Hi,
I guess your observation is correct and expected.
For example:
In my environment:
When I setup CIFS I added one DC, but when I ran vserver cifs domain discovered-servers show, it showed up many servers (We have about 10 DCs, but it showed up 18). Some servers are repeated b'cos they have multuple functions.
Reason behind this is : Domain Controller Discovery Process triggered by (SecD) ONTAP
What it does : It is an automatic procedure triggered by Security Daemon (SecD) : Dynamic server discovery is used by ONTAP for discovering Domain Controller's (DC's) and their associated services, such as LSA, NETLOGON, Kerberos and LDAP. It discovers all the DC's, including preferred DC's, as well as all the DC's in the local site and all remote DC's also. No wonder you are seeing so many of them been discovered.
Starting 9.3, the discovery behavior was changed:
=========================================
A new option ' discovery-mode' is added under the command directory vserver cifs domain discovered-servers to control server discovery.
site - Only DC's in local site will be discovered.
none - Server discovery will not be done, and it will depend only on preferred DC's configured.
You can use 'vserver active-directory discovered-servers reset-servers' command to discard stored information about LDAP servers and domain controllers. After discarding server information, the SVM reacquires current information about these external servers. This can be useful when the connected servers are not responding appropriately.
If you have access to NetApp KB site, you view this article:
What is Domain Controller Discovery?
https://kb.netapp.com/app/answers/answer_view/a_id/1076594