by lunarg on July 2nd 2015, at 13:29

Contacting a domain controller in Active Directory is done through DNS lookup. Several DNS SRV records are used to find domain controllers in a site. If multiple domain controllers are present in the same site, the client will arbitrarily select one, based on the contents of those records.

By default, the selection is random, and all DCs have an equal change of being picked. The inherit properties of SRV-records allow for this behaviour to be influenced, by changing the weight and priority of those records. This enables fine-tuning and configuration of which DC to favour or even exclude. By default, all SRV records (thus, all DCs) have their weight and priority set to 0.


The weight defines which of the DCs with the same priority, is more favoured than the other. A higher weight means it's favoured more.

Example: a DC with a weight of 200 will be used twice as much as a DC with a weight of 100.


The priority defines which of the DC will selected before the other, regardless of their weight. Lower value DCs will be selected over higher value DCs.

Example: a DC with a priority of 2 will only be selected if all DCs with a lower priority (0 and 1) are unavailable.

Setting the priority and weight can be done through the registry:

  1. Log on with an admin account to the domain controller that requires a change in weight and/or priority. Start up regedit.
  2. Navigate to the base key:
  3. Under that key, create a DWORD (32-bit) value with the following name:
  4. Restart the NETLOGON service to republish the SRV records with the new weights and priorities in DNS:
    net stop NETLOGON && net start NETLOGON
Do not manually change DNS
Never manually make the changes directly in DNS. It will cause NETLOGON to republish SRV records with the default settings, leaving the manually modified records in place as well. This will cause unexpected and unpredictable behaviour.
« May 2024»
« Most people tend to avoid true conflict. Ironically this breeds more conflict. »