Create a secondary zone

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Perform this procedure only on new domain controllers that are also DNS servers that are located in the child domain, not the forest root domain.

Administrative Credentials

To perform this procedure, you must be a member of the Domain Admins group.

To create a secondary zone

1. Open the DNS snap-in.

2. In the console tree, right-click the new domain controller and click New Zone.

3. In the New Zone Wizard, click Next to continue.

4. On the Zone Type page, select Secondary zone and click Next.

5. Ensure that Forward lookup zone is selected. Click Next.

6. For Zone name, type **_msdcs.**forestrootdomain (where forestrootdomain is the fully qualified domain name of the forest root domain), and click Next.

7. In the Master DNS Servers dialog box, enter the IP addresses of at least two DNS servers in the forest root domain. Click Next.

8. Review the settings you defined, and click Finish to close the wizard.