Site awareness is a key feature in the Active Directory Client Extension (DSClient). This article describes new Microsoft Windows 98 behavior
in locating domain controllers when the DSClient is installed and the user is logged on to a Microsoft Windows 2000-based domain.Note
You must install the Windows 98 DSClient package to use of the functionality that is described in this article.
For additional information about installing the appropriate Active Directory Client Extension, click the following article number to view the article in the Microsoft Knowledge Base:
How to install the Active Directory Client Extension
Windows 98 DSClient Logon Behavior
The DSClient adds the ability to discover a domain controller in the same site as the client. When a user logs on, the
Directory Services DsGetDcName API function is invoked to discover the optimal domain controller. DsGetDcName uses the available name
service providers to perform this task. The core Windows 98 client logon components are not DNS-aware, so domain controller discovery is
carried out against the NetBIOS domain name.
If DNS is enabled, the client sends a DNS query to each DNS server it is aware of for the list of domain controllers for the NetBIOS
domain name. This will fail unless the DNS and NetBIOS names of the domain are identical.
DNS: 0x1:Std Qry for _ldap._tcp.dc._msdcs.[NetBIOSDomainName]. of type Srv Loc on class INET addr.
DNS: 0x1:Std Qry Resp. Auth. NS is . of type SOA on class INET addr. : Name does not exist
The next, and typically successful name resolution attempt is through NetBIOS. A Netlogon datagram is sent to all domain controllers in the user's
domain that were discovered by a standard query for the NetBIOS '1C' domain name (WINS resolution).
For additional information about NetBIOS names, click the following article number to view the article in the Microsoft Knowledge Base:
NetBIOS suffixes (16th character of the NetBIOS name)
NBT: NS: Query req. for DOMAINNAME <1C>
WINS Server Response (list of DCs):
NBT: NS: Query (Node Status) resp. for DOMAINNAME <1C>, Success
Client request (one to each DC in the list):
Netlogon: SAM LOGON request from client
Netlogon: Opcode = SAM Response to SAM logon request
Windows 2000 domain controllers respond to the datagram with information that includes the domain controller's Domain Name System (DNS) domain
name, the domain controller's site, the client's site, and a flag. Windows NT 4.0 domain controllers respond as they typically do without site information.
If the response from the Windows 2000 domain controller indicates that client is not in the same site as the domain controller, the client will retry the discovery, by
using the domain controller's DNS domain name and client's site name, until any of the tasks following occurs:
- An appropriate domain controller (one in the client's site) responds.
- If no appropriate Windows 2000 domain controller responds, the client will randomly select a Windows 2000 domain controller.
- If no Windows 2000 domain controller responds, a Windows NT 4.0 domain controller is selected.
The Windows 98 DSClient prefers to communicate with Windows 2000 domain controllers over Windows NT 4.0 domain controllers. The Windows 2000
domain controllers understand site concepts and can refer to other Windows 2000 domain controllers based on the client's site. The client will then attempt a normal user logon to the selected domain controller.
This functionality requires that the only protocol running on the Windows 98-based computer is NetBIOS over TCP (NetBT). NetBEUI and NwLnkNb
are not allowed.
Windows 98 DSClient Password Change Behavior
In a pre-Windows 2000
domain password, changes occur only on a primary domain controller. In a Windows
2000 domain, any Windows 2000 domain controller can make the change. The Windows
98 DSClient takes advantage of this architecture by using the same mechanism to
find the domain controller as is used for logon.
Windows 98 DSClient Distributed File System (DFS) Location Behavior
Windows 98 DSClient selects the domain controller based on the process that is described for logon. This domain controller is used to obtain the DFS information.
Preferred Server Registry Entry
You may specify the preferred server to log on. If you specify this entry, DS Client will honor this request for logon. The DFS and Change Password will
still behave as described in this article, regardless of whether the registry is present.
Windows 98 Policy Load Balancing
By default, Windows 98-based computers query the Netlogon share of the primary domain controller (PDC) for the Config.pol file unless you set
the registry manually. Windows 98 DSClient does not change this behavior.
For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
Domain controller on slower link may be used for domain validation