smeek
asked on
New 2008 R2 DNS can't be connected to from remote server
New 2008 R2 DNS in Windows 2003 domain. Servers have all three IPs on DNS NIC properties. All show in sites and services and replication works between 3 DCS. DNS server properties allows all server to do Zone Transfer.
When I try to connect from W2K3 DNS to W2K8, dialog returns Access Denied. Any suggestions to correct. I did adjust hosts file and reboot after verifying loopback in place.
When I try to connect from W2K3 DNS to W2K8, dialog returns Access Denied. Any suggestions to correct. I did adjust hosts file and reboot after verifying loopback in place.
ASKER
This is a new 2008 DC in a 2003 domain. I think the issue is related to duplicate DNS but when I check for duplicates using ADSIedit, I do not see any duplicates.
Followed this article.
http://msmvps.com/blogs/acefekay/archive/2009/09/02/using-adsi-edit-to-resolve-conflicting-or-duplicate-ad-integrated-dns-zones.aspx
I do get the same symptoms about name limit on server and no sysvol shares on new DC.
Anyone, anyone, anyone....
Followed this article.
http://msmvps.com/blogs/acefekay/archive/2009/09/02/using-adsi-edit-to-resolve-conflicting-or-duplicate-ad-integrated-dns-zones.aspx
I do get the same symptoms about name limit on server and no sysvol shares on new DC.
Anyone, anyone, anyone....
I don't understand what your original question is asking. Can you please describe it again? Where are you seeing "Access Denied"?
Restart your 2008 server. Does the 4515 error appear again? If not then the condition may have been transient. Otherwise, revisit using ADSI Edit to check for the duplicate zone. If you have one called "FWZNT.COM" under both CN=MicrosoftDNS,CN=System, DC=yourdom ain,DC=com and CN=MicrosoftDNS,DC=DomainD nsZones,DC =yourdomai n,DC=com then you need to delete one.
Restart your 2008 server. Does the 4515 error appear again? If not then the condition may have been transient. Otherwise, revisit using ADSI Edit to check for the duplicate zone. If you have one called "FWZNT.COM" under both CN=MicrosoftDNS,CN=System,
ASKER
I restarted and have same issue including 4515 error.
Does it matter which one gets deleted?
Does it matter which one gets deleted?
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
The zone fwznt.com was previously loaded from the directory partition MicrosoftDNS but another copy of the zone has been found in directory partition DomainDnsZones.FWZNT.COM. The DNS Server will ignore this new copy of the zone. Please resolve this conflict as soon as possible.
If an administrator has moved this zone from one directory partition to another this may be a harmless transient condition. In this case, no action is necessary. The deletion of the original copy of the zone should soon replicate to this server.
If there are two copies of this zone in two different directory partitions but this is not a transient caused by a zone move operation then one of these copies should be deleted as soon as possible to resolve this conflict.
To change the replication scope of an application directory partition containing DNS zones and for more details on storing DNS zones in the application directory partitions, please see Help