What is Netlogon?

What is netlogon?

Maintains a secure channel between this computer and the domain controller for authenticating users and services. If this service is stopped, the computer may not authenticate users and services and the domain controller cannot register DNS records. If this service is disabled, any services that explicitly depend on it will fail to start.

Registration of DC records (SRV, CNAME etc.) in DNS:-

Advertise about DC through ‘SRV’ records so that client can locate a DC:-

Re-Registration of SRV Records regularly:-

Helps inย site coverage (Registers SRV Records for a site with no DC)

NetLogon’ is a service.ย NetLogon Service is very important for user logging process in Domain Controllers. Itย verifies NTLM logon requests, and it locates, registers and authenticates domain controllers at the time of logon.

  • Secure Channel between DC and client :- This service is responsible for creating Secure Channel between Domain Controllers and client computers. Secure Channel is created to pass the authentication packets.
  • Registration of DC records in DNS and advertise about DC:-ย Service performs the registration of SRV records, CNAME and other DC recordsย in the DNS Server to advertise the availability of Domain Controllers in the domain.
  • SRV Records registered by NetLogon Service are stored inย C:\Windows\System32\Config\NetLogon.DNSย File.
  • Re-Registration of SRV Records regularly:- Performs registration of SRV Records every 24 hours depending on the version of Operating System in use.
  • Registers SRV Records for a site with no DC:- Registers the SRV Records for a site where there is no Domain Controller. This is called Site Coverege.


If you have any questions feel free to contact me onย admin@windowstechno.comย also follow me on facebookย @windowstechnoย to get updates about new blog posts.

How useful was this post?

Click on a star to rate it!

Leave a Reply