Link to home
Start Free TrialLog in
Avatar of jaesoul
jaesoulFlag for United States of America

asked on

Major DNS Issues in small AD environment

Today I was setting up a third DC at a branch location, and I think I made a mistake when configuring the DNS server. Here is what i did:

All sites are connected via site to site VPN

I added the server to the domain as  a DC  and all worked fine from here. all objects and settings replicated fine.

From here I created a new DNS server.  and added a forward lookup primary zone, active directory interated... But i think i made my error here. I installed DNS after i installed the DC, and i did not change the DNS server on the new DC to 127.0.0.1 before adding the forward look up zone.

Here are the error that immediately began to occur:

The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "000020B5: AtrErr: DSID-03152392, #1:
      0: 000020B5: DSID-03152392, problem 1005 (CONSTRAINT_ATT_TYPE), data 0, Att 9067d (msDS-NC-Replica-Locations)". The event data contains the error.

Here is another error:

Event Type:      Information
Event Source:      DNS
Event Category:      None
Event ID:      4514
Date:            3/7/2008
Time:            9:34:57 PM
User:            N/A
Computer:      DC1FYOP
Description:
The DNS server detected that it is not enlisted in the replication scope of the  directory partition DomainDnsZones.bgcgg.local. This prevents the zones that should be replicated to all DNS servers in the bgcgg.local domain from replicating to this DNS server. For information on how to add a DNS server to the replication scope of an application directory partition, please see Help and Support.
 
To create or repair the domain-wide DNS directory partition, open the the DNS  console. Right-click the applicable DNS server, and then click 'Create Default Application Directory Partitions'. Follow the instructions to create the default DNS application directory partitions. For more information, see 'To create the default DNS application directory partitions' in Help and Support.
 The error was 9002.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2a 23 00 00               *#..    


So I am getting these scary error across he board. I finally removed DNS off this server, b/c i was afraid this was going to somehow replicate and corrupt the rest of my AD.

Any assistance would be deeply appreciated. Thank you guys.






Avatar of hbustan
hbustan
Flag of Kuwait image

ASKER CERTIFIED SOLUTION
Avatar of ChiefIT
ChiefIT
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of Amit Bhatnagar
Amit Bhatnagar
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jaesoul

ASKER

I am afraid to do that b/c i do not know what it does. How many times does MS tell you to do something that wrecks your whole system.
:D...No, it wont create any issues...But you have not even mentioned the current replication scope for the other DNS Server...Is it Forest Wide \Domain Wide or to DNS Server Only?