Inter-forest DNS error
Hi,
We have a forest with four single domain trees (A, B, C, D). One of the trees, site A, was created recently. Sites B, C and D existed already.
In trying to get site B to resolve the name of site A I manually set up a primary AD-integrated zone for it. After the fact I realised that the zone for site A had not replicated to site B because site A's DNS was not configured to do forest wide replication. Anyway when I realised this, I deleted the zone for it on site B's DNS server. Yes, big mistake.
Now site B's DNS is throwing out a lot of errors such as:
Event ID 4004
"The DNS server was unable to complete directory service enumeration of zone C. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error."
Event ID 4004
"The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error."
Event ID 4521
"The DNS server encountered error 32 attempting to load zone A from Active Directory. The DNS server will attempt to load this zone again on the next timeout cycle. This can be caused by high Active Directory load and may be a transient condition."
In addition, in Active Directory Sites and Services on the DC in site B, if I try to force it to replicate now with site A it gives the error:
"The following error occurred during the attempt to synchronize naming context Configuration from domain controller (DC in Site A) to domain controller (DC in Site B):
The naming context is in the process of being removed or is not replicated from the specified server.
This operation will not continue."
I've no idea where to go with this. Have googled it but there are so many similar dns and AD issues..
Help! :o)
Thanks,
Conor
We have a forest with four single domain trees (A, B, C, D). One of the trees, site A, was created recently. Sites B, C and D existed already.
In trying to get site B to resolve the name of site A I manually set up a primary AD-integrated zone for it. After the fact I realised that the zone for site A had not replicated to site B because site A's DNS was not configured to do forest wide replication. Anyway when I realised this, I deleted the zone for it on site B's DNS server. Yes, big mistake.
Now site B's DNS is throwing out a lot of errors such as:
Event ID 4004
"The DNS server was unable to complete directory service enumeration of zone C. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error."
Event ID 4004
"The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error."
Event ID 4521
"The DNS server encountered error 32 attempting to load zone A from Active Directory. The DNS server will attempt to load this zone again on the next timeout cycle. This can be caused by high Active Directory load and may be a transient condition."
In addition, in Active Directory Sites and Services on the DC in site B, if I try to force it to replicate now with site A it gives the error:
"The following error occurred during the attempt to synchronize naming context Configuration from domain controller (DC in Site A) to domain controller (DC in Site B):
The naming context is in the process of being removed or is not replicated from the specified server.
This operation will not continue."
I've no idea where to go with this. Have googled it but there are so many similar dns and AD issues..
Help! :o)
Thanks,
Conor
Last Comment
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
I have tried recreating but no joy.. When I try to replicate AD it gives an error about "RPC server is unavailable" and if I try to rebuild the application partition in DNS it gives me an error about credentials. I might try to manually delete the zone in the child domain and then recreate it and see if that resolves it. I can try this at the weekend.
I'm not sure if I can delete the dns zone on the only dns server in the domain though - will it impact Active Directory if I do?
Thanks,
Conor
I'm not sure if I can delete the dns zone on the only dns server in the domain though - will it impact Active Directory if I do?
Thanks,
Conor
RPC server is not available is usually a DNS client configuration. Check the DNS settings .
ASKER
Still an issue.. think there is a corruption related to this zone in AD.. Will raise a new question about it with more information rather than continuing this.
Thanks for your help though!
Thanks for your help though!
Windows Server 2008
Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.
86K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
ASKER
The forest root domain is C.
How do I recreate the zone? Should I delete the zone for A on server A (i.e. its own domain controlller)? All zones are already AD integrated zones, though like I said, the zone for A is not replicating on the site B domain controller.
Should I be doing this on zone B? Restarting the services and changing the DNS zones?
Thanks.