\r\ngc\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0A\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a010.10.90.217\r\n$ORIGIN\u00a0_tcp.dc._msdcs.alltel.com.\r\n_kerberos\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a088\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0neohtwnnt630.alltel.com.\r\n_ldap\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a0389\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 neohtwnnt630.alltel.com.\r\n$ORIGIN\u00a0_tcp.TWNUserAuth._sites.dc._msdcs.alltel.com.\r\n_kerberos\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a088\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0neohtwnnt630.alltel.com.\r\n_ldap\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a0389\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 neohtwnnt630.alltel.com.\r\n$ORIGIN\u00a0gc._msdcs.alltel.com.\r\n_ldap._tcp\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a03268\u00a0\u00a0\u00a0\u00a0neohtwnnt630.alltel.com.\r\n$ORIGIN\u00a0_sites.gc._msdcs.alltel.com.\r\n_ldap._tcp.TWNUserAuth\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a03268\u00a0\u00a0\u00a0\u00a0neohtwnnt630.alltel.com.\r\n<\/pre>\n
$ORIGIN\u00a0_msdcs.alltel.com.\r\n_ldap._tcp.pdc\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SRV\u00a0\u00a0\u00a0\u00a0\u00a00 100\u00a0\u00a0\u00a0389\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0scarlitnt631.alltel.com.\r\n<\/pre>\n
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Netlogon\\Parameters]\r\n\"DynamicSiteName\"=\"LITUserAuth\"\u00a0\r\n<\/pre>\n