Windows Server 2022 ADDS bug or feature

Question

Hi,
I've noticed one strange thing while setting up my new Windows Server 2022 ADDS nfrastructure. Installed forest root domain with two DCs. Nice, no problems. Then tried to create child domain. Clearly saw that the domain delegation will be created (promotion wizard). Great. Problem is - when promotion wizard finished and DC restarts - delegated domain in the parent DC's DNS is not created, created is only folder for that domain with one SRV record in it. Tested the same scenario with 2008R2, 2012R2, 2019 servers and domain delegations were created without single problem, but I see different behavior wint windows server 2022. So my question - is it a bug or some kind of unknown feature? Thanks.

Answer 1

Hello there,

I do not think it to be a feature or a bug but an improper configuration.

When creating a child domain a DNS delegation is created for you automatically in the root domain. Make sure you are a member of the root domains enterprise admin group and that the root domain is contactable.

AD domain domain.com looks to the servers responsible for com and looks for a delegation to itself, if one does not exist it tries to create one and will fail.

AD Domain subdomain.domain.com looks to the servers responsible for com and looks for a delegation to itself, if one does not exist it tries to create one and will fail.

Here are some threads which discuss the same https://social.technet.microsoft.com/Forums/en-US/c8c69bd7-625c-451d-be5c-00daec5aed65/issue-with-domain-controller-promotion-dns-delegation?forum=winservergen

https://social.technet.microsoft.com/Forums/en-US/209bc176-2213-4db0-a561-28c8c9d9a6bf/msdcs-records-not-created?forum=winserverNIS

---------------------------------------------------------------------------------------------------------------------------------------

--If the reply is helpful, please Upvote and Accept it as an answer–

Answer 2

Hi,
And how did you do such conclusion that it's not a bug? Configuration is very proper - freshly installed root domain from two DCs and promotion for the third DC which is the first DC for the child domain. Enterprise Admin was used for this promotion. I know that delegated zone must be created for me perfectly well. And what I'm saying - only domain folder was created in the root domain's DNS and not the delegated zone. I did additional experiments btw. Tried to repeat the exactly the same steps with freshly installed 2008R2 environment - delegated zone WAS created. Tried the same thing with 2012R2 environment - delegated zone WAS created. Tried the same thing with 2019 environment - delegated zone WAS created. But with 2022 environment - no joy. You can try yourself if you want and I'm more that sure, that you'll see the same result. For me - it is a clear bug.

And btw, I was able to solve this issue. I installed all of the available patches for this DC I was promoting, joined it to the root domain as member server and tried to do promotion one more time. And this time correct delegation was created. So my final verdict is - I guess it was a yet another bug from many and not some kind of mythical improper configuration. And looking at my previous experiments I'm leaning more to the thought that additional patches helped ant not the fact that I joined the server to the root domain as member server.