diff --git a/plugins/modules/ipadnsforwardzone.py b/plugins/modules/ipadnsforwardzone.py
index b28f28dbe0d950a22472a7cf1a3364a371e0c448..3968e6a125b65b2ed686d98f159af91b30a981f5 100644
--- a/plugins/modules/ipadnsforwardzone.py
+++ b/plugins/modules/ipadnsforwardzone.py
@@ -217,6 +217,11 @@ def main():
             # Make sure forwardzone exists
             existing_resource = find_dnsforwardzone(ansible_module, name)
 
+            # validate parameters
+            if state == 'present':
+                if existing_resource is None and not forwarders:
+                    ansible_module.fail_json(msg='No forwarders specified.')
+
             if existing_resource is None and operation == "update":
                 # does not exist and is updating
                 # trying to update something that doesn't exist, so error
diff --git a/tests/dnsforwardzone/test_dnsforwardzone.yml b/tests/dnsforwardzone/test_dnsforwardzone.yml
index ac08a48fb14ac1686f7a498eff45fb5a4d4e0c3a..d94db9e589f3c4a5f8cb8463ca7adb50eaeaa8ab 100644
--- a/tests/dnsforwardzone/test_dnsforwardzone.yml
+++ b/tests/dnsforwardzone/test_dnsforwardzone.yml
@@ -5,10 +5,12 @@
   gather_facts: false
 
   tasks:
-  - name: ensure forwardzone example.com is absent - prep
+  - name: ensure test forwardzones are absent - prep
     ipadnsforwardzone:
       ipaadmin_password: SomeADMINpassword
-      name: example.com
+      name:
+      - example.com
+      - newfailzone.com
       state: absent
 
   - name: ensure forwardzone example.com is created
@@ -207,6 +209,13 @@
     register: result
     failed_when: result.changed
 
+  - name: Ensure forwardzone is not added without forwarders, with correct message.
+    ipadnsforwardzone:
+      ipaadmin_password: SomeADMINpassword
+      name: newfailzone.com
+    register: result
+    failed_when: not result.failed or "No forwarders specified" not in result.msg
+
   - name: ensure forwardzone example.com is absent - tidy up
     ipadnsforwardzone:
       ipaadmin_password: SomeADMINpassword