DC Resolution

This option provides the ability to check the consistency of the DNS, DSAPI, LDAP configuration for the domain controllers in the forest.  There is also the option to complete a port scan to confirm if the list of ports are available\open.  

When the Go button is pressed the list of domain controllers returned by DNS, DSAPI, and LDAP is collated, for each domain controller found an entry is created and which check had details for the domain controller, if so, a green light is display where the domain controller details were found. In normal operation the domain controller should be list in all three tests.  The DNS entry could be missing if the domain controller is configured not to register srv records in DNS.

When the Port Scan button is pressed each of the entries is scanned for the listed ports and the results are displayed as a green or red light.  The default ports that are scanned are the standard ports used by AD.  These ports can be changed using the Ports dialog.

The port scan option can be used to scan servers other than domain controllers. By pasting a list of IP addresses of the server that you wish to test, the port scan can be run against this list.