Article ID: 258507
Article Last Modified on 2/21/2007
APPLIES TO
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Professional Edition
This article was previously published under Q258507
SYMPTOMS
If a server name is passed to the Active Directory Services Interface (ADSI) ADsOpenObject, ADsGetObject, or IADsOpenDSObject::OpenDSObject function, invalid SRV queries are sent to the configured Domain Name System (DNS) server. These SRV queries contain the host names and should not be sent to the network. This behavior does not cause any problems, but can generate extra network traffic. There is no problem if the call is a serverless binding or if the domain name is passed to the ADSI functions. For example, the following sample function does not generate an invalid query if domain
.com is a domain name:
ADsOpenObject("LDAP://domain
.com/DC=domain
, DC=com", ...)
The following sample function generates and invalid query if server
is a server name:
ADsOpenObject("LDAP://server
/DC=domain
, DC=com", ...)
The invalid query that is generated is:
_ldap._tcp.my-site._sites.dc._msdcs.server
CAUSE
The invalid query is sent during the process of determining whether the passed-in name is a server name or a domain name.
When ldap_open/ldap_init (called indirectly by ADsOpenObject, ADsGetObject, or OpenDSObject) is called with server names, it has no way of knowing whether the argument is a server name or domain name. In these cases the DsGetDcName function is called to see if the parameter is a domain. When the argument is not a domain name, but rather is a server name, the domain controller locator call generates incorrect SRV record queries based on the server name. To resolve this problem, a flag called LDAP_OPT_AREC_EXCLUSIVE is added that can be passed to ldap_set_option prior to the connect call. This flag indicates to the LDAP client that the parameter is a server name, so no locator call should be pursued. However, this new flag was not exposed in ADSI.
RESOLUTION
To resolve this problem, obtain the latest service pack for Windows 2000. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
260910 How to obtain the latest Windows 2000 service pack
To solve this problem, a new flag, ADS_SERVER_BIND, has been added in iads.h. Use this new flag with an OR with the fourth parameter of the ADsOpenObject and OpenDSObject functions if a server name is passed in. Use ADsOpenObject in place of ADsGetObject if a server name is passed in because there is no mechanism to pass the new flag to ADsGetObject.
This fix provides the base for fixing the problem. However, you can remove the invalid queries only if the programs that call these functions use the new flag.
STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in Windows 2000 Service Pack 1.
MORE INFORMATION
For more information about how to install Windows 2000 and Windows 2000 hotfixes at the same time, click the following article number to view the article in the Microsoft Knowledge Base:
249149 Installing Microsoft Windows 2000 and Windows 2000 hotfixes
Keywords: kbhotfixserver kbbug kbfix kbqfe kbwin2000sp1fix KB258507