Hello -
Walked into a new job, main focus is to clean up Active Directory, as the previous employee had created a "monster". One of the things he did was create a new forest (two transittive trust is in place). I have never encountered either the Broken Delegation nor the Missing Glue Records before). From what I have learned about Glue records, this may be caused by a "missing" or demoted Domain Controller?
Forest 1 (PDC I ran DCDIAG on) - mycompanynet.net
Forest 2 - mycompany.net, this is the new forest
I ran a DCDIAG /C /V
I recieved the following errors against many domains (in the DNS console, all of the domain that received either errors are greyed out, with no access to the security tab)
Delegated domain name: batchfilelibrary.mycompany.net.
Warning: Delegation of DNS server ns-dr-int.mycompanynet.net. is broken on IP:10.80.50.185
Error: DNS server: ns-dr-int.mycompanynet.net.
IP:10.80.50.185 [Broken delegation]
Warning: Delegation of DNS server ns-prod-int.mycompanynet.net. is broken on IP:10.180.50.185
Error: DNS server: ns-prod-int.mycompanynet.net.
IP:10.180.50.185 [Broken delegation]
or
Delegated domain name: documentfilelibraryservice.mycompany.net.
Warning: Delegation of DNS server nsptdr.mycompany.net. is broken on IP:10.82.50.185
Error: DNS server: nsptdr.mycompany.net. IP:10.82.50.185
[Broken delegation]
Error: DNS server: nsptprd.mycompany.net.
IP:<Unavailable> [Missing glue A record]
[Error details: 9714 (Type: Win32 - Description: DNS name does not exist.)]