How do I completely remove DNS from Win2003 Svr?
Posted on 2008-11-19
Ok, here's the deal. I went out to help someone with a Windows 2003 Server that they had someone else already setup. The DNS appears to be completely messed up, so I'm thinking the best solution is to just remove it and reinstall it, but I want to make sure all prior config data doesn't get recreated when I do that.
For starters, I'll show some of the event & diag results. I'm getting this in the event log:
"The zone %1 is configured to accept updates but the A record for the primary server in the zone's SOA record is not available on this DNS server. This may indicate a configuration problem. If the address of the primary server for the zone cannot be resolved DNS clients will be unable to locate a server to accept updates for this zone. This will cause DNS clients to be unable to perform DNS updates. Explanation
The host address (A) resource record associated with the start of authority (SOA) resource record for this zone is missing. Host (A) resource records are used in a zone to associate DNS domain names of computers (hosts) to their IP addresses.
The host (A) resource record could be missing because it was not registered, because it was accidentally deleted, or because the SOA is preventing any host address (A) resource records from being registered.
Manually create a host (A) resource record using the DNS console and then inspect the SOA record to ensure that it is correct"
"The DNS server did not detect any zones of either primary or secondary type during initialization. It will not be authoritative for any zones, and it will run as a caching-only server until a zone is loaded manually or by Active Directory replication."
"The zone_msdcs.domain.local is configured to accept updatea but the A record for the primary server in the zone's SOA record is not available on this DNS server. This may indicate a configuration problem. if the address of the primary server for the zone cannot be resolved DNS clients will be unable to locate a server to accept updates for this zone. This will cause DNS clients to be unable to perform DNS updates"
Here's the result of DCDIAG:
"E:\Program Files\Support Tools>dcdiag /test:DNS
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site\DOMAIN-SERVER
Starting test: Connectivity
*** Warning: could not confirm the identity of this server in
the directory versus the names returned by DNS servers.
If there are problems accessing this directory server then
you may need to check that this server is correctly registered
......................... DOMAIN-SERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site\DOMAIN-SERVER
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : TAPI3Directory
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : DOMAIN
Running enterprise tests on : DOMAIN.local
Starting test: DNS
Test results for domain controllers:
TEST: Basic (Basc)
Error: The A record for this DC was not found
TEST: Dynamic update (Dyn)
Warning: Dynamic update is enabled on the zone but not secure
TEST: Records registration (RReg)
Network Adapter  Broadcom BCM5708C NetXtreme II GigE
(NDIS VBD Client):
Error: Missing A record at DNS server 192.168.2.10 :
Warning: Missing DC SRV record at DNS server 192.168.2.10 :
Warning: Missing GC SRV record at DNS server 192.168.2.10 :
Warning: Missing PDC SRV record at DNS server 192.168.2.10
Error: Record registrations cannot be found for all the network a
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
DOMAIN-SERVER PASS FAIL PASS PASS WARN FAIL n/a
......................... DOMAIN.local failed test DNS
E:\Program Files\Support Tools>"
So as you can see, a lot of problems here. For instance, DNS shows to be configured for dynamic update, but it's just not working. Also, I have no idea why there's the "TAPI3Directory" directory. That's one of the things that I want to go away.
So, here's what I've got in regards to flushing out DNS and any vestiges of the old config:
"-convert dns to primary zone (uncheck integrate with active directory)
-remove dns in configure your server
-remove dns folder from system32
-in system32\config remove netlogon.dnb and netlogon.dns
reinstall dns (configure your server) with the correct zone name
then at the command prompt:
net stop netlogon
net start netlogon"
Does my game-plan sound about right, or am I missing something here? It just seems to me that whatever the problem is here, removing DNS and starting from scratch seems to be the best way to go. Sorry for the long winded post, but I'm trying to provide as much info as possible for anyone willing to help.