DNS Server _MSDCS question RRS feed

  • Question

  • I ran the BPA analyzer and it gave me "The Active Directory integrated DNS zone _msdcs.sql.corp was not found." The issue and fix action is stated below, I have confirmed this. But before I do is this the exact way to do it?

    I have had this exact problem for months and I want everyone to know the real answer. Deleting your primary zone and recreating it will not fix this issue and is quite a long frustrating process in a large forest.

    It seems our issue was really caused by the fact that our DNS zone was originally created in Win2000. These devices were eventually upgraded to Win2003, and most recently, migrated to 2008 R2.

    Win2000 implemented _msdcs as a subfolder of the DNS zone. The recommended config for 2003 and 2008 AD-Integrated DNS zones, is that _msdcs be moved to a separate AD-integrated primary zone as _msdcs.ForestFQDN. However, the zones created in 2000 are not changed to this config when DNS is upgraded or migrated 2003 or 2008.

    To fix this you need to manually create a new "separate"active directory integrated primary zone _msdcs.ForestFQDN  and remove the old subfolder under the existing primary zone. (after successful config and replication). Then run your best practices analyzer in 2008R2 and see the problem is no longer...

    Friday, July 10, 2015 8:38 PM