Using DsGetSiteName in C# sample: how to get the name of the site where a computer resides?

The DsGetSiteName function returns the name of the site where a computer resides. The site in which the computer resides (as reported by a domain controller) is stored in the computer registry in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ Netlogon\Parameters.

The client IP address is used by the domain controller to retrieve the corresponding subnet that it matches in the Subnets container.
Then the name of the site is retrived from the subnet-to-site mapping.

If the client’s IP address does not match a subnet range of any of the subnets stored in Active Directory, the dclocator will randomly pick a site to use.

Sample usage to get the name of the site where a computer resides:

[DllImport("netapi32.dll", CharSet = CharSet.Auto)]
private static extern int DsGetSiteName(string ComputerName, out IntPtr SiteName);

[DllImport("Netapi32.dll", CharSet = CharSet.Unicode, SetLastError = true, CallingConvention = CallingConvention.StdCall)]
public static extern int NetApiBufferFree(IntPtr dwBuffer);

private const int ERROR_SUCCESS = 0;

static void Main(string[] args)
{
	IntPtr pSiteInfo;
	String sSiteName;

	if (DsGetSiteName(
			string.Empty,//ComputerName
			out pSiteInfo) == ERROR_SUCCESS)
	{
		sSiteName = Marshal.PtrToStringAuto(pSiteInfo);
		NetApiBufferFree(pSiteInfo);
		Console.WriteLine("Found workstaton's site Name: " + sSiteName);
	}
}

You can also use a command-line interface for the same purpose:

nltest /server:<HostName> /DsGetSite

How Domain Controllers Are Located (DCLocator)

 

This article describes how Windows client locates a domain controller. On the client, the NetLogon service verifies logon requests, and it registers, authenticates, and locates domain controllers by using the DsGetDcName API call (known as the domain controller locator function).

The following sequence describes how the Locator finds a domain controller during the logon process:

      1. Client does a DNS query to get a list of DC of the current domain in the form: _LDAP._TCP.dc._msdcs.domainname. (all domain controllers register this SRV record).
      2. Client receives a list of DC IP addresses from DNS (they are ordered following priority & weight).
      3. The client begins querying the DCs in turn to find out which DC is available. It sends a datagram LDAP UDP search which contains the IP address of the client (IP address ONLY without the subnet).
      4. The DC looks up the client IP address in its subnet-to-site mapping table and returns:
        • the subnet object that most closely matches the client IP address
        • The name of the site in which the current domain controller is located
        • A flag that indicates if the current DC is in the site closest to the client.
      5. The client decides whether to try to find a better domain controller. The decision is made as follows:
        • If the returned DC is in the closest site (the returned bit is set), the client uses that DC.
        • If the client has already tried to find a DC in the site in which the DC claims the client is located, the client uses that DC.
        • If the DC is not in the closest site, the client updates its site information and sends a site specific DNS query (_LDAP._TCP.sitename._sites.domainname) to find a new DC in the site. If the second query is successful, the client uses the new DC. If the second query fails, the client uses the original DC.

Automatic Site Coverage
There is not necessarily a domain controller in every site. If a site contains no DCs, then DCs in the sites closest to that site (calculated by site-link costs) will register site-specific records for that site as well, to help clients find a DC as close as possible.

This process known as automatic site coverage ensures that every site has a domain controller, even if a site does not contain a domain controller for that domain.

By default, each domain controller checks all sites in the forest and then checks the replication cost matrix. A domain controller advertises itself (registers a site-related SRV record in DNS) in any site that does not have a domain controller and for which its site has the lowest-cost connections.

Clients with No Apparent Site
Sometimes the client pings a domain controller and the client IP address cannot be found in the subnet-to-site mapping table. In this case, the domain controller returns a NULL site name, and the client uses the returned domain controller.