MSDCS zone missing

windows-server-2008 windows-server-2003 domain-name-system
6,327

Well, notwithstanding the fact that a Google search for The Active Directory integrated DNS zone _msdcs.<domain> was not found would have told you the same thing, much faster...

This is an issue you see in domains created under Windows 2000 and elevated to 2008, that doesn't actually usually create problems. (But it's pretty trivial to correct, so you may as well correct it, right?) See this thread here, Tim Baldwin's answer (mostly quoted below) is correct.

Win2000 implemented _msdcs as a subfolder of the DNS zone. The recommended config for 2003 and 2008 AD-Integrated DNS zones, is that _msdcs be moved to a separate AD-integrated primary zone as _msdcs.ForestFQDN. However, the zones created in 2000 are not changed to this config when DNS is upgraded or migrated 2003 or 2008.

To fix this you need to manually create a new "separate"active directory integrated primary zone _msdcs.ForestFQDN and remove the old subfolder under the existing primary zone. (after successful config and replication). Then run your best practices analyzer in 2008R2 and see the problem is no longer...

Share:
6,327

Related videos on Youtube

hyp
Author by

hyp

Updated on September 18, 2022

Comments

  • hyp
    hyp over 1 year

    I seem to have an issue with our AD/DNS, the structure looks like:

    screen from DNS

    but the BPA gives me an error:

    Issue:
The Active Directory integrated DNS zone _msdcs.<domain> was not found.

Impact:
DNS queries for the Active Directory integrated zone _msdcs.<domain> might fail.

Resolution:
Restore the Active Directory integrated DNS zone _msdcs.<domain>

    Now we've got 4 DC's in total: 2 running Server 2008 R2, 2 running Server 2003. The older ones will be retired sometime this year. Actually everything seems to be working ok (if something isn't then we don't know about it), we've got quite a few .NET applications authenticating against AD, no DNS issues from what I can tell and various bits on the network point to all 4 controllers.

    Furthermore a dcdiag /dnsall comes up with all passes. Is this something I should be worried about?

  • hyp
    hyp over 11 years
    It seems my google powers are fading... thanks for your help.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How do I get Windows Domain Controller and Ubuntu dnsmasq to play nicely?
How to obtain the Windows product id from registry from a remote machine
Windows Server 2003/2008 RDP session limit
How to change TCP "time wait" delay in Windows 7 / 2008 Server?
How can I see all users of domain in this PC?
How can I increase the number of PCs a specific user can join to a domain?
Windows vs Windows Server
Detect Windows Server version 32/64-bit in CLI
What's wrong with my reverse lookup zone?
DcDiag: "Warning: The Active Directory zone on this DC/DNS server was not found (probably a misconfiguration)" meaning?