Solved

Active directory Zone replication issue

Posted on 2010-11-24
2
591 Views
Last Modified: 2012-05-10
We have a Windows Server 2003 Forest in our company with an empty forest root, and 6 Child domains. We have DNS Set up for all child domains to replicate the zone to all domain controllers in the forest. A couple of weeks ago the only Domain controller in one of the domains crashed. The Local IT built a new domain controller for this child domain, however didn't set the DNS Zone for that domain to replicate to All DC's in the forest.  He recently tried to change it to replicate in the forest after noticing it, but is now receiving an error stating that there's already a copy of the Zone in the ForestDNSZones partition. We need to get the child domain's DNS Zone replicating as it was initially, and I'm wondering what I'd do

I had read a Microsoft Article stating to delete the zone from the Forest Root Doamin DNS Server, and then attempt to promote the Child domain's DNS Zone to replicate to the forest, however i'm a bit paranoid to delete an entire DNS Zone.

IHas anyone come across this issue before, and what did you do to resolve?
0
Comment
Question by:pathix
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 15

Accepted Solution

by:
markpalinux earned 500 total points
ID: 34206851
pathix,

I have done just that deleted the zone at the forest then promoted the local dns to be stored in the forest.

I guess you could do it the other way as well, delete the child dns, restart the dns service and let the dc get the zone info from the forest.

Look to perform the work after hours.

You want to make sure all records are in the zone after changes -
Make sure you know any records which need to be manually recreated.

I would use psexec or scheduled tasks on all severs to run
ipconfig /registerdns

there are way to dump all dns records, that way you have a backup. you may need to enable zone transfers for the dumps to work

http://theessentialexchange.com/blogs/michael/archive/2009/06/17/getting-the-contents-of-an-active-directory-integrated-dns-zone.aspx
http://www.windowsnetworking.com/kbase/WindowsTips/WindowsXP/AdminTips/Network/nslookupandDNSZoneTransfers.html

Hope that helps,
Mark
0
 

Author Comment

by:pathix
ID: 34207257
Thanks Mark, I'm just wondering why there would be missing DNS Records if we deleted it off of the forest root, and promoted it at the child? I guess you're referring to this if I went down the route of deleting it from the child.. I don't think I'll go this way..

So i'll delete if off of the root, will I then have to Force replication to the child site before the child DC will be able to promote the Child DNS Zone to the forest?
0

Featured Post

Ready to trade in that old firewall?

Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question