Category: At least Windows Server 2003 operating systems or Windows XP Professional

Determines whether a user can install and configure the Network Bridge. Important: This settings is location aware. It only applies when a computer is connected to the same DNS domain network it was connected to when the setting was refreshed on that computer. If a computer is connected to a DNS domain network other than the one it was connected to when the setting was refreshed this setting does not apply. The Network Bridge allows users to create a layer 2 MAC bridge enabling them to connect two or more network segements together. This connection appears in the Network Connections folder. If you disable this setting or do not configure it the user will be able to create and modify the configuration of a Network Bridge. Enabling this setting does not remove an existing Network Bridge from the user’s computer.

This policy setting determines if dynamic registration of the domain controller (DC) locator DNS resource records is enabled. These DNS records are dynamically registered by the Net Logon service and are used by the Locator algorithm to locate the DC. If you enable this policy setting DCs to which this setting is applied dynamically register DC Locator DNS resource records through dynamic DNS update-enabled network connections. If you disable this policy setting DCs will not register DC Locator DNS resource records. If you do not configure this policy setting it is not applied to any DCs and DCs use their local configuration.

This policy setting specifies the sites for which the domain controllers (DC) register the site-specific DC Locator DNS SRV resource records. These records are registered in addition to the site-specific SRV records registered for the site where the DC resides and records registered by a DC configured to register DC Locator DNS SRV records for those sites without a DC that are closest to it. The DC Locator DNS records are dynamically registered by the Net Logon service and they are used to locate the DC. An Active Directory site is one or more well-connected TCP/IP subnets that allow administrators to configure Active Directory access and replication. To specify the sites covered by the DC Locator DNS SRV records click Enabled and then enter the sites names in a space-delimited format. If you do not configure this policy setting it is not applied to any DCs and DCs use their local configuration.

This policy setting specifies the sites for which the domain controllers (DC) that host the application directory partition should register the site-specific application directory partition-specific DC Locator DNS SRV resource records. These records are registered in addition to the site-specific SRV records registered for the site where the DC resides and records registered by a DC configured to register DC Locator DNS SRV records for those sites without a DC that are closest to it. The application directory partition DC Locator DNS records and the site-specific SRV records are dynamically registered by the Net Logon service and they are used to locate the application directory partition-specific DC. An Active Directory site is one or more well-connected TCP/IP subnets that allow administrators to configure Active Directory access and replication. To specify the sites covered by the DC Locator application directory partition-specific DNS SRV records click Enabled and then enter the site names in a space-delimited format. If you do not configure this policy setting it is not applied to any DCs and DCs use their local configuration.

This policy setting specifies the Weight field in the SRV resource records registered by the domain controllers (DC) to which this setting is applied. These DNS records are dynamically registered by the Net Logon service and they are used to locate the DC. The Weight field in the SRV record can be used in addition to the Priority value to provide a load-balancing mechanism where multiple servers are specified in the SRV records Target field and are all set to the same priority. The probability with which the DNS client randomly selects the target host to be contacted is proportional to the Weight field value in the SRV record. To specify the Weight in the DC Locator DNS SRV records click Enabled and then enter a value. The range of values is from 0 to 65535. If you do not configure this policy setting it is not applied to any DCs and DCs use their local configuration.

This policy setting specifies the Priority field in the SRV resource records registered by domain controllers (DC) to which this setting is applied. These DNS records are dynamically registered by the Net Logon service and are used to locate the DC. The Priority field in the SRV record sets the preference for target hosts (specified in the SRV record’s Target field). DNS clients that query for SRV resource records attempt to contact the first reachable host with the lowest priority number listed. To specify the Priority in the DC Locator DNS SRV resource records click Enabled and then enter a value. The range of values is from 0 to 65535. If you do not configure this policy setting it is not applied to any DCs and DCs use their local configuration.

This policy setting specifies the sites for which the global catalogs (GC) should register site-specific GC locator DNS SRV resource records. These records are registered in addition to the site-specific SRV records registered for the site where the GC resides and records registered by a GC configured to register GC Locator DNS SRV records for those sites without a GC that are closest to it. The GC Locator DNS records and the site-specific SRV records are dynamically registered by the Net Logon service and they are used to locate the GC. An Active Directory site is one or more well-connected TCP/IP subnets that allow administrators to configure Active Directory access and replication. A GC is a domain controller that contains a partial replica of every domain in Active Directory. To specify the sites covered by the GC Locator DNS SRV records click Enabled and enter the sites’ names in a space-delimited format. If you do not configure this policy setting it is not applied to any GCs and GCs use their local configuration.

This policy setting specifies the value for the Time-To-Live (TTL) field in SRV resource records that are registered by the Net Logon service. These DNS records are dynamically registered and they are used to locate the domain controller (DC). To specify the TTL for DC Locator DNS records click Enabled and then enter a value in seconds (for example the value “900” is 15 minutes). If you do not configure this policy setting it is not applied to any DCs and DCs use their local configuration.

This policy setting specifies the Refresh Interval of the DC Locator DNS resource records for DCs to which this setting is applied. These DNS records are dynamically registered by the Net Logon service and are used by the DC Locator algorithm to locate the DC. This setting may be applied only to DCs using dynamic update. DCs configured to perform dynamic registration of the DC Locator DNS resource records periodically reregister their records with DNS servers even if their records’ data has not changed. If authoritative DNS servers are configured to perform scavenging of the stale records this reregistration is required to instruct the DNS servers configured to automatically remove (scavenge) stale records that these records are current and should be preserved in the database. Warning: If the DNS resource records are registered in zones with scavenging enabled the value of this setting should never be longer than the Refresh Interval configured for these zones. Setting the Refresh Interval of the DC Locator DNS records to longer than the Refresh Interval of the DNS zones may result in the undesired deletion of DNS resource records. To specify the Refresh Interval of the DC records click Enabled and then enter a value larger than 1800. This value specifies the Refresh Interval of the DC records in seconds (for example the value 3600 is 60 minutes). If you do not configure this policy setting it is not applied to any DCs and DCs use their local configuration.