DNS: some servers missing from DNS console, how to re-add?

Posted on 2008-06-19
Last Modified: 2012-05-05
I am using Windows Server 2003 and running three domain controllers. Something has gone a bit wonky on my DNS console and I'm wondering the best/easiest way to restore things.

Let's assume the following:

Question 1:
Short: I am wondering if the GUID CNAME entry for a newly entered nameserver on SOA will be created automatically.

From the DNS console on, under the section I noticed the following:
(same as parent folder)     Start of Authority (SOA)  ...
(same as parent folder)     Name Server (NS)
(same as parent folder)     Name Server (NS) was not listed so I double clicked on Start of Authority and added in the nameservers section.

I am also noticing
283fd5c3 -... [guid]              Alias(CNAME)

Question 2:
I recently set up a third DC, It is no longer appearing in the DNS console nor in the list of DCs in the DNS cosole. Previously the zones were replicating to it.  I am wondering what the easiest way to get it reattached would be. It was newly set  up so I could probably depromote it and repromote it if necessary, though I would prefer to know if there is another way. It is listed as a Name Server in the  Forward Lookup Zone. Ideas?

Thanks for all the help, folks.

Question by:kennethfine
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 2

Author Comment

ID: 21827259
Blah, the second half of question #1, which I omitted, was whether I need to worry about creating a GUID-equipped CNAME entry for my newly entered nameserver. Thanks.

Expert Comment

ID: 21827293
I have a couple of questions.. first I assume all your DC's are running DNS correct?

The easiest way of adding all the missing records is to start and stop the netlogon service on the DC's.. this will cause them to try and update their DNS records..

Author Comment

ID: 21827381
Thanks DocCan11. All are running DNS.
DC3 is not appearing as a machine in DC1's dnsmgmt console. It does show up when I try to connect but it wasn't appearing automatically. Not sure if that's an issue or not.

DC2 is not listed in the's list of nameservers, nor is there an Alias(CNAME) record corresponding to it. I am wondering how to add it.

If it is easiest should I simply demote and repromote both dc2 and dc3? It would be nice to know how to fix this "by hand"

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now


Author Comment

ID: 21827403
I went to and noted three errors which may point to the heart of the problem:

Missing nameservers reported by parent FAIL: The following nameservers are listed at your nameservers as nameservers for your domain, but are not listed at the parent nameservers (see RFC2181 5.4.1). You need to make sure that these nameservers are working.If they are not working ok, you may have problems!
 Missing nameservers reported by your nameservers ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are: 
This is listed as an ERROR because there are some cases where nasty problems can occur (if the TTLs vary from the NS records at the root servers and the NS records point to your own domain, for example).  

WARNING: SOA MNAME ( is not listed as a primary nameserver at your parent nameserver!

Confusing. Any help out there? Thanks...

Author Comment

ID: 21827464
Another thing I have noticed, which may also point to the heart of the problem:
For dc1, In the section of the forward lookup zones, dc1 and dc3 are listed as NS and CNAME records
For dc2, in the section of the forward lookup zones, dc2 (!!!ITSELF) is NOT listed as NS and CNAME records. dc2 is NOT replicating zones.
For dc3, in the section of the forward lookup zones, dc3 IS listed. dc3 IS replicating zones successfully from dc1.


Assisted Solution

DocCan11 earned 100 total points
ID: 21827724
are all zones AD integrated?

Author Comment

ID: 21827792
( Increasing points for this request by 100. )
hmmm, pretty weird. I looked in the forward lookup zones for all three machines and they are all listed at "Active Directory -- Integrated Primary". However!!! I noticed the following, possibly significant issues:

Repeating some info: and are replicating, is not.  

1) Attempts to connect to the DNS on ds1 FROM ds2 or ds3 using the DNS manager yeilds the following weird message:  "The computer you tried to add is not a DNS server running Windows 2000 or later. This version of the DNS console can administer the DNS server service only on computers running these operating systems. Would you like to add it anyway?

2) attempts to connect to the DNS on ds1 FROM ds2 using the DNS manager yeilds the weird message, but it also will not connect if I specify only the machine name. I have to specify the FQDN for it to attempt the connection (and yeild the message above).

LVL 71

Accepted Solution

Chris Dent earned 250 total points
ID: 21829719

'lo there :)

You have a lot of questions now, attempting to go through in order so please forgive any repetition.

> Short: I am wondering if the GUID CNAME entry for
> a newly entered nameserver on SOA will be created automatically.

For an AD Integrated Zone which permits Dynamic Updates NS records should be automatically maintained.

The same applies for the CNAME record, as pointed out by Doc it should be registered dynamically by the NetLogon service.

They're actually two separate issues.

For the NS Record, verify that dc3 has the DNS Service installed, and that it refers to a valid IP for the Name Server in TCP/IP configuration.

> I recently set up a third DC, It is no longer
> appearing in the DNS console nor in the list of DCs in the DNS cosole.

It won't appear in the DNS Console (as a server node) automatically, you'd have to add it. That's purely console level though, nothing to do with whether DNS is working.

When you say the list of DCs, you mean the Name Server list? Or the servers with (same as parent folder) listed? Or are you referring to the service records?

> I went to and noted three errors which may point to
> the heart of the problem:

Not really, ignore them. Those tests are only remotely valid for public DNS zones, they won't help with this private one.

Can you post the Replication Scope set for each of the zones you have in DNS Manager?

Can you run DCDiag and NetDiag to see if there are any more general issues? Because DNS replicates through AD problems there can impact on DNS.


Author Closing Comment

ID: 31469008
Thanks. Awarding you points for this and continuing the discussion in the second thread, which you both have participated in.

Featured Post

Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question