Validating the state of active directory
To fix this one must manually create a new "separate"active directory integrated primary zone _msdcs.
The middleware then takes care of: - Downloading the Azure AD metadata, finding the signing keys, and finding the issuer name for the tenant. Net OWIN middleware to establish a session for the user.
Thanks in advance, Ronnie Hello, A bit of history as of why this happens Windows 2000 implemented _msdcs as a subfolder of the DNS zone.
The recommended config for 20 or 2008 R2 AD-Integrated DNS zones, is that _msdcs must be moved to a separate AD-integrated primary zone as _msdcs. However, the zones created in 2000 do not changed to this config when DNS is either upgraded or migrated 2003 or 2008/R2.
Hi all, I've three DNS servers in two locations and all are running Microsoft Windows Server 2008 R2.
All three servers have the following error: Issue: The Active Directory integrated DNS zone _msdcs.domainname.local was not found.