[Webinar] Streamline your web hosting managementRegister Today


Active Directory, DNS, Sites and Serivces. Etc.  SYNC failures - AD Replication, DNS issues.

Posted on 2007-08-12
Medium Priority
Last Modified: 2009-07-29
Here is the situation:

I had smallbusiness.local and warriorking.local - i was testing multiple domain replications (partition replication between doamin controllers). I determine that the warriorking.local domain was hosed and was causing all kinds of replication  and other DNS issues all day long.

I Decided to remove the domain controller (from the forest root dc that housed smallbusiness and corp.smallbusiness) - i had a parent child domain and then added the new tree in an existing forest of:
warriorking.local.   (This is the background).

I tried to remove ad from the warrior king domain but ntdsutil would not remove the domain neither would dcpromo so i had to use dcpromo /force removal. then i removed the 2-way trust by using the netdom /trust /force etc command.

Then i removed the the _msdcs (underscore??? zone) but not the other ad zone with all of my dc records in it? why are there 2 zone files with the same records?

Now i cant join new machines to the domain:

Here is the:

C:\>repadmin /syncall
CALLBACK MESSAGE: Error contacting server dbe30800-5661-4d6e-a397-8baf568401a7._
msdcs.smallbusiness.local (network error): 1722 (0x6ba):
    The RPC server is unavailable.

SyncAll exited with fatal Win32 error: 8440 (0x20f8):
    The naming context specified for this replication operation is invalid.


Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SERVER4
      Starting test: Connectivity
         The host dbe30800-5661-4d6e-a397-8baf568401a7._msdcs.smallbusiness.loca
l could not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         couldn't be resolved, the server name (server4.smallbusiness.local)
         resolved to the IP address ( and was pingable.  Check
         that the IP address is registered correctly with the DNS server.
         ......................... SERVER4 failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SERVER4
      Skipping all tests, because server SERVER4 is
      not responding to directory service requests

I know it would much easier to reinstall but then i might as well just use a mac - so any advice here would be greately appreciated. - I dont expect someone to just fix this for me but it would be nice if i could get pointed int he right direction...

Thank You,

Question by:rbollinger1212
  • 3
  • 3
LVL 51

Expert Comment

ID: 19680911
Of course you can't - you deleted all the Service Records.....

To begin with, in a multi-domain forest, you MUST move the Infrastructure Master role to a NON-Global Catalog DC.

Now, recreate the _msdcs zone as a Standard Primary zone that is AD Integrated.  Make the replication scope "All DNS servers in the Forest"

Reboot or restart the Netlogon service on each DC once the zone propogates.


Author Comment

ID: 19681046
Then i removed the the _msdcs (underscore??? zone) but not the other ad zone with all of my dc records in it? why are there 2 zone files with the same records?

I had 2 zones: one with an _msdcs (smallbusiness.local etc).

then i had the full zone:

smallbusiness.local with all of my srv records in it.

I deleted the _zone (the zone that was not in my (smallbusiness.local) zone).

That i believe was a delegation? I am not sure.

I ended up getting to work by removing the zone entirely cleaning up the netlogon.dns file then removing it restarting it in dsrm and then (i didnt actually need to restart in dsrm) replacing the netlogon.dns file.

and now everything works...

Any more input?

LVL 51

Expert Comment

ID: 19682683
If this was upgraded from 2000, then I would expect to see the msdcs folder inside the main domain zone.  However, when it was upgraded, it should have created the top level zone _msdcs.smallbusiness.local and populated it from the sub folder msdcs.  Once done, the msdcs subfolder would be replaced with a delegate record pointing to the server so it picks up the info from the top-level zone.

Now, with respect to your child domain issues...make sure the Infrastructure Master role is on another root domain DC that is not a GC.

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.


Author Comment

ID: 19686748
Ok.... So heres what i have understood:

forestroot.com << first domain in the AD forest << 
newtree.com << second tree in the AD forest
child.newtree.com << second tree, third domain (child domain of newtree.com)
everything above shares one schema master and infrastructure master?

each tree and each child domain both do there own RID, PDC, and domain naming?

Is this right or am i off the wall?

Please advise...


LVL 51

Accepted Solution

Netman66 earned 2000 total points
ID: 19687478

Schema Master and Domain Naming Master are Forest-level roles.

PDC, RID and Infrastructure Master are Domain-based roles.

The IM role can be located on a GC only in the two following cases:
1)  You have only one domain in your Forest.
2)  Your domain (in a multi-domain forest) has every DC running as a Global Catalog.


Author Comment

ID: 19692433
Thanks for all your help.. I am almost ready to take my 70-290 exam...

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…
SQL Database Recovery Software repairs the MDF & NDF Files, corrupted due to hardware related issues or software related errors. Provides preview of recovered database objects and allows saving in either MSSQL, CSV, HTML or XLS format. Ensures recov…

591 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question