Logon server assignment
Which login server is responsible
How does a client in a domain find its logon server?
If a client has just become a member of a domain, it asks its primary DNS server during the start process which domain controllers are available. Its location is already known.
The first query is:
The DNS server response includes a list of all domain controllers assigned to its site.
The client taps the domain controllers of his site in order. If a DC reports back, this will be its primary login server.
If the client does not get an answer from its site, then it must assume that these are offline.
The client now asks the domain for a DC.
The second query is:
There is currently one weak spot in the negotiation algorithm of Netlogon AES-CFB8:
Netlogon Remote Protocol: