Reversing a New Delegation "continued"

This is a Repost and continuation of a previous posting.  There appears to be some hardware/software issues that prohibits and trashes some of my postings.  Customer Service is aware of the problems.  The points remain at 500 and please post only to this posting now--

I made a mistake and chose to delegate our domain.local to a child domain "child.domain.local" using the new delegation.  The child dc isn't fully configured so I have a few replication issues. Otherwise things appear to be working fine.
The only thing I am concerned about is under our domain.local the _msdcs folder is grayed out. It has one NS record pointing to the server it is on.  The child domain folder appears to have the information.  Also the _msdcs.somain.local zone looks fine.
What does the grayed out icon mean?  Is there a way to revese or change back the delegation?
 Send to a Friend     Printer Friendly  
 Comment from Pber
Date: 07/13/2006 05:12AM PDT

Delegations are normally grayed out.  It will only contain the NS records you've added of the delegated domain.  So this is normal behavior.  To reverse a delegation, you just delete it and re-create if needed.
Comment from smantz
Date: 07/13/2006 06:13AM PDT
 Your Comment  

Thanks for the help but I neeed clarification before I start deleting items.
1. Which folders do I delete?  I assume the grayed out delegation folder (_msdcs) but what do I do with the child domain folder which appears to have all info in it(where I delegated to)?  Do I delete it and add it back?
2. What are the steps to recreate the _msdcs folder and info in it?
3.  I have two root DC's with AD and DNS.  Do I need to do it to both for proper transfer?
4.  What about the child DC with AD?  How can I start over with it and have a clean slate? Demote/uninstall?
5.  Are there any clear and concise resources explaining setting up chil domains including what dns records are needed on it and how to create them?
--Thanks for the help
Comment from Pber
Date: 07/13/2006 07:26AM PDT

Well, this is a sticky situation because you delegated the root to the child.  I hope I getting that right.

You will probably want to do this off hours because you might have some issues if you delete the delegation.  

- I would write down/export  the _msdcs records so I have a backup.  The root DC's should have a file called netlogon.dns in %windir%\system32\config.  This file should contain the DNS SRV records.  It might help to have this if you need to re-create.
- I make sure my root DNS servers are pointing to themselves for DNS.  
- I would remove the delegation wait a about 2 minutes for replication.
- I would do a ipconfig /registerdns on each root DC.
- I would also stop/start netlogon on each root DC.
- Then I would check to see if it re-created the _msdcs folders.

You will need DNS to have the proper SRV records for each DC for proper replication.  You should make your AD DNS zone active Directory integrated (configured in General TAB of the zone properties).

You can try and do a IPconfig /registerDNS on the child DNS servers and see if they register properly.  If your child domain isn't in use it might be best to start from scratch.

Have you seen this article from M$:
New from Steve in response to Pber

I think you are getting it right.  By the way, that article was the one I was using and if you notice, in the section:
Manually Create a Delegation for the Child Domain on the Parent (Root) DNS Server--- You delegate the root zone to a Dns server in the child zone.  Unfortunately my steps in the later part were slightly out of sync and this probably why things are not set up properely.  I thought it was the other way around and I was going to delegate the child to the root/parent.  The child server (dns/ad) isn't even running at this time.
The only grayed out item under the forward lookup zones is the domain.local _msdcs folder(zone?).  All other information under "domain.local" is there.  The _msdcs.domain.local above the zone "domain.local" is all in tack.  I'll assume this holds all the information for the forest and why everything is still working other than some replication errors.
What constitutes removing the delegation?  Is it deleting the grayed out icon as there is no "remove delegation" item?
Do I do it on both?  Do I delete the child zone with all the info in it?
Doesthis  affect the _msdcs.domain.local zone above the domain.local zone?
Thanks for the patience,

smantzDirector of TechnologyAsked:
Who is Participating?
PberConnect With a Mentor Solutions ArchitectCommented:
Removing the delegation is right clicking the grayed out section and deleting.  If your DNS is AD integrated, it should only need to be done on one server.  This should only effect the _msdcs.domain.local zone.
PberSolutions ArchitectCommented:
PberSolutions ArchitectCommented:
Did your test work?
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

smantzDirector of TechnologyAuthor Commented:
Well hello every one, Hope this posts.  The staff at E-E and I are trying to resolve an issue that affects only a few individuals.
Thus far I have:
1.  Deleted the child domain
2.  Deleted the delegation pointer (grayed out icon)
3.  Ipconfig /registerdns  on both DC's/dns servers
4.  Netlogon  Stop/Start both Dc's

As of last night before leaving work, the _msdcs folder under domain.local hadn't rebuilt itself.

Do I need to delete the whole domain.local zone for everything to rebuild?
PberSolutions ArchitectCommented:
Check out this:

Also is your DHCP client running on the Domain controller?  Although you statically assign the IP address, the DHCP client is still needed as that is the service that registers your DNS entries.
PberSolutions ArchitectCommented:
Did you get it going?
Has anyone tried this solution of deleting the delegation of the child domain? If so, what are the potential side since the subdomain has already been delegated.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.