"ed" <e*@discussions.microsoft.com> wrote in message
news:A46193AA-99FB-4455-9589-5B6A0B6B4DC9@microsoft.com...
> Hi all,
>
> Finally, we demote all windows 2000 domain controllers and we have all
> windows 2003 domain controllers running.  We introduced windows 2003 DCs
> to
> windows 2000 envir.
> Now, according to KB817470( http://support.microsoft.com/kb/817470)  Do I
> have to change _msdcs.ForestName zone to the forest-wide DNS application
> directory partition?  I believe we are in the Case 1 situation as
> mentioned
> in KB but I can not find the secondary zone__msdcs.ForestName zone in the
> child domain.  So, I just right click _msdcs.ForestName zone to change to
> "To all DNS servers in the Active Directory forest ForestName"?  We did no
> do
> the upgrading DCs from windows 2000 to windows 2003.  (so case 2 does not
> fit
> for us).
> Is this the last step I need to do?
>
> ___________________-
> Case 1: Configure the domain-wide _msdcs.ForestName zone to the
> forest-wide
> DNS application directory partition
> In the DNS console, right-click the _msdcs.ForestName zone, and then click
> Properties.
> On the General tab, note the current zone replication type, and then do
> one
> of the following:
> If the type is not the forest-wide replication scope, click Change, and
> then
> go to step 3.
> If the type is the forest-wide replication scope, skip this step, and then
> go to step 4.
> Select the forest-wide replication scope for the zone.
> Delete any secondary _msdcs.ForestName zones that are stored in your child
> domains.

"Marcin" wrote:

> Ed,
> the case 1, the secondary zone remark refers to the situation, in which
> manual changes have been applied in order to make _msdcs subdomain available
> forest-wide (while still in Windows 2000 Server environment). It appears
> that such changes have not been carried out in your environment.
> As long as the _msdcs subdomain actually appears as a separate forward
> lookup zone, you should be able to change its replication scope to all DNS
> servers in the forest as you described. In addition, however, you should
> also perform other steps covered by the case 2 to make sure that _msdcs zone
> gets fully populated. Finally, you might want to confirm that delegation of
> the _msdcs under the zone corresponding to your forest root domain is
> properly configured.
>
> hth
> Marcin
>
> "ed" <e*@discussions.microsoft.com> wrote in message
> news:A46193AA-99FB-4455-9589-5B6A0B6B4DC9@microsoft.com...
> > Hi all,
> >
> > Finally, we demote all windows 2000 domain controllers and we have all
> > windows 2003 domain controllers running.  We introduced windows 2003 DCs
> > to
> > windows 2000 envir.
> > Now, according to KB817470( http://support.microsoft.com/kb/817470)  Do I
> > have to change _msdcs.ForestName zone to the forest-wide DNS application
> > directory partition?  I believe we are in the Case 1 situation as
> > mentioned
> > in KB but I can not find the secondary zone__msdcs.ForestName zone in the
> > child domain.  So, I just right click _msdcs.ForestName zone to change to
> > "To all DNS servers in the Active Directory forest ForestName"?  We did no
> > do
> > the upgrading DCs from windows 2000 to windows 2003.  (so case 2 does not
> > fit
> > for us).
> > Is this the last step I need to do?
> >
> > ___________________-
> > Case 1: Configure the domain-wide _msdcs.ForestName zone to the
> > forest-wide
> > DNS application directory partition
> > In the DNS console, right-click the _msdcs.ForestName zone, and then click
> > Properties.
> > On the General tab, note the current zone replication type, and then do
> > one
> > of the following:
> > If the type is not the forest-wide replication scope, click Change, and
> > then
> > go to step 3.
> > If the type is the forest-wide replication scope, skip this step, and then
> > go to step 4.
> > Select the forest-wide replication scope for the zone.
> > Delete any secondary _msdcs.ForestName zones that are stored in your child
> > domains.
>
>
>

"ed" <e*@discussions.microsoft.com> wrote in message
news:4276909E-6F94-46CD-A505-21048FFEEF68@microsoft.com...
> Thank you!
>
>>Finally, you might want to confirm that delegation of
>> the _msdcs under the zone corresponding to your forest root domain is
>> properly configured.
>
> Can you elaborate on this? delegation?
>
>
>
>
>
> "Marcin" wrote:
>
>> Ed,
>> the case 1, the secondary zone remark refers to the situation, in which
>> manual changes have been applied in order to make _msdcs subdomain
>> available
>> forest-wide (while still in Windows 2000 Server environment). It appears
>> that such changes have not been carried out in your environment.
>> As long as the _msdcs subdomain actually appears as a separate forward
>> lookup zone, you should be able to change its replication scope to all
>> DNS
>> servers in the forest as you described. In addition, however, you should
>> also perform other steps covered by the case 2 to make sure that _msdcs
>> zone
>> gets fully populated. Finally, you might want to confirm that delegation
>> of
>> the _msdcs under the zone corresponding to your forest root domain is
>> properly configured.
>>
>> hth
>> Marcin
>>
>> "ed" <e*@discussions.microsoft.com> wrote in message
>> news:A46193AA-99FB-4455-9589-5B6A0B6B4DC9@microsoft.com...
>> > Hi all,
>> >
>> > Finally, we demote all windows 2000 domain controllers and we have all
>> > windows 2003 domain controllers running.  We introduced windows 2003
>> > DCs
>> > to
>> > windows 2000 envir.
>> > Now, according to KB817470( http://support.microsoft.com/kb/817470)  Do
>> > I
>> > have to change _msdcs.ForestName zone to the forest-wide DNS
>> > application
>> > directory partition?  I believe we are in the Case 1 situation as
>> > mentioned
>> > in KB but I can not find the secondary zone__msdcs.ForestName zone in
>> > the
>> > child domain.  So, I just right click _msdcs.ForestName zone to change
>> > to
>> > "To all DNS servers in the Active Directory forest ForestName"?  We did
>> > no
>> > do
>> > the upgrading DCs from windows 2000 to windows 2003.  (so case 2 does
>> > not
>> > fit
>> > for us).
>> > Is this the last step I need to do?
>> >
>> > ___________________-
>> > Case 1: Configure the domain-wide _msdcs.ForestName zone to the
>> > forest-wide
>> > DNS application directory partition
>> > In the DNS console, right-click the _msdcs.ForestName zone, and then
>> > click
>> > Properties.
>> > On the General tab, note the current zone replication type, and then do
>> > one
>> > of the following:
>> > If the type is not the forest-wide replication scope, click Change, and
>> > then
>> > go to step 3.
>> > If the type is the forest-wide replication scope, skip this step, and
>> > then
>> > go to step 4.
>> > Select the forest-wide replication scope for the zone.
>> > Delete any secondary _msdcs.ForestName zones that are stored in your
>> > child
>> > domains.
>>
>>
>>

"ed" <e*@discussions.microsoft.com> wrote in message
news:A46193AA-99FB-4455-9589-5B6A0B6B4DC9@microsoft.com...
> Hi all,
>
> Finally, we demote all windows 2000 domain controllers and we have all
> windows 2003 domain controllers running.  We introduced windows 2003 DCs
> to
> windows 2000 envir.
> Now, according to KB817470( http://support.microsoft.com/kb/817470)  Do I
> have to change _msdcs.ForestName zone to the forest-wide DNS application
> directory partition?  I believe we are in the Case 1 situation as
> mentioned
> in KB but I can not find the secondary zone__msdcs.ForestName zone in the
> child domain.  So, I just right click _msdcs.ForestName zone to change to
> "To all DNS servers in the Active Directory forest ForestName"?  We did no
> do
> the upgrading DCs from windows 2000 to windows 2003.  (so case 2 does not
> fit
> for us).
> Is this the last step I need to do?
>
> ___________________-
> Case 1: Configure the domain-wide _msdcs.ForestName zone to the
> forest-wide
> DNS application directory partition
> In the DNS console, right-click the _msdcs.ForestName zone, and then click
> Properties.
> On the General tab, note the current zone replication type, and then do
> one
> of the following:
> If the type is not the forest-wide replication scope, click Change, and
> then
> go to step 3.
> If the type is the forest-wide replication scope, skip this step, and then
> go to step 4.
> Select the forest-wide replication scope for the zone.
> Delete any secondary _msdcs.ForestName zones that are stored in your child
> domains.

"Jorge Silva" wrote:

> Hi
> Sounds more likely that your scenario is described in Case 2.
> --
>
> I hope that the information above helps you.
> Have a Nice day.
>
> Jorge Silva
> MVP Directory Services
>
> "ed" <e*@discussions.microsoft.com> wrote in message
> news:A46193AA-99FB-4455-9589-5B6A0B6B4DC9@microsoft.com...
> > Hi all,
> >
> > Finally, we demote all windows 2000 domain controllers and we have all
> > windows 2003 domain controllers running.  We introduced windows 2003 DCs
> > to
> > windows 2000 envir.
> > Now, according to KB817470( http://support.microsoft.com/kb/817470)  Do I
> > have to change _msdcs.ForestName zone to the forest-wide DNS application
> > directory partition?  I believe we are in the Case 1 situation as
> > mentioned
> > in KB but I can not find the secondary zone__msdcs.ForestName zone in the
> > child domain.  So, I just right click _msdcs.ForestName zone to change to
> > "To all DNS servers in the Active Directory forest ForestName"?  We did no
> > do
> > the upgrading DCs from windows 2000 to windows 2003.  (so case 2 does not
> > fit
> > for us).
> > Is this the last step I need to do?
> >
> > ___________________-
> > Case 1: Configure the domain-wide _msdcs.ForestName zone to the
> > forest-wide
> > DNS application directory partition
> > In the DNS console, right-click the _msdcs.ForestName zone, and then click
> > Properties.
> > On the General tab, note the current zone replication type, and then do
> > one
> > of the following:
> > If the type is not the forest-wide replication scope, click Change, and
> > then
> > go to step 3.
> > If the type is the forest-wide replication scope, skip this step, and then
> > go to step 4.
> > Select the forest-wide replication scope for the zone.
> > Delete any secondary _msdcs.ForestName zones that are stored in your child
> > domains.
>

"ed" <e*@discussions.microsoft.com> wrote in message
news:6818B748-8DDC-443D-AB13-DBFC285F2DF2@microsoft.com...
> Thank you.
>
> Do I have to delete _msdcs.ForestName zone first and wait for replication
> and delete the old _msdcs.ForestName zone?
>
> What if I just change the _msdcs.ForestName zone to "To all DNS servers in
> the Active Directory forest ForestName"?  What could happen?
>
> Also, look at step1
>
> 1)Configure the primary DNS server setting in the network connections of
> all
> domain controllers in your forest with the IP address of a single root
> domain
> controller
>
> Do I need to change child domain controller's  DNS server setting in the
> network connections of all domain controllers in your forest with the IP
> address of a single root domain controller????
>
> Thank you.
>
>
> "Jorge Silva" wrote:
>
>> Hi
>> Sounds more likely that your scenario is described in Case 2.
>> --
>>
>> I hope that the information above helps you.
>> Have a Nice day.
>>
>> Jorge Silva
>> MVP Directory Services
>>
>> "ed" <e*@discussions.microsoft.com> wrote in message
>> news:A46193AA-99FB-4455-9589-5B6A0B6B4DC9@microsoft.com...
>> > Hi all,
>> >
>> > Finally, we demote all windows 2000 domain controllers and we have all
>> > windows 2003 domain controllers running.  We introduced windows 2003
>> > DCs
>> > to
>> > windows 2000 envir.
>> > Now, according to KB817470( http://support.microsoft.com/kb/817470)  Do
>> > I
>> > have to change _msdcs.ForestName zone to the forest-wide DNS
>> > application
>> > directory partition?  I believe we are in the Case 1 situation as
>> > mentioned
>> > in KB but I can not find the secondary zone__msdcs.ForestName zone in
>> > the
>> > child domain.  So, I just right click _msdcs.ForestName zone to change
>> > to
>> > "To all DNS servers in the Active Directory forest ForestName"?  We did
>> > no
>> > do
>> > the upgrading DCs from windows 2000 to windows 2003.  (so case 2 does
>> > not
>> > fit
>> > for us).
>> > Is this the last step I need to do?
>> >
>> > ___________________-
>> > Case 1: Configure the domain-wide _msdcs.ForestName zone to the
>> > forest-wide
>> > DNS application directory partition
>> > In the DNS console, right-click the _msdcs.ForestName zone, and then
>> > click
>> > Properties.
>> > On the General tab, note the current zone replication type, and then do
>> > one
>> > of the following:
>> > If the type is not the forest-wide replication scope, click Change, and
>> > then
>> > go to step 3.
>> > If the type is the forest-wide replication scope, skip this step, and
>> > then
>> > go to step 4.
>> > Select the forest-wide replication scope for the zone.
>> > Delete any secondary _msdcs.ForestName zones that are stored in your
>> > child
>> > domains.
>>

"Jorge Silva" wrote:

> - The _msdcs that exists in child domain DNS is NOT equal to the Root
> _msdcs.
> - The recommendation is to have the _msdcs.rootdomain.tld zone. This zone is
> set to replicate forest wide because all DCs in the FOREST need that Zone
> for replication and other things.
>
> If you check the _msdcs zone under the child.domain.tld DNS zone, you'll see
> that you should have only 2 "folders" named dc and pdc. The
> _msdcs.rootdomain.tld has more info inside (dc, domains, gc, pdc, etc...).
>
> --
>
> I hope that the information above helps you.
> Have a Nice day.
>
> Jorge Silva
> MVP Directory Services
>
> "ed" <e*@discussions.microsoft.com> wrote in message
> news:6818B748-8DDC-443D-AB13-DBFC285F2DF2@microsoft.com...
> > Thank you.
> >
> > Do I have to delete _msdcs.ForestName zone first and wait for replication
> > and delete the old _msdcs.ForestName zone?
> >
> > What if I just change the _msdcs.ForestName zone to "To all DNS servers in
> > the Active Directory forest ForestName"?  What could happen?
> >
> > Also, look at step1
> >
> > 1)Configure the primary DNS server setting in the network connections of
> > all
> > domain controllers in your forest with the IP address of a single root
> > domain
> > controller
> >
> > Do I need to change child domain controller's  DNS server setting in the
> > network connections of all domain controllers in your forest with the IP
> > address of a single root domain controller????
> >
> > Thank you.
> >
> >
> > "Jorge Silva" wrote:
> >
> >> Hi
> >> Sounds more likely that your scenario is described in Case 2.
> >> --
> >>
> >> I hope that the information above helps you.
> >> Have a Nice day.
> >>
> >> Jorge Silva
> >> MVP Directory Services
> >>
> >> "ed" <e*@discussions.microsoft.com> wrote in message
> >> news:A46193AA-99FB-4455-9589-5B6A0B6B4DC9@microsoft.com...
> >> > Hi all,
> >> >
> >> > Finally, we demote all windows 2000 domain controllers and we have all
> >> > windows 2003 domain controllers running.  We introduced windows 2003
> >> > DCs
> >> > to
> >> > windows 2000 envir.
> >> > Now, according to KB817470( http://support.microsoft.com/kb/817470)  Do
> >> > I
> >> > have to change _msdcs.ForestName zone to the forest-wide DNS
> >> > application
> >> > directory partition?  I believe we are in the Case 1 situation as
> >> > mentioned
> >> > in KB but I can not find the secondary zone__msdcs.ForestName zone in
> >> > the
> >> > child domain.  So, I just right click _msdcs.ForestName zone to change
> >> > to
> >> > "To all DNS servers in the Active Directory forest ForestName"?  We did
> >> > no
> >> > do
> >> > the upgrading DCs from windows 2000 to windows 2003.  (so case 2 does
> >> > not
> >> > fit
> >> > for us).
> >> > Is this the last step I need to do?
> >> >
> >> > ___________________-
> >> > Case 1: Configure the domain-wide _msdcs.ForestName zone to the
> >> > forest-wide
> >> > DNS application directory partition
> >> > In the DNS console, right-click the _msdcs.ForestName zone, and then
> >> > click
> >> > Properties.
> >> > On the General tab, note the current zone replication type, and then do
> >> > one
> >> > of the following:
> >> > If the type is not the forest-wide replication scope, click Change, and
> >> > then
> >> > go to step 3.
> >> > If the type is the forest-wide replication scope, skip this step, and
> >> > then
> >> > go to step 4.
> >> > Select the forest-wide replication scope for the zone.
> >> > Delete any secondary _msdcs.ForestName zones that are stored in your
> >> > child
> >> > domains.
> >>
>

"ed" <e*@discussions.microsoft.com> wrote in message
news:B2BAB2CC-788D-4680-8A08-A4379501E052@microsoft.com...
> Thank you.
>
> I mean the root _msdcs.rootdoamin.tld zone. (which includes dc, domains,
> gc,
> pdc)
> Can I just change  _msdcs.ForestName.tld zone in the root doamin to "To
> all
> DNS servers in the Active Directory forest ForestName?
>
> As in case 2, which suggests to create and delete _msdcs.rootdoamin.tld.
> Why should I need to delete and create _msdcs.forestname.tld zone?  (this
> is
> my question)
>
> "Jorge Silva" wrote:
>
>> - The _msdcs that exists in child domain DNS is NOT equal to the Root
>> _msdcs.
>> - The recommendation is to have the _msdcs.rootdomain.tld zone. This zone
>> is
>> set to replicate forest wide because all DCs in the FOREST need that Zone
>> for replication and other things.
>>
>> If you check the _msdcs zone under the child.domain.tld DNS zone, you'll
>> see
>> that you should have only 2 "folders" named dc and pdc. The
>> _msdcs.rootdomain.tld has more info inside (dc, domains, gc, pdc,
>> etc...).
>>
>> --
>>
>> I hope that the information above helps you.
>> Have a Nice day.
>>
>> Jorge Silva
>> MVP Directory Services
>>
>> "ed" <e*@discussions.microsoft.com> wrote in message
>> news:6818B748-8DDC-443D-AB13-DBFC285F2DF2@microsoft.com...
>> > Thank you.
>> >
>> > Do I have to delete _msdcs.ForestName zone first and wait for
>> > replication
>> > and delete the old _msdcs.ForestName zone?
>> >
>> > What if I just change the _msdcs.ForestName zone to "To all DNS servers
>> > in
>> > the Active Directory forest ForestName"?  What could happen?
>> >
>> > Also, look at step1
>> >
>> > 1)Configure the primary DNS server setting in the network connections
>> > of
>> > all
>> > domain controllers in your forest with the IP address of a single root
>> > domain
>> > controller
>> >
>> > Do I need to change child domain controller's  DNS server setting in
>> > the
>> > network connections of all domain controllers in your forest with the
>> > IP
>> > address of a single root domain controller????
>> >
>> > Thank you.
>> >
>> >
>> > "Jorge Silva" wrote:
>> >
>> >> Hi
>> >> Sounds more likely that your scenario is described in Case 2.
>> >> --
>> >>
>> >> I hope that the information above helps you.
>> >> Have a Nice day.
>> >>
>> >> Jorge Silva
>> >> MVP Directory Services
>> >>
>> >> "ed" <e*@discussions.microsoft.com> wrote in message
>> >> news:A46193AA-99FB-4455-9589-5B6A0B6B4DC9@microsoft.com...
>> >> > Hi all,
>> >> >
>> >> > Finally, we demote all windows 2000 domain controllers and we have
>> >> > all
>> >> > windows 2003 domain controllers running.  We introduced windows 2003
>> >> > DCs
>> >> > to
>> >> > windows 2000 envir.
>> >> > Now, according to KB817470( http://support.microsoft.com/kb/817470)
>> >> > Do
>> >> > I
>> >> > have to change _msdcs.ForestName zone to the forest-wide DNS
>> >> > application
>> >> > directory partition?  I believe we are in the Case 1 situation as
>> >> > mentioned
>> >> > in KB but I can not find the secondary zone__msdcs.ForestName zone
>> >> > in
>> >> > the
>> >> > child domain.  So, I just right click _msdcs.ForestName zone to
>> >> > change
>> >> > to
>> >> > "To all DNS servers in the Active Directory forest ForestName"?  We
>> >> > did
>> >> > no
>> >> > do
>> >> > the upgrading DCs from windows 2000 to windows 2003.  (so case 2
>> >> > does
>> >> > not
>> >> > fit
>> >> > for us).
>> >> > Is this the last step I need to do?
>> >> >
>> >> > ___________________-
>> >> > Case 1: Configure the domain-wide _msdcs.ForestName zone to the
>> >> > forest-wide
>> >> > DNS application directory partition
>> >> > In the DNS console, right-click the _msdcs.ForestName zone, and then
>> >> > click
>> >> > Properties.
>> >> > On the General tab, note the current zone replication type, and then
>> >> > do
>> >> > one
>> >> > of the following:
>> >> > If the type is not the forest-wide replication scope, click Change,
>> >> > and
>> >> > then
>> >> > go to step 3.
>> >> > If the type is the forest-wide replication scope, skip this step,
>> >> > and
>> >> > then
>> >> > go to step 4.
>> >> > Select the forest-wide replication scope for the zone.
>> >> > Delete any secondary _msdcs.ForestName zones that are stored in your
>> >> > child
>> >> > domains.
>> >>
>>