[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 178
  • Last Modified:

DNS Question _msdcs

HI
I keep getting an error form the best practice analyzer. It is commenting on me missing this _msdcs zone, but as you can see in my pic attached it is under my domain name zone.
I looked around and a saw one example where someone had this zone right under the forward lookup zones main root as _msdcs.mydomain.com and then their mydomain.com was under that and also contained this zone.
Any ideas??
Thanks.
pic.jpg
0
valmatic
Asked:
valmatic
  • 2
  • 2
1 Solution
 
footechCommented:
Either configuration is valid (having it as a subdomain of your domain zone, or having it as a separate zone).  By default, new AD domains created with Server 2003+ configure it as its own domain.  Here's a link with some more relevant info.
http://support.microsoft.com/kb/817470

If you want to change your configuration, all you do is delete the _msdcs subdomain, then create a new forward lookup zone called "_msdcs.yourdomain.com" with a replication scope of "all DNS servers in the forest".  Create a delegation under the yourdomain.com zone called "_msdcs" and add your DNS servers as the name servers.  Now restart the Netlogon service and the DC will autopopulate the _msdcs zone with its records (you'll want to do this for all DCs).
0
 
valmaticAuthor Commented:
thanks, yes i heard this _msdsc folder populates itself just seemed to good to be true haha. Yes since mine is under my domain folder i am guessing it has been taggging along since the server 200 days.
So if i add one under the forward lookup zones i call it _msdcs.mydomain.com? Then restart netlogon and let it populate? Then wehn it is done remove the one under mydomain.com or does it even matter if it is there?
I wonder if this will get rid of my error that i dont have any ldap srv records which i clearly do.
Thanks.
0
 
footechCommented:
I can't recall which takes precedence if you have both the explicit zone and under your domain zone.  Best to delete the one under your domain (and remember to create the delegation).
0
 
valmaticAuthor Commented:
thanks
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now