Private Network Interfaces on a Domain Controller Are Registered in DNS

This article has been archived. It is offered "as is" and will no longer be updated.
IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:
256986 Description of the Microsoft Windows Registry
If a domain controller contains a private network interface (for example, a cluster node or a backup network) this interface may appear in Domain Name System (DNS) as:
Same as parent folder Host "privateIP"
Same as parent folder is the name of the Active Directory-based domain that the domain controllers hosts.

This behavior does not typically cause a problem. There should be other registrations for the same name. Client computers that query for this name receive a list of possible IP addresses from which they pick the optimal address (on the same subnet). If one address does not work, the client tries others.

If the unreachable IP address does cause a problem (for example, connection delays), you may apply the solution that is listed later in this article. This solution disables the automated registration for all IP addresses. You must then create the required registrations manually in DNS.
These registrations are created by the Netlogon service.
WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

The option to disable the registration was introduced with Windows 2000 Service Pack 2 (SP2). The entire list of possible options is described in the following Microsoft Knowledge Base article:
267855 Problems with Many Domain Controllers with Active Directory Integrated DNS Zones
To disable only the registration of the local IP addresses, set the following registry value:
Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

Registry value: DnsAvoidRegisterRecords
Data type: REG_MULTI_SZ
Value: LdapIpAddress
After you set this value, you must manually register your publicly available IP addresses for your domain to appear as:
Same as parent folder Host "publicIP"
More information
For additional information about private heartbeat configuration, click the article number below to view the article in the Microsoft Knowledge Base:
258750 Recommended Private "Heartbeat" Configuration on a Cluster Server

Article ID: 295328 - Last Review: 12/06/2015 01:56:30 - Revision: 3.0

Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server

  • kbnosurvey kbarchive kbenv kbprb KB295328