DCDIAG /TEST:DNS RETURNS Broken Delegation erros

We are operating in a AD environment of Windows 2003 R2 servers in a single flat domain with three separate subnets. Each subnet has its own DC operating as its DNS server. When I run DCDIAG /TEST:DNS i receive error messages that delegation is broken. DC107 is the server I'm running the test from and we are not delegating DNS zones. Also any idea why it would state our domain twice?

 Summary of test results for DNS servers used by the above domain controllers:
    DNS server: 192.168.10.13 (dc107.danos.com.)
       1 test failure on this DNS server
       Delegation is broken for the domain danos.com.danos.com. on the DNS server 192.168.10.13
    DNS server: 192.168.12.14 (drdc107.danos.com.)
       1 test failure on this DNS server
       Delegation is broken for the domain danos.com.danos.com. on the DNS server 192.168.12.14
    DNS server: 192.168.14.8 (dc4hou07.danos.com.)
       1 test failure on this DNS server
       Delegation is broken for the domain danos.com.danos.com. on the DNS server 192.168.14.8
    DNS server: 192.168.15.13 (dc5laf07.danos.com.)
       1 test failure on this DNS server
       Delegation is broken for the domain danos.com.danos.com. on the DNS server 192.168.15.13
DCITdeptAsked:
Who is Participating?
 
Chris DentPowerShell DeveloperCommented:

Sorry for the late reply, had to head off to bed.

Yes, please do :)

Chris
0
 
Chris DentPowerShell DeveloperCommented:

Odd record name.

Do you see a "com" folder with danos within it under your normal danos.com forward lookup zone?

Chris
0
 
DCITdeptAuthor Commented:
Yes under the forward lookup zones folder
danos.com
com
0
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
Chris DentPowerShell DeveloperCommented:

That'll be what it's seeing. If you see another "danos" folder underneath, is it greyed out?

Chris
0
 
Chris DentPowerShell DeveloperCommented:

Hmm maybe not quite actually. I'd expect to see:

Forward Lookup Zones
   | - danos.com
              | - com
                     | - danos

If the danos folder exists there, and is greyed out then that's the source of the error. Check the NS records for it if it needs to exist, delete "com" and below if it doesn't.

Is that what you're seeing?

Chris
0
 
DCITdeptAuthor Commented:
forward lookup zones folder
danos.com folder
com folder
danos folder (not greyed out) contains a single Host A record for a web server
0
 
DCITdeptAuthor Commented:
Chris do you believe that this com folder is not needed? The web server record in the danos folder is at a DR site. Additionally there exist a host A record for this web server under the forward lookup zone.
Thanks
0
 
Chris DentPowerShell DeveloperCommented:

What's under the com folder?

Chris
0
 
DCITdeptAuthor Commented:
Danos folder with a single A host record
0
 
DCITdeptAuthor Commented:
Forward Lookup Zones
   | - danos.com
              | - com
                     | - danos
Should I remove this danos folder and retest DNS?
0
 
DCITdeptAuthor Commented:
THANK you for your assistance, DCDIAG /TEST:DNS ran cleanly without error
0
 
DCITdeptAuthor Commented:
When we run DCDIAG we receive the following series of errors on DC107 which is our DNS server at our manin site. Shoudl we be concerned?

 An Error Event occured.  EventID: 0x00000457
    Time Generated: 04/18/2009   06:44:19
    (Event String could not be retrieved)
 ......................... DC107 failed test systemlog
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.