I have a standard small network setup (20 users) on Active Directory. All Windows machines have a primary DNS server as the AD and a secondary DNS server as Google PDNS. I want to setup a DNS entry that exists in real DNS but set it up on our DC so that local requests would route this public domain to a local development machine on the network.
I setup the zone in DNS which results in the clients resolving the public FQDN to our internal IP. However, sometimes it still resolves to the "real" value (I check by pinging it). Is there some way to give the zone definition in my DC DNS higher priority? Or will the client that has secondary public DNS always at sometimes have a competing entry for this zone?
By Google PDNS, I'm assuming you mean one of Google's new "public use" DNS servers. If so then my recommendation would be to remove it as the secondary DNS server for your internal clients. Internal AD\DNS clients should always be configured to use only the internal AD\DNS server(s) for DNS name resolution. You can configure your AD\DNS server(s) to use the Google DNS servers as forwarders if you like, but all internal clients (including the AD\DNS server) should be configured to use the internal DNS server(s) only.
Once you do that, all of your internal clients will look only to the internal AD\DNS server for all name resolution and any zone that the AD\DNS server is authorative for will be answered only by the internal AD\DNS server.
Have you flushed the DNS cache for all of the clients? You would also want to flush the server DNS cache (different from the server's resolver cache) by using the DNS console and right clicking the server. However, if it was a server caching issue, I'd expect it to be causing problems with all clients, all the time.
The only reason that your Windows clients will ever check the secondary DNS server is if the first one becomes unavailable, i.e. times out. Are there any availability issues with your DNS server?