Solved

All of my forward lookup zones are being deleted. I have added them back, but as soon as I make them AD integrated zones, they get deleted within a couple of hours. This is happening state wide across

Posted on 2008-10-10
4
273 Views
Last Modified: 2010-04-07
I have added them back, but as soon as I make them AD integrated zones, they get deleted within a couple of hours. This is happening state wide across my network. I look in the event log and it just tells me this:
"The DNS server recieved indication that Zone x.x.x.x was deleted from the Active Directory. Since this zone was an Active Directory integrated zone, it has been deleted from the DNS server."
If I add the flat file back into the dns folder and then re-create the zone and point it to the existing file it will repopulate the zone. If I leave it alone and don't make it Active Directory integrated then it's ok, but as soon as I make it AD integrated it gets deleted within a couple of hours. Don't know what is causing this or where to start looking.
0
Comment
Question by:DOCDGA
  • 2
  • 2
4 Comments
 
LVL 4

Assisted Solution

by:ckozloski
ckozloski earned 500 total points
ID: 22688036
Are you scavenging on your servers? It may see them as stale zones. Is there anything in your event viewer?
0
 

Author Comment

by:DOCDGA
ID: 22688167
Would that cause my zones to disapear? This all started after we had some power issues after the stroms in Louisiana. DNS lookup zones were AD integrated. Then after the storms, my lookup zones all got deleted. So I restored them, but didn't make them AD integrated. When I finally felt it was time, I made two of my DNS servers AD integrated on my forward lookup zones and when I came in this morning, they were gone. And yes, I have checked my event viewer and it gave me the message that I put in the beginning question. How can I scaveng them so it doesn't see them as stale? And if it does see them as stale, would it cause this problem? I am at wits end. Thanks
0
 
LVL 4

Accepted Solution

by:
ckozloski earned 500 total points
ID: 22688301
Check this article out:
http://searchwinit.techtarget.com/tip/0,289483,sid1_gci1122348,00.html
I think this may be the cause of your problem.
Also take a look at this:
http://www.phwinfo.com/forum/ms-public-win-server-dns/139296-deleted-forward-lookup-zones-spontaneously-return.html
This one is the exact opposite of the problem that you are having but it may have some bearing on a fix.
Hope this helps.
0
 

Author Comment

by:DOCDGA
ID: 22702711
I read the article and I am not sure on how to tell which copy of AD is corrupt? And all my zones are primary due to the fact when I set them up I made them primary to their subnet. I now have scavening turned on and are set up to accept dynamic updates "secure and non secure".  So if I demote all 30 DC's and keep one good one up, how do I know that the one I keep up has a good copy, so when I bring all the other's back up, they replicate with a good copy? I don't know DNS and AD back and forth, but I have AD and DNS setup on all my DC's and all my DNS forward lookup zones are primary, but for now they are NOT AD integrated. I do however have dynamic updates turned on and scavenging turned on. Will this clean things up a bit?
Now, if I were to turn on ADI one on of my forward lookup zones, in a couple of hours, it vanishes. I have ADI turned on, on everyone of my reverse lookup zones and they are all ok. But when this problem first occured, we came in one moring and on all the DC's the forward and reverse lookup zones were all gone. Since then we have been careful what we do.
0

Join & Write a Comment

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Synchronize a new Active Directory domain with an existing Office 365 tenant
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now