Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


DNS zone 'dissappeared'

Posted on 2013-05-17
Medium Priority
Last Modified: 2013-07-22

I had an issue where the DNS zone 'disappeared' from the network DNS and that change was replicated to all AD DNS servers.

I want to know if the two changes I made with regards to DNS would have done that.


HQDC01 & DC02 = Win2012
BRANCHDC01 = Win08R2

A branch DC/ DNS server was not replicating the netlogon folder, on HQDC01 I discovered that the branch DC was not replying to NetBIOS / FQDN pings but IP pings was fine. On the branch DC (connected to HQ via a firewall VPN)  the DC could not ping itself either.

I check the DNS resource A record. That was fine. THE DC was in the Name server tabs. I added in a second IP on the server and added in an A record and that pinged okay, I removed the second IP and the  record. IT had to be the A Record, So I deleted the A record of the Branch server and manually added it again. I pinged itself the NetBIOS replied okay but the FQDN replied with the wan IP of the site.
On the HQ servers the branch server now also replied with WAN IP on bother NETBIOS and FQDN names.
In the DNS manager on HQDC01 on the zone. I reloaded it, then went through the setting and saw that in the zone transfer tab it was unticked. I ticked it and selected to all in the named server tabs. I checked the other HQDC02 DNS server but when I clicked on the zone it would not expand and after a refresh of the console it was gone, then they same back on HQDC01. the branch server was fine. I stopped the DNS server and tried to copy the ..\\system32\dns folder in the fear that the missing zone with replicate to this server. IT did when I started the service again.

On the branch server the dns zone's .dns file was in the \dns folder but on the two HQ servers it was not. I copied the .dns folder to both their their \dns folder and recreated the zone and clicked on reload, but it did not repopulate. I then had to recreated some A host record of member servers and eventually it started to repopulate as Machines started to communicate with them.

QUESTION: Can the Removal of a DNS server's A host record do this or changing the Transfer Zone settings or both?


Question by:ggntt
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 41

Assisted Solution

footech earned 1500 total points
ID: 39175320
No.  Changing the Transfer Zone settings could affect a secondary zone but not a primary.
Are the zones set up as AD-integrated on all servers?
You may want to run dcdiag /v /test:dns and repadmin /showrepl on each of the machines.
Also, you might want to check out the article.  Duplicate zones could be a cause for the zones disappearing.

Author Comment

ID: 39185921
Hi footech

The two tests run fine now as I created a new zone.

Looking at the duplicate zones link. The zones that we 'had' where there for years. The 2012 Servers where live for about three weeks. Just trying to fine out what happened.

I have noticed that some of the member servers even though they detect the network location is a domain, it does not recognise it has internet, yet IE shows otherwise!


LVL 41

Accepted Solution

footech earned 1500 total points
ID: 39186194
See here for a good explanation of how the Network Connectivity Status Indicator works.

In case the link ever changes, here's the most relevant content.
Windows does indeed check a Microsoft site for connectivity, using the Network Connectivity Status Indicator site. There are a few variations of the connection checking process:
1.NCSI performs a DNS lookup on, then requests This file is a plain-text file and contains only the text Microsoft NCSI.
2.NCSI sends a DNS lookup request for This DNS address should resolve to If the address does not match, then it is assumed that the internet connection is not functioning correctly.

The exact sequence of when which test is run is not documented; however, a little bit of digging around with a packet sniffing tool like Wireshark reveals some info. It appears that on any connection, the first thing NCSI does is requests the text file (step 1 above). NCSI expects a 200 OK response header with the proper text returned. If the response is never received, or if there is a redirect, then a DNS request for is made. If DNS resolves properly but the page is inaccessible, then it is assumed that there is a working internet connection, but an in-browser authentication page is blocking access to the file. This results in the pop-up balloon above. If DNS resolution fails or returns the wrong address, then it is assumed that the internet connection is completely unsuccessful, and the “no internet access” error is shown.

The order of events appears to be slightly different depending on whether the wireless network is saved, has been connected to before even if it is not in the saved connections list, and possibly depending on the encryption type. The DNS and HTTP requests and responses showing up in Wireshark were not always consistent, even connecting to the same network, so it’s not entirely clear what causes different methods of detection under different scenarios.

Author Comment

ID: 39344145
I have given up on this. Not because of lack of answers, but because the customers has not pushed for an answer.

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Here's a look at newsworthy articles and community happenings during the last month.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question