domain.local vs. _msdcs.domain.local

Discussion in 'Active Directory' started by Spin, Nov 7, 2005.

  1. Spin

    Spin Guest


    I am slow to get my head around the true meaning of the forest root domain
    and how it is represented in the DNS management console. As I understand it,
    in MS Windows 2000+ DNS, you basically have two main zones.


    Here is my point-by-point understanding of these zones, and correct me if
    I'm wrong.

    1) domain.local is the obvious one. That contains all the host , SRV
    records and sites locations for the AD domain. This is the first domain
    created in the forest so it would also be called the forest root domain.
    2) _msdcs.domain.local zone contains the records of all the Global Catalogs
    and all domains in the entire forest. This is essentially the forest root
    domain also. So now we have two root domains, do we not? :)
    3) Finally, there is the delegation for _msdcs.domain.local in the
    domain.local zone. This delegation zone contains NS records that point to
    the _msdcs.domain.local - which again is basically the forest root domain.

    BUT. The forest name is said to be the same as the first domain name, in
    this case domain.local. So what, my scholarly friends, is the true
    representation of the forest root domain? Is it domain.local or is it
    Spin, Nov 7, 2005
    1. Advertisements

  2. Spin

    Al Mulnick Guest

    Have you seen this already?

    It's not two domains in the same sense. _msdcs is a sub-domain and it
    continues with which is the forest name. The forest and domain
    name *could* be the same or it could not if you have multiple domains
    deployed in the same forest but the _msdcs remains the same across all
    domains (it's forest-wide).

    Read the doc and post back if still a question. Or drop a note offline if
    you prefer.

    Al Mulnick, Nov 8, 2005
    1. Advertisements

  3. Spin

    Spin Guest

    Sweet! You should be an MVP Al!
    Spin, Nov 8, 2005
  4. Spin

    Spin Guest

    My interpretation of that article is that _msdcs.domain.local contains the
    records of all the Global Catalogs and the GUIDs of all domains in the
    forest. It is a way for child domains of a multi-domain forest to find all
    the other domains. So it is not the forest root but in fact a container of
    pointers to all domains.
    Spin, Nov 8, 2005
  5. In
    But don't forget it's how other domains know who the forest root is too,
    which is essential.

    Ace Fekay [MVP], Nov 8, 2005
  6. In
    Also, to add another doc to Al's post, look at this too:

    Q. What's the DNS _msdcs zone for the forest root domain used for:

    Ace Fekay [MVP], Nov 8, 2005
  7. He is ;-)
    Paul Williams [MVP], Nov 8, 2005
  8. That's the same doc <g>

    Oh well. It must be a good one ;-)
    Paul Williams [MVP], Nov 8, 2005
  9. In
    LOL! I found that along with another one, and I meant to post the other one,
    but now I can't find it! I think I meant to post this one explaining the
    SRVs for Spin but could have sworn there was another one I had found:

    Ace Fekay [MVP], Nov 8, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.