Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

DNS Errors microsoft enviroment Health scanner after server DC demote.

Posted on 2012-03-11
4
Medium Priority
?
578 Views
Last Modified: 2012-08-06
Hi All,

I recentely demoted one of domain controllers and started receiving the following error message when running the microsoft enviroment Health scanner. Error is repeated for all Domain Controllers in my sites.


ERROR: DNS delegation for the domain.local zone on the SERVER1.domain.local server could not be verified as functioning correctly.

Number of DC's = 7.
1 per site excpect main site has 2.
there are 5 DC's that are windwos 2008 R2 and 2 that are windows 2003 STD.

Old server was a Windows 2003 STD server based in the main office. i moved all server roles off this server and located it onto the other 2 DC's in the main site.

Replication seems to be working correctly between Domain controllers. DNS is active Directory intergated. Domain level is Windows Server 2003. As mentioned this only occured once i demoted the one domain controller. i also removed the CA server from this domain controller prior to demoting the server. following the following removal instructions from Microsoft . http://support.microsoft.com/kb/555151 (Ran the Health check tool after this and no errors like this appear.

Site 1. 10.20.20..0/24
Site 2. 192.168.4.0
Site 3. 192.168.5.0
Site 4. 192.168.9.0
Site 5. 192.168.8.0


Any help will be great.
0
Comment
Question by:gwenossis
  • 3
4 Comments
 
LVL 8

Expert Comment

by:barrykfl
ID: 37708656
is it master role or global catalog ?
0
 

Author Comment

by:gwenossis
ID: 37708674
One of my active Domain controllers hold the Master role and all DC's are Global Catalog servers. Not sure what your asking in regards to "is it master role or global catalog ?"
0
 

Accepted Solution

by:
gwenossis earned 0 total points
ID: 37708725
Problem Solved, I had to manually remove the old NS server record from the
Domain.local
_msdcs Folder
I Removed the old record and inserted a new NS server and ran the tests again and it worked.
0
 

Author Closing Comment

by:gwenossis
ID: 38261286
microsoft site helped
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question