We are seeking internal SRV records leaking to ZPA and getting below error in the logs 
INF DNS: Srv Dns domain: _ldap._tcp.xxx.xxx.xx is not zpn domain.
We are able to get list of all domain controllers with nltest /dclist: command and all gpupdate/force, domain password reset etc works, but we are not able to load a couple fo AD tools like Active directory administration center
