Reference Guide › Utilities › uxconsole Utility—Manage UNAB Endpoints › How uxconsole Discovers an Active Directory Site

How uxconsole Discovers an Active Directory Site

When you register a UNAB endpoint with Active Directory, by default the uxconsole utility discovers the closest Active Directory site and communicates only with domain controllers (DCs) in this site.

The following process describes how uxconsole discovers the closest Active Directory site:

1. The UNAB endpoint queries the DNS for SRV (service) records in the following format:

   _ldap._tcp.dc._msdcs.domainName

   The DNS returns the records for DCs in the domain.

2. The endpoint accesses Active Directory by binding and authenticating to a DC returned in the previous query.

   Note: The endpoint can bind to any of the returned DCs.

3. The endpoint uses an LDAP query to search Active Directory for the site in which the endpoint resides. The query uses the following filters:
   • Base Dn—no value
   • Scope—Base
   • Attribute—Netlogon
   • DnsDomain—Fully-qualified domain name
   • ntver—6.00

   For example, Filter on (&(DnsDomain=example.company.com)(ntver=6.00))

   The DC returns the name of the site in which the endpoint resides.

   Note: The DC uses the endpoint IP address to determine the site in which the endpoint resides.

4. The endpoint queries the DNS for SRV records in the following format:

   _ldap._tcp.LocalSiteName._sites.dc._msdcs.domainName.

   The DNS returns the records for DCs in the site in which the endpoint resides. The endpoint communicates only with DCs in this site.

More information:

Active Directory Site Support