Best practices for DNS forwarding:

To create a conditional forwarder zone in powershell:

read this reference doc:


To create a conditional forwarder zone (stored in the registry of the DNS Server):

Add-DnsServerConditionalForwarderZone -Name “” -MasterServers 2001:4898:7020:f100:458f:e6a2:fcaf:698c, -PassThru

ZoneName                            ZoneType        IsAutoCreated   IsDsIntegrated  IsReverseLookupZone  IsSigned

——–                            ——–        ————-   ————–  ——————-  ——–                         Forwarder       False           False           False


This command creates an Active Directory-integrated conditional forwarder zone for

Add-DnsServerConditionalForwarderZone -Name “” -ReplicationScope “Forest” -MasterServers 2001:4898:7020:f100:458f:e6a2:fcaf:698c,


To change an existing conditional forwarder zone, use the cmdlet: