Re: _msdcs zone in multi domain forrest

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: "Paul Williams [MVP]" <ptw2001@xxxxxxxxxxx>
Date: Fri, 3 Mar 2006 08:19:41 -0000

If I understand you correctly:

1. No. Each domain has it's own _msdcs sub domain, but not as an actual
zone. This is a child domain of the domain's zone. Only the root domain
has a separate zone for _msdcs, the reason being is that it is made
available to all domains (because that is where the GCs are registered).

2. The way Windows/ AD sets this up out of the box is that
_msdcs.forest-root.com is a separate zone to forest-root.com. The reason
being is that the domain's zone only needs to replicate domain-wide. The
forest-root _msdcs zone however, needs to replicate forest-wide so that any
DC can always locate a GC.

I wouldn't add forest-root.com to the ForestDNSZones partition. I would
only add _msdcs.forest-root.com.

--
Paul Williams
Microsoft MVP - Windows Server - Directory Services
http://www.msresource.net | http://forums.msresource.net

.

Prev by Date: Re: User Permission - [WildPacket]
Next by Date: Re: Multiple Forest woes . . .
Previous by thread: Re: _msdcs zone in multi domain forrest
Next by thread: Re: Blocking certain URL's
Index(es):
- Date
- Thread

Relevant Pages

Re: ad and dns setup
... Point each DC to Dc01, clear cache in both DCs, delete everything inside ... _msdcs, forward zone, reverse lookup zone. ... changes immediately to all servers, this helps to speedup the process. ...
(microsoft.public.windows.server.active_directory)
Re: replication scope question
... Some of the DCs, including the one with DNS, were upgraded from Windows 2000. ... I have a total of three _msdcs subzones. ... AI zone, so that the DCs from all three domains will register their records ... I am planning on moving ahead with the forest replication scope change, ...
(microsoft.public.windows.server.active_directory)
Re: _msdcs setup
... > zone and wondered if someone could set me straight. ... > We have a multi-domain forest with an empty root domain ... In DNS this has created a delegation for ... > Is it normal that the _msdcs zone for the root domain is ...
(microsoft.public.windows.server.dns)
Re: Cant add a computer to AD because of DNS
... Start by using AD Users & Computers, to verify that the DNS name of the AD ... do you have a zone in DNS named salam.com? ... Does this zone have a Delegation in it named _msdcs? ... This zone should also have for sub domains, dc, domains, gc, and pdc, along ...
(microsoft.public.windows.server.dns)
Re: What is _msdcs zone?
... The "TEST" server without the _msdcs zone is a 2003 DC and the only ... It does however have a _msdcs under the DOMAIN.EXTENTION ... Controller in the Active Directory Forest. ...
(microsoft.public.windows.server.dns)