Question : _msdcs not correct in DNS...just delete?

I should know the answer to this, dang it, but I don't want to just chance it in production.

The problem is that our _msdcs in DNS is showing as an incorrect DC that is no longer around.

I get this error on dcdiag /test:dns

TEST: Delegations (Del)
Warning: DNS server: tempdc01.domain.com. IP:
Failure:Missing glue A record

TEST: Dynamic update (Dyn)
Warning: Dynamic update is enabled on the zone but not secure
domain.com.

Summary of DNS test results:

Auth Basc Forw Del Dyn RReg Ext
________________________________________________________________
Domain: domain.com
tuldc01 PASS PASS PASS FAIL WARN PASS n/a

......................... domain.com failed test DNS

So the delegation test fails because in the forward lookup zone for domain.com, in the _msdcs folder the NS record shows the outdated tempdc01. It also exists as an NS record in the forward lookup zone for _msdcs.domain.com along with the legitimate NS records.

I seem to recall you can just delete the incorrect entry and AD will repopulate it with the correct values, but maybe I'm smoking something. I need to change it to the correct DC.

Any guidance/reassurance is appreciated.

Answer : _msdcs not correct in DNS...just delete?

Just remove the offending entry.

If you remove the zone, then it must replicate the removal before any new zone can be added - it could get ugly.

Random Solutions

Adding a modified sysprep.inf file to a Ghost image via Ghost Explorer not functioning properly

Redirect user shortcuts to new server name?

Data Source and Populate Field

Windows Preinstallation Kit

Korn Shell - Redireict the stderr and stdout to a file using TEE command

Vista Ultimate x64 Startup - Failed to Load control SocketXCtl from Socketx.ocx.

Printing Hangs from Multiple Applications

Schedule Servlets in Websphere 5.1.1

How can I optimize pictures for websites without loosing quality?