D om ain Controller Critical

Services
Presented by: JaniSabtriadi

Agenda
Introduction Domain Controller Critical Services
Symptom Domain Controller Services issue

D om ain Controller CriticalServices

DHCP Client
File Replication Services (FRS)
Distributed File System Replication (DFRS)
DNS Client
DNS Server
Kerberos Key Distribution Center (KDC)
Netlogon
Windows Time
AD DS (Active Directory Domain Services)
AD WS (Active Directory Web Services)

D H CP Client Services
In Server 2003 and before the DHCP Client service registers A,
AAAA, and PTR records for the DC with DNS
In Server 2008 and above this is done by the DNS Client
Note thatonly the A and PTR recordsare registered. Other records
are by the Netlogon service

File Replication Services

Replicated content stored in SYSVOL on DC and in Distributed File
System (DFS) Shared Folder.
FRS is in maintenance mode starting with Windows Server 2008 , DFRS
replaces it.
Stopping FRS for extended periods can result in journal wrap errors,
failures in Group Policy Distribution, error as SYSVOL isn't replicated.
Event id 13568 in FRS log.

D istributed File System Replication Services

(D FSR)
In windows server 2008 or windows server 2012, DFSR can be used
to replicate SYSVOL content between DC.
DFSRmig.exe tool used to migrate FRS to DFSR.
Group Policy and other replication issues occur if services is
interrupted

D N S Client Service

For Server 2008 and above registers the A, A A A A, and PTR records
for the D C w ith D N S.

Caching resolved queries and other functions are aff

ected if
services is interrupted

D N S Server Service

Provides name resolution for DNS client computer.

Common problem include.
- Failure to register DNS records.
- Unable to locate DCs or other key services.

Kerberos Key D istribution Center (KD C)

Service
Required for Kerberos 5.0 authentication. AD domains use
Kerberos for authentication.
Services interruptions result in many different authentication
issues (logon,trust, and so on)

The records are also written to a file %systemroot%\system32\config\Netlogon.DNS

The records are also written to a file %systemroot%\system32\config\Netlogon.DNS
The records are also written to a file %systemroot%\system32\config\Netlogon.DNS

N etlogon Service
Maintains the secure channel between DCs and domain
members (including other DCs). This secure channel is used for
authentication (NTLS and Kerberos) and DC replication.
Writes the SRV and other records to DNS. These records are what
domain members use to find DCs
- The records are also written to a file
%systemroot%\system32\config\Netlogon.DNS
Service Interruptions result with authentication, Kerberos PAC
verification, password changes, dynamic DNS record registration.

W indow s Tim e Services

Act as Network Time Protocol (NTP) client and NTP time server.

Critical for time-reliant transaction.

W32time.exe comand line tool for troubleshooting issues. Such as when computer
is unable to sync time with autoritative source.

Active D irectory D om ain Services (AD D S)

Before Windows Server 2008, the service could not be stopped
while the OS was online.
Starting Windows Server 2008, service can be stopped and started
while OS is online.
Provides the DC services. If this service is stopped the DC stops
acting as a DC.

Active D irectory W eb Services (AD W S)

Required for Active Directory Powershell module to work (v2 and
v3)
Required for Active Directory Administrative Center to work ( win
2008 R2 and win 2012).
By Default, running on windows server 2008 R2, 2012, and 2012 R2
DC.

Thank you...