Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

DNS

Posted on 2011-04-22
20
Medium Priority
?
224 Views
Last Modified: 2012-05-11
How do you remove a DNS zone that keeps coming back after a reboot
0
Comment
Question by:meteorman
  • 10
  • 5
  • 5
20 Comments
 
LVL 1

Expert Comment

by:hangeles1
ID: 35451036
Whats restoring the zone on restart?
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 35451076
Probably it's replicating with a clustered server. How many DNS servers do you have on your domain, and/or forest?
0
 

Author Comment

by:meteorman
ID: 35451319
after running the Ntdsutil and removing the server entries on reboot i get this message.

The DNS server was unable to open zone _msdcs.portland.ccoffset.com in the Active Directory from the application directory partition ForestDnsZones.portland.ccoffset.com. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.
.
I had gone into the DNS snap in manually deleted every entry that contains the deleted server name but it all comes back when I reboot still com
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Expert Comment

by:hangeles1
ID: 35451346
This zone is automatically created for service records, like ldap etc. Did you remove a domain from your forest? Are you trying to clean up records that were left behind?
0
 

Author Comment

by:meteorman
ID: 35451369
Yes
0
 
LVL 1

Expert Comment

by:hangeles1
ID: 35451380
If thats the case, and you demoted a DC, you might need to manually remove the records with the instructions below:

http://support.microsoft.com/kb/230306
0
 

Author Comment

by:meteorman
ID: 35451402
I've already performed that procedure
0
 
LVL 1

Expert Comment

by:hangeles1
ID: 35451417
This is similar, but has a few extra steps:

http://support.microsoft.com/kb/216498
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 35451746
The best metadata removal thread is this one:

http://www.petri.co.il/delete_failed_dcs_from_ad.htm

You also have to remove these from AD sites and Services. Those are the DCs you replicate with. The thread above tells you how to remove DCs from DNS, FRS, and AD.
0
 

Author Comment

by:meteorman
ID: 35453170
I keep getting this error when I run dcdiag. How do  I do I resolve it?

        Warning: CN=NTDS Settings\0ADEL:d64756b8-d94b-4add-b0ae-a9bd5b4d9bf3,CN
=W2K3-EXCHANGE\0ADEL:cf35b4d9-6fc0-43ae-a5d8-fd0eae3e454e,CN=Servers\0ADEL:20e21
6c7-04ff-428c-98c9-fb76cca96a05,CN=Portland\0ADEL:c4520924-a983-40ce-abc2-0fe006
1b1ae6,CN=Sites,CN=Configuration,DC=ccoffset,DC=local is the Infrastructure Upda
te Owner, but is deleted.
0
 

Author Comment

by:meteorman
ID: 35453224
The Server that I removed Was an Exchange server
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 35453739
perform this test:

DCdiag /test:FSMOs

I think that's the command.
0
 

Author Comment

by:meteorman
ID: 35453752
test not recognized
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 35453939
They say the memory is the second thing to go. I can't remember the first. Here is the proper command line.

DCdiag /test:Knowsofroleholders /v
0
 

Author Comment

by:meteorman
ID: 35454222
any recommendations

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator.CCOFFSET>DCdiag /test:Knowsofroleholders
 /v

Domain Controller Diagnosis

Performing initial setup:
   * Verifying that the local machine Branch1, is a DC.
   * Connecting to directory service on server Branch1.
   * Collecting site info.
   * Identifying all servers.
   * Identifying all NC cross-refs.
   * Found 1 DC(s). Testing 1 of them.
   Done gathering initial info.

Doing initial required tests

   Testing server: NYC\BRANCH1
      Starting test: Connectivity
         * Active Directory LDAP Services Check
         * Active Directory RPC Services Check
         ......................... BRANCH1 passed test Connectivity

Doing primary tests

   Testing server: NYC\BRANCH1
      Test omitted by user request: Replications
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Test omitted by user request: NCSecDesc
      Test omitted by user request: NetLogons
      Test omitted by user request: Advertising
      Starting test: KnowsOfRoleHolders
         Role Schema Owner = CN=NTDS Settings,CN=BRANCH1,CN=Servers,CN=NYC,CN=Si
tes,CN=Configuration,DC=ccoffset,DC=local
         Role Domain Owner = CN=NTDS Settings,CN=BRANCH1,CN=Servers,CN=NYC,CN=Si
tes,CN=Configuration,DC=ccoffset,DC=local
         Role PDC Owner = CN=NTDS Settings,CN=BRANCH1,CN=Servers,CN=NYC,CN=Sites
,CN=Configuration,DC=ccoffset,DC=local
         Role Rid Owner = CN=NTDS Settings,CN=BRANCH1,CN=Servers,CN=NYC,CN=Sites
,CN=Configuration,DC=ccoffset,DC=local
         Role Infrastructure Update Owner = CN=NTDS Settings\0ADEL:d64756b8-d94b
-4add-b0ae-a9bd5b4d9bf3,CN=W2K3-EXCHANGE\0ADEL:cf35b4d9-6fc0-43ae-a5d8-fd0eae3e4
54e,CN=Servers\0ADEL:20e216c7-04ff-428c-98c9-fb76cca96a05,CN=Portland\0ADEL:c452
0924-a983-40ce-abc2-0fe0061b1ae6,CN=Sites,CN=Configuration,DC=ccoffset,DC=local
         Warning: CN=NTDS Settings\0ADEL:d64756b8-d94b-4add-b0ae-a9bd5b4d9bf3,CN
=W2K3-EXCHANGE\0ADEL:cf35b4d9-6fc0-43ae-a5d8-fd0eae3e454e,CN=Servers\0ADEL:20e21
6c7-04ff-428c-98c9-fb76cca96a05,CN=Portland\0ADEL:c4520924-a983-40ce-abc2-0fe006
1b1ae6,CN=Sites,CN=Configuration,DC=ccoffset,DC=local is the Infrastructure Upda
te Owner, but is deleted.
         ......................... BRANCH1 failed test KnowsOfRoleHolders
      Test omitted by user request: RidManager
      Test omitted by user request: MachineAccount
      Test omitted by user request: Services
      Test omitted by user request: OutboundSecureChannels
      Test omitted by user request: ObjectsReplicated
      Test omitted by user request: frssysvol
      Test omitted by user request: frsevent
      Test omitted by user request: kccevent
      Test omitted by user request: systemlog
      Test omitted by user request: VerifyReplicas
      Test omitted by user request: VerifyReferences
      Test omitted by user request: VerifyEnterpriseReferences
      Test omitted by user request: CheckSecurityError

   Running partition tests on : ForestDnsZones
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running partition tests on : Schema
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running partition tests on : Configuration
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running partition tests on : ccoffset
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running enterprise tests on : ccoffset.local
      Test omitted by user request: Intersite
      Test omitted by user request: FsmoCheck
      Test omitted by user request: DNS
      Test omitted by user request: DNS

C:\Documents and Settings\Administrator.CCOFFSET>
0
 
LVL 39

Accepted Solution

by:
ChiefIT earned 2000 total points
ID: 35454367
OK, as suspected, you don't have control of the infrastructure master role.

You might be able to transfer via a GUI interface. It's a little easier to understand this way:

http://www.petri.co.il/transferring_fsmo_roles.htm

If the GUI doesn't work, then you need to get ahold of the infrastructure master role using the NTDSUTIL. In this case, you have to seize the role.

http://www.petri.co.il/seizing_fsmo_roles.htm
0
 

Author Comment

by:meteorman
ID: 35454414
Thanks Chief IT. I'll give it a go tomorrow.
0
 

Author Comment

by:meteorman
ID: 35460973
     Starting test: KnowsOfRoleHolders
         Warning: CN=NTDS Settings\0ADEL:d64756b8-d94b-4add-b0ae-a9bd5b4d9bf3,CN
=W2K3-EXCHANGE\0ADEL:cf35b4d9-6fc0-43ae-a5d8-fd0eae3e454e,CN=Servers\0ADEL:20e21
6c7-04ff-428c-98c9-fb76cca96a05,CN=Portland\0ADEL:c4520924-a983-40ce-abc2-0fe006
1b1ae6,CN=Sites,CN=Configuration,DC=ccoffset,DC=local is the Infrastructure Upda
te Owner, but is deleted.

is KnowsOfRoleHolders a role?
0
 

Author Comment

by:meteorman
ID: 35461155
it worked but I have another failed test

  Starting test: kccevent
         An Warning Event occured.  EventID: 0x8000072D
            Time Generated: 04/25/2011   13:09:06
            (Event String could not be retrieved)
         ......................... BRANCH1 failed test kccevent
0
 
LVL 1

Expert Comment

by:hangeles1
ID: 35471629
What event shows in event viewer for this?
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question