[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1714
  • Last Modified:

_msdcs folder creation

I have been trying to repair a Integrated DNS Server on our Windows 2008 domain.  The issue has been that the _msdcs folder was missing from foward lookup zones, it was list under our domain.com.au forward lookup zone but not as a zone.

What I did was recreate the zone and then manually input the 3 NS Servers pointed there interface at themselves and did the common thing that I have ssen about this which is.

ipcong /registerdns
net stop netlogon
net start netlogon

After a bit I slowly but surely saw is started to rebuild itself.  However now that it has I am only left with the following structure
And there subdirectories.  What am I missing that the domain and gc folder will not create automatically.  I have tried a dcdiag /fix, I have also tried pointing the 3 dc's interfaces back to there own IP addresses.

If anyone can help asap that would be great.
1 Solution
Darius GhassemCommented:
If you delete both zones that are created you can then recreate the domain.com zone which will then place all records needed into the zone. Make sure you put the real IP address in your TCP\ip properties for your DNS server not the loopback address. Also, make sure you don't have any external DNS servers listed in your TCP\IP properties.

If you just delete those zones and recreate them you will have a easy time.
As Dariusg suggested, just delete them and restart netlogon services, it should  be recreated automatically.
balwynhighAuthor Commented:
When it recreates them does it create them under the Zone I create or does it do it like what happens when you install a new domain and create a zone called _msdcs.domain.com.au

What is the differenece between these.
Chris DentPowerShell DeveloperCommented:

It will create them under the main (domain.com.au) zone by default. It only creates _msdcs when you creates the new domain.

The _msdcs folder exists separately for two reasons:

1. Allows you to control Aging of _msdcs separately from domain.com.au
2. Allows you to set a different replication scope for _msdcs from the main domain.com.au zone

For most simple forests (single domain forests) that's entirely unnecessary and it may as well be under domain.com.au.

balwynhighAuthor Commented:
You gave me the right area to look into, I create a VM site and recreated the DNS entries, by creating the _msdcs.zone first and then the domain zone second, reregistered the DNS entries and whola everything came up correctly.  No more 4010 erros constantly.

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now