I am learning about the LDAP and Active Directory servers. We all know that for logging into a domain, active directory (AD) service for that domain is used. But how does the windows running in your workstation find out which AD to be contacted?
After we click on the login button, a name service look-up is performed with the following details:
Request type: SRV
This NS look-up command will return a bunch of servers, and one of them will be used to authenticate the user. Each of the blocks in the response will have the port in which the server is listening as well. Replace domainname above with the actual domain name in which you would like to find out the active servers.
Okay, thats the theory part. Now hands on. Try these commands in your workstation and convince yourself with the results.
nslookup This will start the nslookup process. The two commands entered below are in the nslookup prompt ">".
_ldap._tcp.domainname Replace domainname with the actual domain that you would like to perform look-up.
There is an excellent tutorial available on Active Directory architecture, which might be of good help in terms of understanding what AD is.