INF DNS: Srv Dns domain: is not zpn domain

We are seeking internal SRV records leaking to ZPA and getting below error in the logs :slight_smile:

INF DNS: Srv Dns domain: _ldap._tcp.xxx.xxx.xx is not zpn domain.

We are able to get list of all domain controllers with nltest /dclist: command and all gpupdate/force, domain password reset etc works, but we are not able to load a couple fo AD tools like Active directory administration center