Link to home
Start Free TrialLog in
Avatar of cliffordgormley
cliffordgormleyFlag for United States of America

asked on

I lost my DNS Forward Lookup zones on my new DC right after I added my first computer to the domain!

Windows Server 2003 Std. R2.
Ok, these are the times I seriously think about switching careers!
I have an 'old' 2000 STd. Server that was my original Domain Controller (DC).
I added a 'new' 2003 Std. R2 server DC.
I followed all the proper steps, i.e., 1) point new server's DNS client to old server, 2) add new server as member server, 3) put R2 CD#2 into old server and run adprep /forestprep, and adprep / domainprep to update schema, 4) run dcpromo on new server to make it a DC by adding as additional DC in domain,5) made new DC a Global Catalog server, 6) add DNS Windows component to new dc and watch zone records transfer from old dc to new dc (I am using AD Integrated zones),  7) transfer all 5 fsmo roles over from old dc to new dc.

Then I left old dc pointing to itself for DNS, and set new dc to point to itself for dns.

Then I added a pc to the domain,which was now pointing to the new DNS / DC as its preferred DNS server.
It seemed to work, as I received the 'Computer successfully added to domain'  message.
I rebooted pc.
As the pc was booting, I saw my pc listed in ADUC's Computers folder. All looked good so far.
Then when I went to log in to the domain from my pc, I got the 'Please wait for domain list to be created' message.
I got impatient and hit CTRL-ALT-DEL, as it was taking a long time.
Then when i went to log into the domain with the pc, I got the following message:  System cannot log you on because the domain DOMAINNAME is not available.  WTH!!!
I tried ping the dc/dns server by name, and could not resolve.  (I could ping by its ip)
I then looked at the forward lookup zones on the new server, AND THEY WERE ALL GONE!!!!  NOTHING.  LIKE I NEVER CREATED A ZONE EVER.
I restarted DNS service on the new server, to no avail.

I must admit, that this is a lab, and I just set up the new server yesterday, and in my rush, I failed to install antivirus or run windows updates...I only browsed the Interent for about 3 minutes today on the server.

Does anybody have any ideas?

And now, how do I transfer the FSMO roles back over to my old DC, if my old DC cannot 'connect' to the new DC?

Should the DNS / DC servers be pointing to themselves for DNS, or do both servers point to the new DC/DNS for DNS?

Avatar of plug1
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Pete Long
Hello cliffordgormley,

Agree - dont forget to install the 2003 support tools of the server CD (or my website) first


Avatar of cliffordgormley


Hi Guys
Thanks for your responses.  I will get to them soon, as I have another issue that I am working on.  Thanks for your patience.