Link to home
Create AccountLog in
Avatar of smeek
smeekFlag for United States of America

asked on

New 2008 R2 DNS can't be connected to from remote server

New 2008 R2 DNS in Windows 2003 domain. Servers have all three IPs on DNS NIC properties. All show in sites and services and replication works between 3 DCS. DNS server properties allows all server to do Zone Transfer.

When I try to connect from W2K3 DNS to W2K8, dialog returns Access Denied. Any suggestions to correct. I did adjust hosts file and reboot after verifying loopback in place.
Avatar of smeek
smeek
Flag of United States of America image

ASKER

New DNS server event log shows Event 4515 for DNS.



The zone fwznt.com was previously loaded from the directory partition MicrosoftDNS but another copy of the zone has been found in directory partition DomainDnsZones.FWZNT.COM. The DNS Server will ignore this new copy of the zone. Please resolve this conflict as soon as possible.
 
If an administrator has moved this zone from one directory partition to another this may be a harmless transient condition. In this case, no action is necessary. The deletion of the original copy of the zone should soon replicate to this server.
 
If there are two copies of this zone in two different directory partitions but this is not a transient caused by a zone move operation then one of these copies should be deleted as soon as possible to resolve this conflict.
 
To change the replication scope of an application directory partition containing DNS zones and for more details on storing DNS zones in the application directory partitions, please see Help
Avatar of smeek

ASKER

This is a new 2008 DC in a 2003 domain. I think the issue is related to duplicate DNS but when I check for duplicates using ADSIedit, I do not see any duplicates.

Followed this article.
http://msmvps.com/blogs/acefekay/archive/2009/09/02/using-adsi-edit-to-resolve-conflicting-or-duplicate-ad-integrated-dns-zones.aspx

I do get the same symptoms about name limit on server and no sysvol shares on new DC.

Anyone, anyone, anyone....
Avatar of footech
I don't understand what your original question is asking.  Can you please describe it again?  Where are you seeing "Access Denied"?

Restart your 2008 server.  Does the 4515 error appear again?  If not then the condition may have been transient.  Otherwise, revisit using ADSI Edit to check for the duplicate zone.  If you have one called "FWZNT.COM" under both CN=MicrosoftDNS,CN=System,DC=yourdomain,DC=com and CN=MicrosoftDNS,DC=DomainDnsZones,DC=yourdomain,DC=com then you need to delete one.
Avatar of smeek

ASKER

I restarted and have same issue including 4515 error.

Does it matter which one gets deleted?
ASKER CERTIFIED SOLUTION
Avatar of footech
footech
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer