The DsGetDcName API is one of the most important APIs in an Active Directory environment, it is responsible for finding domain controllers in the forest\domain.  The API is implemented in the netlogon service and is used by most AD API\functions when trying to find a domain controller, see this Microsoft blog for more information.

The API supports a number of options to define the features or functionality the returned domain controller should supports. See the Microsoft article on the API for the definition of the options that are available here.

NetTools calls the DsGetDcName API directly and indirectly to find a domain controller and global catalogs in the domain.  The Server and Domain fields on the various options in NetTools, maps to the Server and Domain fields of the DsGetDcName API inputs.  If you receive an LDAP error 0x51 connection failed error when connecting to a server, use this option to confirm that the netlogon and DNS are working correctly and then DC Resolution to confirm that the server is up and functioning.

A number of predefined options are available as checkboxes to be included in the query, but it also includes the option to manually specify the value of the flag attribute that will be sent to the server.


The DsGetDcName option also includes an Advanced View option, which selected it will display the API flag names.  This option is available in v1.31.2 beta and later.

DsGetDcName - Advanced View

Leave a Reply

Your email address will not be published. Required fields are marked *