Ever since I started deploying W2012 R2 Domain Controllers I am starting to see a bunch of DNS errors such as these:
Event ID 4015, DNS-Server-Service: The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
I haven't found any good info on this error and it doesn't tell us anything whatsoever; here is Microsoft's very descriptive resolution: http://technet.microsoft.com/en-us/library/cc735674(v=ws.10).aspx
There is a lot of speculation out there like "You should always point to another DNS server first not self, don't disable IPV6, and possibly slow links in VPN/MPLS connected sites". I'd like to try and demystify what is going on here, or at least get some verbose logging somewhere to find out what the error is referring to. I haven't seen this issue affect us negatively until yesterday when a whole site couldn't resolve a URL/hostame served by a conditional forwarder. Saw WAY too many 4015 errors so just restarted the service and it went away and the hostname resolved. We have eight sites and many DCs, I have disabled IPV6 (fully via registry) on all DCs and each Domain Controller points to itself then 2 others. I have always learned that this is supported and the Microsoft recommended way to do it. With all the speculation out there I'd like to see some specific documentation backing up why I should re-enable IPV6 and/or point to another DNS server first. Additionally it seems silly to have a single branch office DC/DNS server point its DNS first entry to another site- that's just me though.