What is the impact of Reloading a zone on DNS server
I have been battling a very strange situation of trying to simply add another Domain controller to the network. When I run DCPROMO everything seems to go well, but I am missing OU's and content from the OU's that have replicated. On the new server called newDC this is the error under DNS event.
The DNS server was unable to open zone CCL.local in the Active Directory from the application directory partition DomainDnsZones.CCL.local. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.
On the current Domain controller with DNS installed, If I reload the zone, what impact will that have on all DNS entries?
Does anyone have any ideas?
The DNS server was unable to open zone CCL.local in the Active Directory from the application directory partition DomainDnsZones.CCL.local. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.
On the current Domain controller with DNS installed, If I reload the zone, what impact will that have on all DNS entries?
Does anyone have any ideas?
Are you running AD integrated DNS?
How is that server configured for DNS (Is it pointing to itself for primary DNS or pointing to another DC for primary DNS)
Are there 4015 errors in your logs?
No issues if you reload the zone.
Thanks
Mike
How is that server configured for DNS (Is it pointing to itself for primary DNS or pointing to another DC for primary DNS)
Are there 4015 errors in your logs?
No issues if you reload the zone.
Thanks
Mike
ASKER
Mike / Chris
I am the NA. As you can see there is only one Domain Controller. Windows 2003 Stnd R2.
I purchased a new server HP PRoliant DL360 and loaded Windows 2003 Stnd R2, to add to the domain, then promote, then sending back the original DC to D_LL :)
I am receiving 4001, 4007 event ID's.
Question: The moment I set foot in here, I purchased and installed Backup Exec 12.5 and have everything backed up to tape. Is there a way I can recreate the domain without loosing SIDS, if running this promotion fails??
I am the NA. As you can see there is only one Domain Controller. Windows 2003 Stnd R2.
I purchased a new server HP PRoliant DL360 and loaded Windows 2003 Stnd R2, to add to the domain, then promote, then sending back the original DC to D_LL :)
I am receiving 4001, 4007 event ID's.
Question: The moment I set foot in here, I purchased and installed Backup Exec 12.5 and have everything backed up to tape. Is there a way I can recreate the domain without loosing SIDS, if running this promotion fails??
Recreating the domain is unlikely to be necessary except where we're suffered from a really catestrophic failure.
If it's having problems promoting DCDiag, NetDiag and browsing the Event Logs are the best starting points. They will quickly highlight the most serious errors that may need to be given a little attention.
Chris
ASKER
Application Logs on Domain Controller
1.MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC will continue to function and will use the existing security settings. Error Specifics: %1
2. MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC will continue to function and will use the existing security settings. Error Specifics: d:\nt\com\complus\dtc\dtc\
No Callstack,
CmdLine: C:\WINDOWS\system32\msdtc.
DNS Server
3.The DNS server was unable to complete directory service enumeration of zone conexsys.net. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error. 4004
4.The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error. 4015
1.MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC will continue to function and will use the existing security settings. Error Specifics: %1
2. MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC will continue to function and will use the existing security settings. Error Specifics: d:\nt\com\complus\dtc\dtc\
No Callstack,
CmdLine: C:\WINDOWS\system32\msdtc.
DNS Server
3.The DNS server was unable to complete directory service enumeration of zone conexsys.net. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error. 4004
4.The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error. 4015
These are on your new DC aren't they? Anything on the current one?
Chris
ASKER
These events are from the current DC
On the new DC that is failing...These are the logs
The DNS server was unable to open zone domain.local in the Active Directory from the application directory partition DomainDnsZones.domain.loca
The DNS server was unable to open zone 100.168.192.in-addr.arpa in the Active Directory. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code. 4001
The File Replication Service has enabled replication from AD to ADSERVER for c:\windows\sysvol\domain after repeated retries.
On the new DC that is failing...These are the logs
The DNS server was unable to open zone domain.local in the Active Directory from the application directory partition DomainDnsZones.domain.loca
The DNS server was unable to open zone 100.168.192.in-addr.arpa in the Active Directory. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code. 4001
The File Replication Service has enabled replication from AD to ADSERVER for c:\windows\sysvol\domain after repeated retries.
Okay, so can we also see:
RepAdmin /ShowReps
And if you could run DCDiag and NetDiag the output would be helpful :)
Chris
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for your help in resolving this issue
> If I reload the zone, what impact will that have on all DNS entries?
None, they should have been written back to AD anyway. A reload would occur whenever you restarted the DNS service or the server anyway.
You might consider running DCDiag / NetDiag considering some of the issues you describe.
Chris